This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft File: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json) Hash identifier: /qUBMrUhRJ++wEVy5QW5rEMotNebdgc76HFOcnkyjo8= Subject key identifier: B6:0B:B8:78:A1:56:EC:E0:40:9E:60:0D:36:EA:2D:4C:F6:35:01:2C Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 Certificate issuer: /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Certificate serial: 019B2BF840840B0D9BFE0E170EB6CBE9EAE4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft Manifest number: 0589 Signing time: Wed 17 Dec 2025 11:00:48 +0000 Manifest this update: Wed 17 Dec 2025 11:00:48 +0000 Manifest next update: Thu 18 Dec 2025 11:00:48 +0000 Files and hashes: 1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: BOSGLTYOhCn9dkUcb/9TAsQNYa9N5/WQGvTOJKXtw0w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:40:84:0b:0d:9b:fe:0e:17:0e:b6:cb:e9:ea:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Validity Not Before: Dec 17 11:00:48 2025 GMT Not After : Dec 18 11:00:48 2025 GMT Subject: CN=b60bb878a156ece0409e600d36ea2d4cf635012c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:21:a3:02:3c:f3:ad:5d:13:7d:70:05:5a:62: 8b:c8:93:b7:ed:57:08:6e:06:6a:42:3b:c4:3c:2e: 52:3a:73:5a:24:ea:df:29:db:01:94:e6:30:4e:92: 9d:0b:00:43:20:4d:73:73:93:9a:66:45:f2:7d:77: 31:d5:80:01:47:31:22:05:42:7d:23:18:83:ae:6a: 8a:2f:2d:c7:9d:56:1f:17:2a:5a:83:7d:a3:59:d8: b1:2e:56:34:60:96:37:41:c4:a8:12:6c:66:f8:6b: bc:43:5e:11:45:c3:85:4e:8d:31:e3:a8:97:47:42: 9a:02:22:09:0c:1c:f0:5c:0b:d1:40:d0:d5:8b:c2: a2:0f:b5:5a:32:dd:70:17:20:8e:bc:09:93:83:d9: 73:fe:94:c7:1c:ef:b8:26:bc:4b:33:60:b8:35:a0: 5e:14:9f:ec:84:48:bc:99:69:e6:dd:b5:2e:82:ec: 39:6e:a0:59:05:47:b1:9c:cf:91:d9:49:df:c0:28: d0:8e:d6:15:74:13:b6:41:ef:79:a0:ef:2f:f7:3f: c8:ee:ee:27:b3:6e:ff:6e:5e:bf:31:ad:d5:dd:6f: e2:ba:9f:ff:20:b3:3b:29:48:9c:db:c7:5e:2d:f7: e4:62:8d:d7:a7:bc:9f:4e:1a:a8:ac:7e:03:b1:cd: 6f:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:0B:B8:78:A1:56:EC:E0:40:9E:60:0D:36:EA:2D:4C:F6:35:01:2C X509v3 Authority Key Identifier: keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:45:9b:ff:36:36:cb:83:a5:ad:c7:e3:03:27:63:59:b3:d6: 88:31:0f:c6:08:c9:e7:33:ec:27:e5:4e:e9:75:a6:35:8a:eb: a9:40:b1:79:e9:b8:77:79:f5:39:38:ba:e3:6e:9e:6c:59:c1: bf:89:41:2b:49:d6:88:3e:61:92:0d:0a:d6:88:fa:b3:02:03: e9:4e:91:27:af:79:b8:c6:55:6a:28:c9:3a:5b:e3:6e:8c:fc: 4b:5a:ee:c6:ca:88:2f:84:03:cd:c6:64:43:2c:0a:d8:d9:9b: 65:6c:e0:af:96:a2:b6:fe:6f:e9:4e:7b:43:3e:02:cb:94:8f: db:73:2d:f1:77:78:19:f1:fa:51:d4:8f:e4:78:2d:50:c8:49: 25:76:13:68:fd:29:91:fd:79:7b:92:09:e2:18:14:28:eb:5f: da:62:f5:c7:2e:e6:e5:43:07:51:ab:6c:ba:e7:47:86:7a:ec: f4:96:14:e3:52:23:f7:3b:0e:a9:b7:34:6d:e1:79:32:76:64: a1:69:cf:2e:bc:4a:12:16:c3:f0:f0:ba:00:22:32:83:ba:95: b9:95:3f:40:14:00:e4:46:ff:50:45:7f:14:b1:c1:e1:59:3f: 68:6b:97:4a:0b:cf:28:1a:4f:5f:72:80:c0:e5:ba:38:65:92: 28:60:6c:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+ECECw2b/g4XDrbL6erkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0 ZDk3NTMwHhcNMjUxMjE3MTEwMDQ4WhcNMjUxMjE4MTEwMDQ4WjAzMTEwLwYDVQQD EyhiNjBiYjg3OGExNTZlY2UwNDA5ZTYwMGQzNmVhMmQ0Y2Y2MzUwMTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyGjAjzzrV0TfXAFWmKLyJO37VcI bgZqQjvEPC5SOnNaJOrfKdsBlOYwTpKdCwBDIE1zc5OaZkXyfXcx1YABRzEiBUJ9 IxiDrmqKLy3HnVYfFypag32jWdixLlY0YJY3QcSoEmxm+Gu8Q14RRcOFTo0x46iX R0KaAiIJDBzwXAvRQNDVi8KiD7VaMt1wFyCOvAmTg9lz/pTHHO+4JrxLM2C4NaBe FJ/shEi8mWnm3bUuguw5bqBZBUexnM+R2UnfwCjQjtYVdBO2Qe95oO8v9z/I7u4n s27/bl6/Ma3V3W/iup//ILM7KUic28deLffkYo3Xp7yfThqorH4Dsc1v3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYLuHihVuzgQJ5gDTbqLUz2NQEsMB8GA1UdIwQY MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUWb/zY2 y4OlrcfjAydjWbPWiDEPxgjJ5zPsJ+VO6XWmNYrrqUCxeem4d3n1OTi6426ebFnB v4lBK0nWiD5hkg0K1oj6swID6U6RJ695uMZVaijJOlvjboz8S1ruxsqIL4QDzcZk QywK2NmbZWzgr5aitv5v6U57Qz4Cy5SP23Mt8Xd4GfH6UdSP5HgtUMhJJXYTaP0p kf15e5IJ4hgUKOtf2mL1xy7m5UMHUatsuudHhnrs9JYU41Ij9zsOqbc0beF5MnZk oWnPLrxKEhbD8PC6ACIyg7qVuZU/QBQA5Eb/UEV/FLHB4Vk/aGuXSgvPKBpPX3KA wOW6OGWSKGBsBA== -----END CERTIFICATE-----Generated at Wed Dec 17 13:48:43 2025 by rpki-client