This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft File: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft (raw, json) Hash identifier: CsvS2OzUcnhTHgbuNrcJFOhmYswzlDiQgxWyX4wxxK8= Subject key identifier: BC:DC:DF:5E:6E:F4:13:34:CC:48:E1:A9:1E:F0:9C:31:46:C5:4B:8F Authority key identifier: DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D Certificate issuer: /CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d Certificate serial: 019AF209665E9A07558D28A2CD85D4E41CFA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft Manifest number: 1072 Signing time: Sat 06 Dec 2025 05:01:33 +0000 Manifest this update: Sat 06 Dec 2025 05:01:33 +0000 Manifest next update: Sun 07 Dec 2025 05:01:33 +0000 Files and hashes: 1: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl (hash: 1FlVhaM07Tg1qDEPbAw26vmDXgQRmVodakMx1WmB494=) 2: fvccoh-XRGUydolEQwVKUg__llM.roa (hash: MESTegxG3uX73jrknXUqcZY7a9Gll4oI6clWX78ISS8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:66:5e:9a:07:55:8d:28:a2:cd:85:d4:e4:1c:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d Validity Not Before: Dec 6 05:01:33 2025 GMT Not After : Dec 7 05:01:33 2025 GMT Subject: CN=bcdcdf5e6ef41334cc48e1a91ef09c3146c54b8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:76:0b:ab:49:27:0f:75:ae:9b:fc:ca:d4:d9: 1f:b4:2e:e2:6e:e4:15:0e:36:16:56:99:42:56:9b: 9b:11:20:57:80:f8:4f:41:a0:a6:6c:48:fb:75:c1: b1:6a:0e:ad:ad:5f:18:9b:74:3e:8e:ba:eb:55:c9: 0c:ee:7b:6c:17:7c:80:de:fc:c5:f9:f3:c5:05:2e: 41:24:cb:a8:53:99:c3:83:49:95:b4:2a:15:39:dc: 9d:43:fd:0f:2a:6d:a9:ce:a9:d8:a9:b1:19:de:1d: 0c:aa:eb:1a:d1:13:c9:d9:70:cb:12:ab:44:81:20: 0c:86:e7:1e:50:d6:40:dc:42:17:a2:b2:27:e0:14: 2b:b3:60:c6:6f:d9:be:06:07:7f:4f:61:18:45:9b: 69:e6:71:2f:f0:1c:57:13:bb:5b:e1:1a:83:68:ef: 4b:14:0b:97:c9:82:d3:2b:20:08:17:bc:1f:24:9f: aa:73:4f:fb:40:86:35:3b:71:56:49:5f:ba:5d:94: 0a:e0:f0:b6:01:be:a7:0a:16:d0:7b:0d:9b:d7:8d: ba:bf:57:26:98:a7:fa:fc:7c:53:b4:71:f7:dd:46: 22:b7:55:cd:a9:50:eb:d5:17:6e:84:b5:03:32:c6: a7:29:9a:4b:f7:cf:fd:21:7a:49:ac:6f:86:23:a3: 77:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:DC:DF:5E:6E:F4:13:34:CC:48:E1:A9:1E:F0:9C:31:46:C5:4B:8F X509v3 Authority Key Identifier: keyid:DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:f3:32:03:0e:66:30:c2:11:0a:eb:50:43:ad:6c:e0:d4:b7: 7e:f2:4a:b8:c9:1e:2b:14:11:00:1c:03:76:43:08:a9:38:a8: 27:31:1c:ce:8e:e6:2a:1a:38:98:8f:23:3a:5e:49:23:55:a1: 13:2d:f4:da:d7:16:e1:d3:df:17:8f:ca:1f:65:90:e4:f8:73: 7e:1e:c6:87:f8:bd:3f:b0:ef:18:12:66:f2:9c:7f:4e:f5:8a: 19:cc:dc:b3:16:22:40:ee:f2:cd:09:96:33:df:83:ca:28:d1: 0d:72:57:92:a5:76:b2:b2:8f:2d:ae:7e:00:36:32:c9:d5:07: 2c:95:fc:c1:42:a3:3f:ac:96:56:2c:38:bf:6f:0e:71:8e:40: 60:1f:fb:21:74:c2:ca:bc:07:00:9f:29:ad:62:23:c2:9c:92: 70:96:e9:92:86:59:dc:95:71:eb:e9:71:34:d9:7d:d0:d7:ef: 47:27:a2:24:7c:73:a4:19:34:d3:95:cf:43:97:e1:20:a2:75: 33:b3:ca:05:ba:4e:db:4e:5c:6b:48:2c:7c:e5:de:56:d1:90: c0:b3:5f:eb:29:ef:f8:9b:5c:51:67:f0:70:32:30:29:81:9d: 28:f5:49:58:86:68:1b:00:29:df:ad:c8:27:73:71:22:78:83: a4:27:96:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCWZemgdVjSiizYXU5Bz6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOTBkMDRiZjU3ZmE0ODY4ZTY5OTk3YzgzYjNhZDc3MWZk NTBhOWQwHhcNMjUxMjA2MDUwMTMzWhcNMjUxMjA3MDUwMTMzWjAzMTEwLwYDVQQD EyhiY2RjZGY1ZTZlZjQxMzM0Y2M0OGUxYTkxZWYwOWMzMTQ2YzU0YjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnYLq0knD3Wum/zK1NkftC7ibuQV DjYWVplCVpubESBXgPhPQaCmbEj7dcGxag6trV8Ym3Q+jrrrVckM7ntsF3yA3vzF +fPFBS5BJMuoU5nDg0mVtCoVOdydQ/0PKm2pzqnYqbEZ3h0Mqusa0RPJ2XDLEqtE gSAMhuceUNZA3EIXorIn4BQrs2DGb9m+Bgd/T2EYRZtp5nEv8BxXE7tb4RqDaO9L FAuXyYLTKyAIF7wfJJ+qc0/7QIY1O3FWSV+6XZQK4PC2Ab6nChbQew2b1426v1cm mKf6/HxTtHH33UYit1XNqVDr1RduhLUDMsanKZpL98/9IXpJrG+GI6N3vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLzc315u9BM0zEjhqR7wnDFGxUuPMB8GA1UdIwQY MBaAFNqQ0Ev1f6SGjmmZfIOzrXcf1QqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgt NTFhZDljMzgyYThkLzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgtNTFhZDljMzgyYThk LzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/MyAw5m MMIRCutQQ61s4NS3fvJKuMkeKxQRABwDdkMIqTioJzEczo7mKho4mI8jOl5JI1Wh Ey302tcW4dPfF4/KH2WQ5Phzfh7Gh/i9P7DvGBJm8px/TvWKGczcsxYiQO7yzQmW M9+DyijRDXJXkqV2srKPLa5+ADYyydUHLJX8wUKjP6yWViw4v28OcY5AYB/7IXTC yrwHAJ8prWIjwpyScJbpkoZZ3JVx6+lxNNl90NfvRyeiJHxzpBk005XPQ5fhIKJ1 M7PKBbpO205ca0gsfOXeVtGQwLNf6ynv+JtcUWfwcDIwKYGdKPVJWIZoGwAp363I J3NxIniDpCeW7w== -----END CERTIFICATE-----Generated at Sat Dec 6 13:08:06 2025 by rpki-client