This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft File: 2GucF3igUp7n4jIAPL5cmTw2_ds.mft (raw, json) Hash identifier: ErCqE02msoZHjHdoTDrsGaDpNv/PqNjwq6VZOcD2U1I= Subject key identifier: 10:A0:31:12:4C:7F:9E:66:8E:87:24:45:35:B5:4B:4E:D4:9A:1B:3A Authority key identifier: D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB Certificate issuer: /CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Certificate serial: 019AF352804DE53C1F897456C8604C8984B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft Manifest number: 04C2 Signing time: Sat 06 Dec 2025 11:01:01 +0000 Manifest this update: Sat 06 Dec 2025 11:01:01 +0000 Manifest next update: Sun 07 Dec 2025 11:01:01 +0000 Files and hashes: 1: 2GucF3igUp7n4jIAPL5cmTw2_ds.crl (hash: wmaccrm/78CzkcTLEBUmBp6GzvVWfuyqjrnGJl7IG6M=) 2: xaTFNHvIwGFGt2nvvisSJGJJn1U.roa (hash: dncutlGZCp4ijfHdULe589Ce9+6dKbRvNV71t7mvtSc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:80:4d:e5:3c:1f:89:74:56:c8:60:4c:89:84:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Validity Not Before: Dec 6 11:01:01 2025 GMT Not After : Dec 7 11:01:01 2025 GMT Subject: CN=10a031124c7f9e668e87244535b54b4ed49a1b3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:c9:56:d7:a3:49:3c:01:50:b5:3a:64:7f:fa: a3:37:b7:61:cd:98:08:4f:ae:b2:af:bd:d6:67:fd: e3:37:e8:ef:fb:f1:f4:13:70:c3:c1:ba:55:fd:5d: 42:cb:e9:05:48:d1:83:8a:cf:e2:33:94:da:d4:2b: 51:46:f5:65:b6:9d:da:73:45:eb:bc:14:42:24:7e: ce:73:80:04:64:d5:dc:4c:0c:0e:90:58:4e:ff:fd: a5:61:0b:f6:5b:62:2a:e5:84:42:a3:f3:f0:7f:08: 6a:54:93:98:d3:93:71:35:13:f1:dd:8d:77:0f:5f: 3a:48:e8:6b:92:3a:44:62:a4:ab:c9:7f:b9:39:a3: 42:4b:97:a8:47:af:f8:65:bb:75:7f:ab:c1:1c:d4: b9:72:19:66:78:de:9d:59:d8:6d:55:55:17:fa:ae: 6c:e4:5a:52:c8:e4:25:b4:93:00:f8:38:7f:75:1a: 8e:7b:ee:32:07:b4:c2:6c:99:29:b6:5f:32:b3:c1: 9a:fa:50:72:3e:b8:aa:93:10:f6:bc:1f:b4:ae:bc: b4:52:40:12:8e:04:97:c1:ac:04:0c:c2:34:ce:35: c9:11:8b:61:71:61:76:16:cd:9c:3f:79:17:b3:62: b3:da:2d:77:95:d3:e7:34:13:da:18:5c:f3:e6:a4: 6a:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:A0:31:12:4C:7F:9E:66:8E:87:24:45:35:B5:4B:4E:D4:9A:1B:3A X509v3 Authority Key Identifier: keyid:D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:5d:ce:be:e8:17:9b:2d:c9:9f:82:b8:d0:31:a7:3d:6d:6e: 09:32:48:35:42:80:a8:eb:93:1a:c6:3d:f3:4b:fa:4b:cc:a7: 78:72:f7:75:f7:85:fd:37:25:b7:5a:55:4a:d7:64:e0:a3:2c: cc:d5:da:9a:e9:78:e5:1b:8f:a8:1b:e1:15:62:db:b7:3d:94: b5:9b:51:ff:fb:e5:ff:25:46:9c:59:52:34:aa:61:d7:10:3e: c1:5b:24:e0:bd:9c:20:b9:7c:93:76:da:0a:c6:d6:38:bb:42: c7:ef:a2:44:a4:34:3f:4c:28:dc:15:77:79:71:ca:8d:5f:04: a0:a6:fa:5d:bd:ce:b7:99:b3:9b:1e:bb:1b:ae:05:11:06:ed: 74:30:e2:42:4f:f9:7c:f4:e3:06:e6:4a:d6:f8:bf:2e:ec:75: 6e:a1:c5:54:3e:e8:f1:79:20:4c:bf:28:e3:5c:74:7b:e2:8f: 29:46:ab:99:8a:58:9c:27:d5:55:6e:24:b4:90:ee:78:3f:ba: 7a:7c:71:64:3c:0a:c2:37:52:c6:aa:29:ba:7f:1e:8f:7c:3e: 09:3b:fc:8c:43:16:92:08:31:50:63:ea:f8:55:43:0d:9c:c1: bc:75:3f:16:d5:a8:bc:ba:c4:e1:16:15:d1:06:d5:b5:40:aa: 0e:02:58:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUoBN5TwfiXRWyGBMiYSxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NmI5YzE3NzhhMDUyOWVlN2UyMzIwMDNjYmU1Yzk5M2Mz NmZkZGIwHhcNMjUxMjA2MTEwMTAxWhcNMjUxMjA3MTEwMTAxWjAzMTEwLwYDVQQD EygxMGEwMzExMjRjN2Y5ZTY2OGU4NzI0NDUzNWI1NGI0ZWQ0OWExYjNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtslW16NJPAFQtTpkf/qjN7dhzZgI T66yr73WZ/3jN+jv+/H0E3DDwbpV/V1Cy+kFSNGDis/iM5Ta1CtRRvVltp3ac0Xr vBRCJH7Oc4AEZNXcTAwOkFhO//2lYQv2W2Iq5YRCo/PwfwhqVJOY05NxNRPx3Y13 D186SOhrkjpEYqSryX+5OaNCS5eoR6/4Zbt1f6vBHNS5chlmeN6dWdhtVVUX+q5s 5FpSyOQltJMA+Dh/dRqOe+4yB7TCbJkptl8ys8Ga+lByPriqkxD2vB+0rry0UkAS jgSXwawEDMI0zjXJEYthcWF2Fs2cP3kXs2Kz2i13ldPnNBPaGFzz5qRqiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBCgMRJMf55mjockRTW1S07Umhs6MB8GA1UdIwQY MBaAFNhrnBd4oFKe5+IyADy+XJk8Nv3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQt YTgwYTk1ZTVhMDk5LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQtYTgwYTk1ZTVhMDk5 LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT13OvugX my3Jn4K40DGnPW1uCTJINUKAqOuTGsY980v6S8yneHL3dfeF/Tclt1pVStdk4KMs zNXamul45RuPqBvhFWLbtz2UtZtR//vl/yVGnFlSNKph1xA+wVsk4L2cILl8k3ba CsbWOLtCx++iRKQ0P0wo3BV3eXHKjV8EoKb6Xb3Ot5mzmx67G64FEQbtdDDiQk/5 fPTjBuZK1vi/Lux1bqHFVD7o8XkgTL8o41x0e+KPKUarmYpYnCfVVW4ktJDueD+6 enxxZDwKwjdSxqopun8ej3w+CTv8jEMWkggxUGPq+FVDDZzBvHU/FtWovLrE4RYV 0QbVtUCqDgJYEg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:41:24 2025 by rpki-client