This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft File: 2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft (raw, json) Hash identifier: /kevGBVcZrkf6DFGD10oF15EVhg63dMywA+3WU56GDA= Subject key identifier: D4:34:E2:0E:1E:D1:ED:1A:20:7C:69:E2:D8:D3:21:BD:04:F1:1B:02 Authority key identifier: DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1 Certificate issuer: /CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1 Certificate serial: 019AF50A71E98676EE179E0E71A6F65D3A99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft Manifest number: 1553 Signing time: Sat 06 Dec 2025 19:01:33 +0000 Manifest this update: Sat 06 Dec 2025 19:01:33 +0000 Manifest next update: Sun 07 Dec 2025 19:01:33 +0000 Files and hashes: 1: 2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl (hash: JslLyGbZQP4I6CG9OplNlV8hfSztuL6iu4t5s7wS0PU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:71:e9:86:76:ee:17:9e:0e:71:a6:f6:5d:3a:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1 Validity Not Before: Dec 6 19:01:33 2025 GMT Not After : Dec 7 19:01:33 2025 GMT Subject: CN=d434e20e1ed1ed1a207c69e2d8d321bd04f11b02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:bd:08:c3:f3:4c:46:55:ca:85:eb:c5:83:a0: fb:36:15:c1:71:bf:69:53:b5:0f:2b:57:e7:de:d8: 7a:b3:fc:7e:f7:ff:23:cc:bd:3d:68:1d:3b:67:fc: f3:39:88:9c:a9:53:36:6c:98:f8:1b:3b:34:76:e2: 85:79:7f:f0:ce:61:e1:25:75:55:66:85:26:34:43: b7:18:6a:9b:fd:e2:84:f3:93:d4:4a:27:d2:d8:26: 08:6c:f4:fa:2d:9f:03:96:f8:bd:6c:ab:fe:d9:b6: 30:ed:f9:38:6e:d4:cb:d6:a3:c3:e7:07:cc:99:60: a6:ec:ae:8c:b1:c4:77:1f:d5:0b:26:68:70:9d:39: 45:21:b1:02:c7:d5:10:03:fe:d3:e2:ba:c2:18:98: 37:7b:42:2c:ae:5f:bd:3c:8c:6d:3b:b7:41:2a:07: 94:6c:70:d9:6e:ce:6d:b0:3f:4a:6e:d3:89:a7:6f: 46:07:9c:9d:e9:9f:30:5c:82:4d:3c:41:23:1b:e8: e2:5a:21:40:f0:9e:8c:ab:7c:40:da:7f:b5:1a:10: ba:22:5f:5c:4d:43:03:96:b7:8a:5c:e0:e4:7f:7a: 73:d2:36:5f:62:15:e5:fa:86:81:c3:47:26:77:73: 5f:96:c1:c0:15:42:f9:eb:cb:7e:ce:83:1a:31:e4: 8d:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:34:E2:0E:1E:D1:ED:1A:20:7C:69:E2:D8:D3:21:BD:04:F1:1B:02 X509v3 Authority Key Identifier: keyid:DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:e1:70:61:c9:bb:0d:13:b2:2d:34:f3:70:ab:1d:24:c3:64: 81:51:bc:46:20:56:c5:e9:d9:25:39:26:04:93:ed:b1:00:d5: 98:67:5a:e7:27:ca:d3:93:7b:c9:d7:68:ee:3f:f9:a3:11:26: 15:e3:24:9c:f8:80:d6:f9:34:5e:7d:34:4a:86:98:32:8f:7b: 05:5d:49:b3:0a:a7:87:fd:9d:a9:68:10:bd:5d:c1:86:6f:d5: cf:12:1a:7e:b8:c6:24:5f:38:3c:38:44:3a:6c:d1:a9:c4:0b: 54:ab:fb:ac:a2:5e:18:f8:c8:43:d6:a9:71:a0:97:69:e4:f6: 76:a1:a8:dd:c7:b0:26:f8:81:fe:da:5e:9c:cf:8a:b6:8e:70: 71:72:93:35:58:6f:5b:eb:85:5d:2d:f1:43:2f:80:67:41:5f: 91:8a:f7:fe:d4:b2:da:40:3d:79:2e:10:46:c2:09:f6:cc:81: ad:7e:91:c4:22:bb:c1:c7:c5:61:ad:15:d4:02:0e:b3:40:ae: 34:89:b2:9a:f0:59:84:39:6c:b2:46:f7:59:00:7a:6a:83:2c: 83:fd:72:a9:6c:bb:86:7b:6e:b4:e6:42:c3:b5:92:2a:d9:f4: 0f:03:8f:ba:15:8c:87:31:b8:3b:1e:35:5c:00:71:bd:23:f0: ef:f2:f0:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CnHphnbuF54Ocab2XTqZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiZjViY2I5MWM2NDBhMGEzNDI5MDVlNWE1MTcwNzUyOGY1 YTMzYTEwHhcNMjUxMjA2MTkwMTMzWhcNMjUxMjA3MTkwMTMzWjAzMTEwLwYDVQQD EyhkNDM0ZTIwZTFlZDFlZDFhMjA3YzY5ZTJkOGQzMjFiZDA0ZjExYjAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr0Iw/NMRlXKhevFg6D7NhXBcb9p U7UPK1fn3th6s/x+9/8jzL09aB07Z/zzOYicqVM2bJj4Gzs0duKFeX/wzmHhJXVV ZoUmNEO3GGqb/eKE85PUSifS2CYIbPT6LZ8Dlvi9bKv+2bYw7fk4btTL1qPD5wfM mWCm7K6MscR3H9ULJmhwnTlFIbECx9UQA/7T4rrCGJg3e0Isrl+9PIxtO7dBKgeU bHDZbs5tsD9KbtOJp29GB5yd6Z8wXIJNPEEjG+jiWiFA8J6Mq3xA2n+1GhC6Il9c TUMDlreKXODkf3pz0jZfYhXl+oaBw0cmd3NflsHAFUL568t+zoMaMeSNEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNQ04g4e0e0aIHxp4tjTIb0E8RsCMB8GA1UdIwQY MBaAFNv1vLkcZAoKNCkF5aUXB1KPWjOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yN2VkMmQtMDdjNy00MWQ4LTljMjQt MTJiNGViYzQxNDUxLzEvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC8yN2VkMmQtMDdjNy00MWQ4LTljMjQtMTJiNGViYzQxNDUx LzEvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOFwYcm7 DROyLTTzcKsdJMNkgVG8RiBWxenZJTkmBJPtsQDVmGda5yfK05N7yddo7j/5oxEm FeMknPiA1vk0Xn00SoaYMo97BV1Jswqnh/2dqWgQvV3Bhm/VzxIafrjGJF84PDhE OmzRqcQLVKv7rKJeGPjIQ9apcaCXaeT2dqGo3cewJviB/tpenM+Kto5wcXKTNVhv W+uFXS3xQy+AZ0FfkYr3/tSy2kA9eS4QRsIJ9syBrX6RxCK7wcfFYa0V1AIOs0Cu NImymvBZhDlsskb3WQB6aoMsg/1yqWy7hntutOZCw7WSKtn0DwOPuhWMhzG4Ox41 XABxvSPw7/Lw2g== -----END CERTIFICATE-----Generated at Sun Dec 7 01:40:54 2025 by rpki-client