This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft File: 2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json) Hash identifier: TCnT0YpSHOgucEX3hA3JQSeNgwtWenR1K4OSANAv7/Y= Subject key identifier: C3:94:38:DB:D7:FD:F0:63:9A:3D:1F:D2:E0:B8:69:DD:2A:77:BA:3D Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 Certificate issuer: /CN=da1bf00824b628bf6263bb74de774addf9990fc9 Certificate serial: 019AF27676059D8DDC33D12A2CF3237E1166 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft Manifest number: 14E5 Signing time: Sat 06 Dec 2025 07:00:40 +0000 Manifest this update: Sat 06 Dec 2025 07:00:40 +0000 Manifest next update: Sun 07 Dec 2025 07:00:40 +0000 Files and hashes: 1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: Ca468fnaw5avJCstaA4xcIYOPxFYGBtZc7v7Iun08gM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:76:05:9d:8d:dc:33:d1:2a:2c:f3:23:7e:11:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9 Validity Not Before: Dec 6 07:00:40 2025 GMT Not After : Dec 7 07:00:40 2025 GMT Subject: CN=c39438dbd7fdf0639a3d1fd2e0b869dd2a77ba3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4d:02:dc:d4:61:2d:3c:43:64:7d:f1:a9:3e: 46:d2:91:31:46:4e:1c:59:14:1d:51:f0:a9:a6:bd: bf:60:ec:8a:bf:6b:b4:4a:09:23:13:1d:5f:79:1b: 7d:3c:d7:85:73:06:9d:f9:c0:4f:e9:92:b4:bb:01: 24:2a:1c:80:8b:4c:e2:77:c2:0c:23:a4:e4:35:67: 89:ce:cd:65:32:96:b4:6d:e6:b0:66:63:78:05:7e: c6:bb:12:fb:c9:3e:3e:2e:7c:57:c3:06:b3:9e:55: 5b:28:1b:02:60:aa:2b:ac:03:f1:b3:cf:d8:18:42: b4:eb:04:c5:25:3e:9d:f1:4c:d0:12:33:99:4c:3f: b4:86:b6:59:da:d4:2d:fe:36:ff:fe:56:b8:be:a9: d5:23:aa:26:16:78:4f:6f:ea:44:f4:0f:c5:b2:96: 02:0c:24:2d:b3:e3:04:0b:9e:2c:0d:7e:20:72:d7: 15:2d:90:4a:83:0b:bc:de:12:67:97:d4:11:9e:a0: 02:1e:ca:ca:eb:c7:51:ab:42:5e:c5:62:6d:98:26: 88:10:14:ea:78:0d:b1:26:d2:04:90:a0:af:77:b8: 8d:4d:07:9a:e4:a8:70:a6:a4:b6:62:8b:ce:00:78: 5d:64:a9:d2:95:18:3b:0e:0d:e4:48:e5:a4:cc:07: d8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:94:38:DB:D7:FD:F0:63:9A:3D:1F:D2:E0:B8:69:DD:2A:77:BA:3D X509v3 Authority Key Identifier: keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:06:1b:e8:d6:f8:4b:ad:23:d1:89:de:b0:7b:b8:0c:0a:e2: b9:e6:ca:03:ec:cb:eb:6b:7b:ba:1a:91:ee:7f:9f:0e:71:5e: 5e:aa:02:79:22:46:7c:a5:4f:62:84:88:96:e7:b0:4c:78:81: ae:a1:ab:ee:7d:ec:01:a8:48:25:aa:de:25:08:bb:65:03:72: 66:03:5a:bc:cf:53:c3:aa:6f:f5:f6:cc:d2:ca:8b:cd:00:31: 4f:60:24:a0:2f:d5:1f:91:0c:c2:69:2c:76:d0:f0:35:99:1b: 75:0e:7b:e4:41:72:70:8d:63:79:38:4c:da:91:8d:91:d8:5f: 74:0a:ca:35:de:1c:17:e6:42:dd:05:5d:42:82:14:6c:32:e8: f2:e5:ee:c8:f9:e6:da:c4:1a:f0:d1:5c:62:ed:0d:43:ae:98: 67:86:8c:98:6a:54:c7:0c:94:f7:bd:bd:14:ea:b8:6a:21:2b: c8:bc:f9:4d:be:c8:5c:fe:cd:09:25:59:aa:a2:60:47:da:26: 07:3f:ae:ab:95:87:e7:63:57:1d:17:01:07:19:86:8d:8c:a3: df:6b:34:b8:1e:7d:e8:c1:d0:62:44:e1:1d:b0:34:e0:9a:6a: 1f:2c:3f:86:59:4a:65:0d:b8:67:85:92:47:86:0e:99:90:cb: 59:69:e5:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydnYFnY3cM9EqLPMjfhFmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5 OTBmYzkwHhcNMjUxMjA2MDcwMDQwWhcNMjUxMjA3MDcwMDQwWjAzMTEwLwYDVQQD EyhjMzk0MzhkYmQ3ZmRmMDYzOWEzZDFmZDJlMGI4NjlkZDJhNzdiYTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE0C3NRhLTxDZH3xqT5G0pExRk4c WRQdUfCppr2/YOyKv2u0SgkjEx1feRt9PNeFcwad+cBP6ZK0uwEkKhyAi0zid8IM I6TkNWeJzs1lMpa0beawZmN4BX7GuxL7yT4+LnxXwwaznlVbKBsCYKorrAPxs8/Y GEK06wTFJT6d8UzQEjOZTD+0hrZZ2tQt/jb//la4vqnVI6omFnhPb+pE9A/FspYC DCQts+MEC54sDX4gctcVLZBKgwu83hJnl9QRnqACHsrK68dRq0JexWJtmCaIEBTq eA2xJtIEkKCvd7iNTQea5KhwpqS2YovOAHhdZKnSlRg7Dg3kSOWkzAfY7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMOUONvX/fBjmj0f0uC4ad0qd7o9MB8GA1UdIwQY MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAYb6Nb4 S60j0YnesHu4DAriuebKA+zL62t7uhqR7n+fDnFeXqoCeSJGfKVPYoSIluewTHiB rqGr7n3sAahIJareJQi7ZQNyZgNavM9Tw6pv9fbM0sqLzQAxT2AkoC/VH5EMwmks dtDwNZkbdQ575EFycI1jeThM2pGNkdhfdArKNd4cF+ZC3QVdQoIUbDLo8uXuyPnm 2sQa8NFcYu0NQ66YZ4aMmGpUxwyU9729FOq4aiEryLz5Tb7IXP7NCSVZqqJgR9om Bz+uq5WH52NXHRcBBxmGjYyj32s0uB596MHQYkThHbA04JpqHyw/hllKZQ24Z4WS R4YOmZDLWWnl+g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:35:23 2025 by rpki-client