This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft File: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json) Hash identifier: TNwI5zkXTS137H8YqpbXK3tRHcYmU5vNx1k9wnIWIR4= Subject key identifier: 19:7A:FF:F3:87:D7:64:66:E2:2A:3B:A0:D4:C0:4E:10:5C:39:14:FA Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD Certificate issuer: /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad Certificate serial: 019AF6F83B3E54D2045525D60818BD644B3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft Manifest number: 0A45 Signing time: Sun 07 Dec 2025 04:00:54 +0000 Manifest this update: Sun 07 Dec 2025 04:00:54 +0000 Manifest next update: Mon 08 Dec 2025 04:00:54 +0000 Files and hashes: 1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: L8n6QGELLHe5lNsr5yPwOANMRFfeBdOT1cc8K32Xgr0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:3b:3e:54:d2:04:55:25:d6:08:18:bd:64:4b:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad Validity Not Before: Dec 7 04:00:54 2025 GMT Not After : Dec 8 04:00:54 2025 GMT Subject: CN=197afff387d76466e22a3ba0d4c04e105c3914fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a3:b2:6d:59:61:99:2e:a0:7b:ca:ad:62:00: 57:25:bf:5a:84:e1:cc:62:b3:1a:73:1c:bb:49:7a: 3c:29:54:ee:8a:98:2f:ae:80:b8:d0:68:12:e6:89: 7c:a3:4c:98:47:19:aa:a1:43:02:5c:ea:c6:4f:15: 98:f8:d8:67:17:df:7f:05:5d:ad:68:d4:d4:8e:41: 92:d8:1d:08:58:e6:49:5c:f3:6b:5c:be:69:3d:14: 0e:f5:ce:01:c5:46:de:f1:34:96:34:4a:25:6a:f4: ff:d4:d6:22:7d:91:f8:f5:27:53:96:c8:bc:dd:08: d1:e6:72:2d:a8:96:3b:bb:29:fe:76:9e:bc:fa:68: 25:be:ac:12:db:c6:23:b0:53:73:11:88:b6:c0:82: b2:9b:5d:da:8e:a4:7a:59:7b:21:85:6e:8a:c8:4c: 27:b1:d1:b5:71:bd:96:67:e0:22:09:cd:42:83:71: 05:95:89:e7:b0:a8:ff:75:b3:fe:c9:cb:b8:37:15: 0d:83:d1:67:cb:73:b1:55:f2:c9:99:92:44:e2:09: 52:1f:4e:50:51:73:91:1b:00:89:da:3d:f1:93:48: 91:8b:24:b6:2a:ac:44:58:a4:d0:87:b7:b7:8e:70: 7b:be:cc:56:0a:66:46:e5:7c:57:d4:22:7f:0b:8a: 6f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:7A:FF:F3:87:D7:64:66:E2:2A:3B:A0:D4:C0:4E:10:5C:39:14:FA X509v3 Authority Key Identifier: keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:c9:d9:75:d3:b1:f8:9f:45:cf:68:2d:88:6e:53:fe:83:58: 64:13:19:71:07:02:0b:6b:12:35:d5:c1:32:9f:e2:d9:0b:b7: 81:1a:58:74:49:9e:ff:11:e6:28:a2:88:72:4f:17:9c:d1:30: 78:8b:23:a1:b8:b3:9f:a7:78:94:8a:c0:f0:63:38:32:0d:81: d3:9a:e2:67:10:91:87:cb:83:01:ed:da:98:cf:46:1a:f0:0c: 83:4d:28:b1:dc:f5:bc:b6:a1:08:6a:9c:e9:27:9e:16:fd:fc: fe:60:ba:13:e8:f6:be:b4:47:8a:2d:9e:4d:a8:97:36:ee:1a: 89:03:3e:7b:ee:f1:c3:13:4b:21:b4:ac:51:5b:55:6f:ca:ba: 4f:cf:e2:93:b6:8b:3d:ed:e1:1f:c4:df:ee:10:3d:07:96:ab: 97:5a:be:de:0d:df:91:9f:63:1e:cb:41:05:ba:49:8a:35:70: f3:5e:b7:cb:9b:65:42:e1:6c:9a:60:2b:32:b4:a7:d2:f5:3f: a5:05:e5:10:1a:c3:e2:5c:ff:5f:54:ab:67:2f:e7:63:ba:f6: f4:58:4d:eb:b1:b3:8f:fd:f6:55:1c:9f:76:b0:4c:ed:03:37: 56:01:ae:1f:52:9c:bd:92:1f:96:b3:aa:5c:cf:6e:87:36:f0: 02:aa:2c:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+Ds+VNIEVSXWCBi9ZEs6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk YWU0YWQwHhcNMjUxMjA3MDQwMDU0WhcNMjUxMjA4MDQwMDU0WjAzMTEwLwYDVQQD EygxOTdhZmZmMzg3ZDc2NDY2ZTIyYTNiYTBkNGMwNGUxMDVjMzkxNGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraOybVlhmS6ge8qtYgBXJb9ahOHM YrMacxy7SXo8KVTuipgvroC40GgS5ol8o0yYRxmqoUMCXOrGTxWY+NhnF99/BV2t aNTUjkGS2B0IWOZJXPNrXL5pPRQO9c4BxUbe8TSWNEolavT/1NYifZH49SdTlsi8 3QjR5nItqJY7uyn+dp68+mglvqwS28YjsFNzEYi2wIKym13ajqR6WXshhW6KyEwn sdG1cb2WZ+AiCc1Cg3EFlYnnsKj/dbP+ycu4NxUNg9Fny3OxVfLJmZJE4glSH05Q UXORGwCJ2j3xk0iRiyS2KqxEWKTQh7e3jnB7vsxWCmZG5XxX1CJ/C4pvBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBl6//OH12Rm4io7oNTAThBcORT6MB8GA1UdIwQY MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5 LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsnZddOx +J9Fz2gtiG5T/oNYZBMZcQcCC2sSNdXBMp/i2Qu3gRpYdEme/xHmKKKIck8XnNEw eIsjobizn6d4lIrA8GM4Mg2B05riZxCRh8uDAe3amM9GGvAMg00osdz1vLahCGqc 6SeeFv38/mC6E+j2vrRHii2eTaiXNu4aiQM+e+7xwxNLIbSsUVtVb8q6T8/ik7aL Pe3hH8Tf7hA9B5arl1q+3g3fkZ9jHstBBbpJijVw8163y5tlQuFsmmArMrSn0vU/ pQXlEBrD4lz/X1SrZy/nY7r29FhN67Gzj/32VRyfdrBM7QM3VgGuH1KcvZIflrOq XM9uhzbwAqosjQ== -----END CERTIFICATE-----Generated at Sun Dec 7 07:52:27 2025 by rpki-client