This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json) Hash identifier: q4M9cwYJ99gk29hQlGL+ytX0ETuuB0t7+UNVlgD9K54= Subject key identifier: F6:C2:E6:18:7A:44:AC:6C:B4:14:02:7A:DB:D2:A4:18:3C:49:20:2E Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61 Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61 Certificate serial: 019AF3520A34B7E601927878ECE1690579BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft Manifest number: 1767 Signing time: Sat 06 Dec 2025 11:00:31 +0000 Manifest this update: Sat 06 Dec 2025 11:00:31 +0000 Manifest next update: Sun 07 Dec 2025 11:00:31 +0000 Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: VmQtwIhdYPRONG5Z7HdaFDsAi2KFq6zLXXnQRCtZmN4=) 2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:0a:34:b7:e6:01:92:78:78:ec:e1:69:05:79:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61 Validity Not Before: Dec 6 11:00:31 2025 GMT Not After : Dec 7 11:00:31 2025 GMT Subject: CN=f6c2e6187a44ac6cb414027adbd2a4183c49202e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:11:69:ff:62:b8:ee:d9:9d:e3:2a:7d:aa:4c: 79:2f:61:b4:bf:88:f7:4a:a4:78:05:3f:de:68:16: 4e:38:81:47:f1:1f:3f:23:bb:3e:c2:49:9a:bf:bb: 06:d0:85:a9:bd:6b:7c:9a:eb:b3:6b:dd:43:21:cc: 4b:a7:ce:c3:bd:d9:63:69:da:8d:d3:32:74:07:20: 44:db:60:cb:0e:a6:6c:ef:99:39:22:ba:9a:87:ba: 8a:bd:c7:a9:dc:8c:76:2b:59:af:14:fe:69:27:fc: ad:19:21:99:b4:05:30:00:de:a8:21:87:9a:d2:7c: 47:ca:9a:50:48:1d:fe:22:9f:e3:5a:78:dc:d7:a1: de:d5:de:2f:12:d0:b3:48:ea:ac:d4:5d:d9:e9:9a: 06:06:27:d4:0c:c6:6d:cc:ab:a1:73:db:a4:82:1d: ec:a7:67:40:c5:5e:58:6f:e0:28:86:62:00:c6:fa: 23:ef:25:3d:bb:c8:d8:c6:67:aa:08:c9:9d:64:8c: a1:93:85:e3:71:ab:55:29:46:d8:7d:59:d6:47:ce: ca:79:b3:60:8b:bc:69:ad:71:38:76:81:b5:78:75: d8:92:f0:2b:85:fc:67:d2:8f:c8:44:f6:65:c7:83: 3f:52:70:ea:b3:c3:4e:b9:5f:a9:16:64:20:f0:48: 32:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C2:E6:18:7A:44:AC:6C:B4:14:02:7A:DB:D2:A4:18:3C:49:20:2E X509v3 Authority Key Identifier: keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:10:33:42:7d:8c:97:07:6a:fb:e6:d0:a1:1e:69:5c:cf:e5: 0a:ea:fc:16:d6:ca:86:1a:a2:54:53:df:4b:f5:0f:0d:bb:41: 32:5f:c0:2b:8b:79:74:bc:3f:83:74:5b:6a:18:1e:69:cc:b0: 18:c2:db:24:89:22:06:13:0d:d2:4c:77:a0:03:cf:f5:dc:da: dd:70:6a:80:73:aa:26:dc:46:ae:af:b1:05:1e:bc:a7:ed:2c: 7d:ed:b4:aa:05:63:a4:b7:35:ce:bb:59:54:27:4d:3e:1a:ab: 78:9d:e1:c1:c4:6f:c9:a0:84:ab:b0:ee:cf:db:c3:57:1e:7e: 7c:61:44:9b:fc:d9:0a:45:7f:a6:9b:b0:9b:09:f2:05:c9:2a: 30:5b:65:82:17:cb:9a:5d:02:53:47:18:ae:e0:ff:45:dc:d8: af:ea:76:36:23:4f:48:01:94:42:32:b2:da:a9:cd:06:dc:5f: fd:a9:cf:71:ce:76:d9:c7:ee:cd:56:f2:b2:e6:8b:be:9c:06: 9f:96:7f:b9:07:56:f6:aa:a4:4e:40:16:c9:20:1e:36:8f:11: 05:58:c9:ba:bd:44:d6:6c:77:d9:7a:33:e5:32:ca:9f:5f:0e: 08:a4:a2:0c:46:f9:0d:c7:c9:83:a0:c5:02:49:09:37:a7:c6: d6:d2:c7:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUgo0t+YBknh47OFpBXm/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3 YjJjNjEwHhcNMjUxMjA2MTEwMDMxWhcNMjUxMjA3MTEwMDMxWjAzMTEwLwYDVQQD EyhmNmMyZTYxODdhNDRhYzZjYjQxNDAyN2FkYmQyYTQxODNjNDkyMDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxFp/2K47tmd4yp9qkx5L2G0v4j3 SqR4BT/eaBZOOIFH8R8/I7s+wkmav7sG0IWpvWt8muuza91DIcxLp87DvdljadqN 0zJ0ByBE22DLDqZs75k5Irqah7qKvcep3Ix2K1mvFP5pJ/ytGSGZtAUwAN6oIYea 0nxHyppQSB3+Ip/jWnjc16He1d4vEtCzSOqs1F3Z6ZoGBifUDMZtzKuhc9ukgh3s p2dAxV5Yb+AohmIAxvoj7yU9u8jYxmeqCMmdZIyhk4XjcatVKUbYfVnWR87KebNg i7xprXE4doG1eHXYkvArhfxn0o/IRPZlx4M/UnDqs8NOuV+pFmQg8Egy7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPbC5hh6RKxstBQCetvSpBg8SSAuMB8GA1UdIwQY MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexAzQn2M lwdq++bQoR5pXM/lCur8FtbKhhqiVFPfS/UPDbtBMl/AK4t5dLw/g3Rbahgeacyw GMLbJIkiBhMN0kx3oAPP9dza3XBqgHOqJtxGrq+xBR68p+0sfe20qgVjpLc1zrtZ VCdNPhqreJ3hwcRvyaCEq7Duz9vDVx5+fGFEm/zZCkV/ppuwmwnyBckqMFtlghfL ml0CU0cYruD/RdzYr+p2NiNPSAGUQjKy2qnNBtxf/anPcc522cfuzVbysuaLvpwG n5Z/uQdW9qqkTkAWySAeNo8RBVjJur1E1mx32Xoz5TLKn18OCKSiDEb5DcfJg6DF AkkJN6fG1tLHuA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:39:24 2025 by rpki-client