This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft File: 2fhm-wqoOicaDLfckDAYjInSPl0.mft (raw, json) Hash identifier: sMJg/jhOGMM+1yT+iJsGQxSyGeIXu4QDDsWgozcRjko= Subject key identifier: 04:87:22:73:76:DD:B2:C7:79:5A:E3:AB:83:D4:B3:50:45:BD:F3:8B Authority key identifier: D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D Certificate issuer: /CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d Certificate serial: 019AF2E45949604A52D9916EAE06DD44DB2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 09:00:42 +0000 Manifest this update: Sat 06 Dec 2025 09:00:42 +0000 Manifest next update: Sun 07 Dec 2025 09:00:42 +0000 Files and hashes: 1: 2fhm-wqoOicaDLfckDAYjInSPl0.crl (hash: FHVwIiC7vAocVyfIJQL8nxw8N2RzPEFVt0/Rq0sFfxU=) 2: tzlp2jqFOd0_jBubUJxxkLqieDw.roa (hash: ax6nyhwBpkZjlZ25g9yNsNeKB7E3cmdhcCwA4m5T2eA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:59:49:60:4a:52:d9:91:6e:ae:06:dd:44:db:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d Validity Not Before: Dec 6 09:00:42 2025 GMT Not After : Dec 7 09:00:42 2025 GMT Subject: CN=0487227376ddb2c7795ae3ab83d4b35045bdf38b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ae:ed:8c:a9:b4:03:57:ac:86:66:91:58:a9: 9a:a9:a3:fd:0e:b4:d7:35:f7:ab:dd:e8:92:cc:23: 64:52:49:06:b1:3f:b0:3b:87:6f:ad:71:de:58:fc: 12:d2:0c:c9:d7:d9:03:0c:4c:03:be:f6:0c:bb:fc: 2b:61:92:2f:e8:42:eb:fc:5c:1a:9f:5f:4d:a3:4c: 72:9a:52:d5:4d:16:90:10:9f:15:51:7e:bb:7e:03: 0d:a5:df:7d:3d:a8:0f:10:d5:2c:e9:33:c0:36:29: 67:ab:6c:f9:46:60:cb:88:92:be:e0:8c:9a:e3:c7: 15:23:34:69:56:42:3a:09:e5:d9:35:4f:4a:00:e6: 5a:7d:99:1e:6b:70:09:cf:1e:b6:19:a1:db:74:75: d4:9c:52:ed:0b:95:4b:2a:cf:8f:8e:b1:7d:72:54: 1a:14:aa:55:47:24:9a:f2:6e:23:57:60:53:d0:16: ab:24:73:ea:4b:c0:46:b5:50:3c:41:ba:7d:b4:fb: 97:7f:65:7e:0e:50:a7:ae:2f:d7:44:ea:70:de:90: 73:ec:1a:f3:be:c1:3b:fd:6b:29:35:5a:61:fd:bf: ad:e9:fd:f6:b3:e1:df:82:30:d0:7a:67:50:a9:66: b1:63:ef:f8:64:0a:55:93:3f:6c:ee:49:e8:f1:f6: 6e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:87:22:73:76:DD:B2:C7:79:5A:E3:AB:83:D4:B3:50:45:BD:F3:8B X509v3 Authority Key Identifier: keyid:D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:ac:84:95:3c:16:73:e2:3c:7a:6d:f9:14:43:5c:5f:76:60: a6:37:a8:73:5f:26:dd:6e:10:f4:32:74:7f:2b:bb:a6:29:d3: 18:09:6e:f0:b3:df:3a:dc:8b:e5:3f:ba:19:7c:6e:8a:76:86: be:f3:ed:23:65:37:de:c1:50:e8:4f:31:31:ce:f0:eb:5f:31: 19:2f:37:35:fc:0e:00:3e:08:cf:18:31:b1:4e:7d:fe:67:04: 33:d2:fa:b8:aa:76:a4:8b:0b:14:7c:78:86:f0:f5:c5:6a:7a: 2d:1d:ee:c8:69:e8:97:c1:e0:11:17:bb:ea:3b:bb:6a:54:4b: d3:12:c9:f8:a7:4e:19:e5:95:70:5f:57:80:6a:07:51:5f:35: a2:3e:27:bf:21:f3:15:36:5a:e9:54:a5:50:da:55:7e:65:3b: ed:0a:de:7c:d6:12:6c:9f:70:dc:a4:ae:c2:05:ed:d6:5f:11: c0:86:1b:d6:c8:6a:fc:8d:2e:e9:86:b8:c8:ab:47:a8:c3:c7: b2:61:39:b4:ab:1e:71:54:ab:60:94:51:d1:a7:b7:db:e6:63: 9e:a4:11:ed:e0:22:bb:0c:6b:44:a2:fc:87:b0:05:94:7f:83: 37:85:83:07:58:a9:87:30:32:85:72:d2:00:07:24:fa:4d:38: 1a:bd:9c:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5FlJYEpS2ZFurgbdRNsqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5Zjg2NmZiMGFhODNhMjcxYTBjYjdkYzkwMzAxODhjODlk MjNlNWQwHhcNMjUxMjA2MDkwMDQyWhcNMjUxMjA3MDkwMDQyWjAzMTEwLwYDVQQD EygwNDg3MjI3Mzc2ZGRiMmM3Nzk1YWUzYWI4M2Q0YjM1MDQ1YmRmMzhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt67tjKm0A1eshmaRWKmaqaP9DrTX Nfer3eiSzCNkUkkGsT+wO4dvrXHeWPwS0gzJ19kDDEwDvvYMu/wrYZIv6ELr/Fwa n19No0xymlLVTRaQEJ8VUX67fgMNpd99PagPENUs6TPANilnq2z5RmDLiJK+4Iya 48cVIzRpVkI6CeXZNU9KAOZafZkea3AJzx62GaHbdHXUnFLtC5VLKs+PjrF9clQa FKpVRySa8m4jV2BT0BarJHPqS8BGtVA8Qbp9tPuXf2V+DlCnri/XROpw3pBz7Brz vsE7/WspNVph/b+t6f32s+HfgjDQemdQqWaxY+/4ZApVkz9s7kno8fZuNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFASHInN23bLHeVrjq4PUs1BFvfOLMB8GA1UdIwQY MBaAFNn4ZvsKqDonGgy33JAwGIyJ0j5dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYt NWMxZDVhNjk5MmQ4LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYtNWMxZDVhNjk5MmQ4 LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqyElTwW c+I8em35FENcX3Zgpjeoc18m3W4Q9DJ0fyu7pinTGAlu8LPfOtyL5T+6GXxuinaG vvPtI2U33sFQ6E8xMc7w618xGS83NfwOAD4IzxgxsU59/mcEM9L6uKp2pIsLFHx4 hvD1xWp6LR3uyGnol8HgERe76ju7alRL0xLJ+KdOGeWVcF9XgGoHUV81oj4nvyHz FTZa6VSlUNpVfmU77QrefNYSbJ9w3KSuwgXt1l8RwIYb1shq/I0u6Ya4yKtHqMPH smE5tKsecVSrYJRR0ae32+ZjnqQR7eAiuwxrRKL8h7AFlH+DN4WDB1iphzAyhXLS AAck+k04Gr2c1w== -----END CERTIFICATE-----Generated at Sat Dec 6 13:14:38 2025 by rpki-client