This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft File: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json) Hash identifier: 56PTIbdkugZhbL15ZUqp7mIUHlfp9uVZ+oCOQjsE72M= Subject key identifier: C4:A8:2A:92:05:D3:D6:74:F5:28:3B:B9:12:D4:05:C4:8F:08:6C:8E Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F Certificate issuer: /CN=b56daa6f850414a13f650df094506628a46dc12f Certificate serial: 019AF276607C3B3CD007F2581D0F46C7666D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft Manifest number: 125D Signing time: Sat 06 Dec 2025 07:00:35 +0000 Manifest this update: Sat 06 Dec 2025 07:00:35 +0000 Manifest next update: Sun 07 Dec 2025 07:00:35 +0000 Files and hashes: 1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: J8XEXrOILtf8zw2tsRDtB3DBWLfyuwAv5u9nZ9qvr3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:60:7c:3b:3c:d0:07:f2:58:1d:0f:46:c7:66:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f Validity Not Before: Dec 6 07:00:35 2025 GMT Not After : Dec 7 07:00:35 2025 GMT Subject: CN=c4a82a9205d3d674f5283bb912d405c48f086c8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:9e:1d:b0:fa:c1:dc:1c:b6:18:89:57:d8:9e: 6b:1e:45:4e:6d:12:45:0a:ba:13:4a:da:2e:2b:cc: 19:5d:e2:24:f7:85:d9:b4:1d:f3:2f:56:94:ec:76: 13:ee:e2:fa:20:7c:07:a6:54:c1:de:98:16:27:13: 67:5a:51:bc:99:fe:72:f9:4d:df:51:48:b0:6c:55: f1:3f:7e:4c:ab:83:b3:45:ab:d4:46:b8:49:66:16: 7b:55:ec:76:2d:f6:0b:f4:ef:16:21:b8:b3:e1:bb: d9:38:e3:b3:b5:e8:7d:4c:0e:56:a9:7d:23:0c:ea: 06:e7:4b:2d:59:b7:cb:09:11:23:35:54:b7:56:61: 42:13:06:32:11:1b:7f:f9:39:26:46:0f:1d:b7:cb: 77:d7:c5:f2:88:47:b5:a9:a7:e7:e6:ca:2e:c0:7f: 13:8c:80:68:51:ad:09:91:9c:a4:d3:9c:0b:72:27: 13:63:88:24:f5:62:bb:a4:5d:f8:e6:ee:85:af:a0: 60:e8:d4:30:68:13:ef:1f:63:d3:d3:9e:14:19:44: e5:14:e9:c4:1a:79:ca:c0:7d:97:d2:48:00:9b:b3: a2:1a:39:1c:d6:d6:37:7b:c1:66:a2:9e:30:6a:d8: fc:c4:44:30:f2:3f:ef:12:3f:76:99:b5:78:6a:4c: 0e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:A8:2A:92:05:D3:D6:74:F5:28:3B:B9:12:D4:05:C4:8F:08:6C:8E X509v3 Authority Key Identifier: keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:bc:bd:87:52:9c:a3:2f:8e:50:91:52:fd:00:54:a1:2a:25: 45:51:b8:fd:38:1e:3b:d5:8b:f6:92:35:7a:86:9c:02:8c:1f: 6a:ab:96:5c:b5:ee:64:17:a1:e8:14:a8:b9:0d:48:0f:6d:ba: 8d:17:10:2a:83:12:a2:86:9a:8e:40:d3:f6:ca:0e:b8:0b:dd: aa:c2:5f:6a:79:b5:c6:a4:ba:49:a2:c2:6a:ad:f2:45:72:69: 6d:d6:f0:3c:2c:5a:00:5e:62:1b:02:3e:10:30:34:1e:c7:3a: 43:f2:53:c1:87:cf:d2:0d:7b:e8:e1:7d:3f:d9:21:21:1a:4e: c7:05:16:22:66:d8:43:7c:0d:4f:e0:7f:74:5d:ed:e2:f1:63: 1a:01:0a:06:b9:d7:be:68:03:c6:93:4b:eb:10:d6:a6:f4:74: 05:de:c2:22:85:1c:4c:99:fe:01:03:8a:d9:01:bb:c0:56:cf: 2c:3e:e6:3a:34:b4:db:2e:96:7c:2b:f4:70:ef:64:a8:45:ef: 3d:f6:96:d0:b6:4b:93:f7:96:29:5e:5e:66:62:51:2d:4b:72: d6:20:a7:d1:74:52:12:76:10:e3:b4:25:54:66:8c:8c:ac:d9: fe:8b:8e:28:ff:07:c0:aa:b9:a7:16:ee:b8:d7:16:a9:e4:03: ea:d0:45:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydmB8OzzQB/JYHQ9Gx2ZtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2 ZGMxMmYwHhcNMjUxMjA2MDcwMDM1WhcNMjUxMjA3MDcwMDM1WjAzMTEwLwYDVQQD EyhjNGE4MmE5MjA1ZDNkNjc0ZjUyODNiYjkxMmQ0MDVjNDhmMDg2YzhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt54dsPrB3By2GIlX2J5rHkVObRJF CroTStouK8wZXeIk94XZtB3zL1aU7HYT7uL6IHwHplTB3pgWJxNnWlG8mf5y+U3f UUiwbFXxP35Mq4OzRavURrhJZhZ7Vex2LfYL9O8WIbiz4bvZOOOzteh9TA5WqX0j DOoG50stWbfLCREjNVS3VmFCEwYyERt/+TkmRg8dt8t318XyiEe1qafn5souwH8T jIBoUa0JkZyk05wLcicTY4gk9WK7pF345u6Fr6Bg6NQwaBPvH2PT054UGUTlFOnE GnnKwH2X0kgAm7OiGjkc1tY3e8Fmop4watj8xEQw8j/vEj92mbV4akwO5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMSoKpIF09Z09Sg7uRLUBcSPCGyOMB8GA1UdIwQY MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLy9h1Kc oy+OUJFS/QBUoSolRVG4/TgeO9WL9pI1eoacAowfaquWXLXuZBeh6BSouQ1ID226 jRcQKoMSooaajkDT9soOuAvdqsJfanm1xqS6SaLCaq3yRXJpbdbwPCxaAF5iGwI+ EDA0Hsc6Q/JTwYfP0g176OF9P9khIRpOxwUWImbYQ3wNT+B/dF3t4vFjGgEKBrnX vmgDxpNL6xDWpvR0Bd7CIoUcTJn+AQOK2QG7wFbPLD7mOjS02y6WfCv0cO9kqEXv PfaW0LZLk/eWKV5eZmJRLUty1iCn0XRSEnYQ47QlVGaMjKzZ/ouOKP8HwKq5pxbu uNcWqeQD6tBFnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:32 2025 by rpki-client