This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft File: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft (raw, json) Hash identifier: 0LW4E6mwHO7F5bRAq8C22ty349Z+2+tbM2kpDy33qtA= Subject key identifier: 3A:7E:DC:08:BB:2D:15:E3:68:2B:B3:93:CE:CE:19:6D:69:97:74:36 Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32 Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932 Certificate serial: 019AF464E48125179E297194C30659BCDF4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft Manifest number: 023B Signing time: Sat 06 Dec 2025 16:00:44 +0000 Manifest this update: Sat 06 Dec 2025 16:00:44 +0000 Manifest next update: Sun 07 Dec 2025 16:00:44 +0000 Files and hashes: 1: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl (hash: QLUt1B+Gi833Zyy+ea2nk/oS4F4+MsbExOBASfz8LFI=) 2: HVaoDMotksZf76Ju74TL_0gQqQw.roa (hash: 6Wt6s6Ldu4cKxpBhxwlW4dbeWtmB6JUQE70sEXR7L0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:e4:81:25:17:9e:29:71:94:c3:06:59:bc:df:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d97a77930122879a766470df8d660c98442a9932 Validity Not Before: Dec 6 16:00:44 2025 GMT Not After : Dec 7 16:00:44 2025 GMT Subject: CN=3a7edc08bb2d15e3682bb393cece196d69977436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:5c:0f:b7:c4:d0:05:cf:f4:d8:8a:89:cc:3a: 21:2d:06:0d:34:45:f7:9e:58:5d:0a:c8:ca:32:0d: d4:13:31:87:ca:7d:76:d8:1b:c5:c7:05:3c:92:ef: 2f:62:c4:b1:aa:ca:22:8e:cb:94:88:73:5c:24:fa: ce:68:41:38:04:77:94:43:76:2d:b6:f8:c4:37:8a: 9c:40:a7:04:af:36:ae:85:c2:7f:8d:57:ce:b3:e9: 41:7f:eb:66:cd:c0:2f:a4:28:5c:75:43:1f:22:65: 30:69:b8:ba:c8:f1:a5:34:50:d4:0a:e1:12:ed:2a: ff:ad:c4:9f:5a:72:fc:d8:c8:00:a4:b1:a0:92:40: c8:41:96:50:46:75:64:da:88:84:7d:e5:8b:0e:57: 91:f9:d8:24:03:b4:b3:9d:46:b4:21:48:06:b6:3b: d1:8c:2e:d9:5c:f8:10:b0:dd:cb:ff:51:36:16:e8: ab:c9:d9:83:46:82:8e:f6:ea:3c:b5:98:e2:8b:9f: 92:b0:a9:af:b0:7a:79:14:02:ea:6d:af:23:6a:36: cb:d1:a4:c7:df:55:cb:b7:7b:35:c3:e7:21:21:70: f1:bd:81:8c:d1:ec:70:66:ed:46:6b:d4:d0:9d:b8: 54:c2:8c:7c:45:f8:cb:60:aa:e6:ad:26:68:e0:fb: 2b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:7E:DC:08:BB:2D:15:E3:68:2B:B3:93:CE:CE:19:6D:69:97:74:36 X509v3 Authority Key Identifier: keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:5f:e7:71:e1:24:5f:f9:64:59:27:fc:76:b4:2a:4e:a7:2f: 3a:5e:4d:b2:28:31:b7:82:70:f1:0d:64:69:78:46:47:d0:1d: 57:e7:5f:4e:aa:3b:b2:d7:8e:04:2a:13:a9:d3:bd:c7:73:f0: bb:15:a0:02:ad:3b:3a:23:3b:cb:bf:75:79:13:77:ed:88:63: 68:8b:43:de:57:ed:5b:59:8a:82:82:94:06:26:a0:f7:8b:f7: 76:9a:e2:1a:79:f4:3b:a8:b0:68:42:d2:16:23:8b:5e:57:71: ac:5a:64:94:40:4b:5d:14:07:54:dd:69:fa:d5:2c:0c:f4:a6: c3:b9:32:f0:0f:3c:7e:96:9a:13:f9:1e:ec:b7:b3:a7:23:82: 24:26:5a:2e:a6:ca:10:77:55:f4:60:5a:b9:fe:97:9e:21:97: 6f:31:1f:bb:c2:f4:9c:e5:e3:ab:95:cc:1d:9e:25:30:95:a4: de:de:04:da:3f:b1:7d:87:e0:8b:11:fc:55:30:53:d1:48:28: a3:d1:8f:4a:44:2c:7c:2c:74:98:7d:23:7f:9b:79:ef:d1:1a: ec:2c:f1:ac:07:64:48:2d:64:a5:58:96:9c:56:bb:9d:99:08: ae:f4:23:ab:d4:1a:5c:ac:70:e9:b8:21:63:19:23:7c:2f:d3: 6e:a4:83:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZOSBJReeKXGUwwZZvN9PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy YTk5MzIwHhcNMjUxMjA2MTYwMDQ0WhcNMjUxMjA3MTYwMDQ0WjAzMTEwLwYDVQQD EygzYTdlZGMwOGJiMmQxNWUzNjgyYmIzOTNjZWNlMTk2ZDY5OTc3NDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FwPt8TQBc/02IqJzDohLQYNNEX3 nlhdCsjKMg3UEzGHyn122BvFxwU8ku8vYsSxqsoijsuUiHNcJPrOaEE4BHeUQ3Yt tvjEN4qcQKcErzauhcJ/jVfOs+lBf+tmzcAvpChcdUMfImUwabi6yPGlNFDUCuES 7Sr/rcSfWnL82MgApLGgkkDIQZZQRnVk2oiEfeWLDleR+dgkA7SznUa0IUgGtjvR jC7ZXPgQsN3L/1E2FuirydmDRoKO9uo8tZjii5+SsKmvsHp5FALqba8jajbL0aTH 31XLt3s1w+chIXDxvYGM0exwZu1Ga9TQnbhUwox8RfjLYKrmrSZo4Psr4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDp+3Ai7LRXjaCuzk87OGW1pl3Q2MB8GA1UdIwQY MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt Y2Q0NTlhNjU3MjFiLzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm1/nceEk X/lkWSf8drQqTqcvOl5Nsigxt4Jw8Q1kaXhGR9AdV+dfTqo7steOBCoTqdO9x3Pw uxWgAq07OiM7y791eRN37YhjaItD3lftW1mKgoKUBiag94v3dpriGnn0O6iwaELS FiOLXldxrFpklEBLXRQHVN1p+tUsDPSmw7ky8A88fpaaE/ke7LezpyOCJCZaLqbK EHdV9GBauf6XniGXbzEfu8L0nOXjq5XMHZ4lMJWk3t4E2j+xfYfgixH8VTBT0Ugo o9GPSkQsfCx0mH0jf5t579Ea7CzxrAdkSC1kpViWnFa7nZkIrvQjq9QaXKxw6bgh YxkjfC/TbqSDlg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:28:05 2025 by rpki-client