This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft File: 2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json) Hash identifier: FWEurVieofivdV1jHmdNSMAY4Y93cmmD2GqMIusBgDA= Subject key identifier: 53:8D:DB:96:83:CB:7B:DE:99:AE:8B:7C:E3:0D:1C:B1:18:97:C1:9C Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 Certificate issuer: /CN=d86910b444de99fa81c393550c97e4a320bce812 Certificate serial: 019AF1646578CEF847AC1D5CEA45894B651B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft Manifest number: 0E69 Signing time: Sat 06 Dec 2025 02:01:19 +0000 Manifest this update: Sat 06 Dec 2025 02:01:19 +0000 Manifest next update: Sun 07 Dec 2025 02:01:19 +0000 Files and hashes: 1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: 23rqYzs6iF1I/k6r3QkOkNlUFXmpZ0uUHNWdmlwyypw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:65:78:ce:f8:47:ac:1d:5c:ea:45:89:4b:65:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812 Validity Not Before: Dec 6 02:01:19 2025 GMT Not After : Dec 7 02:01:19 2025 GMT Subject: CN=538ddb9683cb7bde99ae8b7ce30d1cb11897c19c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3f:eb:2b:83:09:37:23:e8:f2:ea:ae:ab:17: ec:89:80:1a:d0:1c:0d:be:98:5e:36:22:4a:8d:15: 0a:4d:e6:f6:ad:f5:5f:93:a1:a7:49:45:09:d2:6f: d7:fd:0d:e8:9b:7d:03:bf:b4:c6:97:8e:99:ec:8b: 42:45:f0:72:ab:cd:9c:90:57:9f:a0:8a:71:26:92: 52:aa:f8:b7:57:e6:2b:d6:11:5f:ae:55:0e:a1:8c: c9:07:49:7b:c4:df:bc:04:23:94:19:83:80:6b:e3: 82:76:d1:8c:01:9b:1c:8a:f7:5f:2d:07:bf:10:2a: 5e:44:f4:b8:4d:3c:d8:2f:3d:3c:d1:08:ec:c7:f8: f0:e9:12:10:30:4c:27:16:48:f3:1b:ff:cf:70:ef: 3e:5a:44:7d:46:2d:09:16:80:da:0e:50:36:d6:79: 95:50:73:2a:37:c8:26:56:8e:5a:10:59:18:c5:8a: d2:c4:9e:b7:fd:0c:bb:22:94:04:b2:59:01:fb:72: 00:d5:d8:d9:bb:83:4a:14:b8:fa:fa:19:27:c1:1b: f8:33:c3:7e:10:7a:57:69:ca:e1:2e:53:31:52:b6: da:0d:7f:46:c1:59:29:a9:7f:e8:52:1e:2a:3a:98: e9:32:89:5c:ac:bf:40:c0:11:fe:5a:70:63:58:83: e6:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:8D:DB:96:83:CB:7B:DE:99:AE:8B:7C:E3:0D:1C:B1:18:97:C1:9C X509v3 Authority Key Identifier: keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:83:89:37:78:10:a7:fb:c6:e7:53:85:8b:a2:3f:81:9a:b0: 53:75:21:b6:f5:1f:d6:90:2c:96:65:d7:18:db:9b:ff:14:f1: 1b:47:cf:58:e1:bd:96:d1:36:f0:ac:fe:93:b5:d6:b7:21:ac: a7:a4:07:52:93:56:e0:32:a9:35:c2:9b:c2:00:e7:0d:f8:aa: 8c:5d:23:5a:90:f5:68:40:11:c2:0c:de:1f:6b:61:f8:36:6e: 97:cb:56:5c:c9:cd:2d:3a:4a:b0:f9:84:c7:78:a2:37:13:5d: 33:01:35:ff:9c:87:3d:24:fa:12:65:19:b3:17:de:a7:23:8a: 42:cb:d2:4d:53:dd:6b:47:1f:75:a1:53:c4:01:e3:bb:31:cc: 5a:fe:41:d3:09:d6:f8:e4:76:59:2c:91:7d:1e:36:1a:db:2f: 13:4b:b2:0b:3b:ac:29:8b:fb:ef:50:06:0e:77:21:32:d6:2a: 1e:14:23:93:85:b3:03:6c:ae:91:29:72:5e:2e:a4:a3:c8:86: c6:02:49:43:02:00:28:c8:c9:47:a3:a4:c3:4b:75:fe:ec:d9: 7a:2d:f8:68:83:34:30:b8:6c:c7:66:59:f0:d4:6a:8a:84:4f: 06:7d:fe:39:6a:ab:0e:f0:bc:37:e3:69:6f:7a:3e:c0:50:5f: d2:18:50:bc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZGV4zvhHrB1c6kWJS2UbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi Y2U4MTIwHhcNMjUxMjA2MDIwMTE5WhcNMjUxMjA3MDIwMTE5WjAzMTEwLwYDVQQD Eyg1MzhkZGI5NjgzY2I3YmRlOTlhZThiN2NlMzBkMWNiMTE4OTdjMTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD/rK4MJNyPo8uquqxfsiYAa0BwN vpheNiJKjRUKTeb2rfVfk6GnSUUJ0m/X/Q3om30Dv7TGl46Z7ItCRfByq82ckFef oIpxJpJSqvi3V+Yr1hFfrlUOoYzJB0l7xN+8BCOUGYOAa+OCdtGMAZscivdfLQe/ ECpeRPS4TTzYLz080Qjsx/jw6RIQMEwnFkjzG//PcO8+WkR9Ri0JFoDaDlA21nmV UHMqN8gmVo5aEFkYxYrSxJ63/Qy7IpQEslkB+3IA1djZu4NKFLj6+hknwRv4M8N+ EHpXacrhLlMxUrbaDX9GwVkpqX/oUh4qOpjpMolcrL9AwBH+WnBjWIPmJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFON25aDy3vema6LfOMNHLEYl8GcMB8GA1UdIwQY MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoOJN3gQ p/vG51OFi6I/gZqwU3UhtvUf1pAslmXXGNub/xTxG0fPWOG9ltE28Kz+k7XWtyGs p6QHUpNW4DKpNcKbwgDnDfiqjF0jWpD1aEARwgzeH2th+DZul8tWXMnNLTpKsPmE x3iiNxNdMwE1/5yHPST6EmUZsxfepyOKQsvSTVPda0cfdaFTxAHjuzHMWv5B0wnW +OR2WSyRfR42GtsvE0uyCzusKYv771AGDnchMtYqHhQjk4WzA2yukSlyXi6ko8iG xgJJQwIAKMjJR6Okw0t1/uzZei34aIM0MLhsx2ZZ8NRqioRPBn3+OWqrDvC8N+Np b3o+wFBf0hhQvA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:52 2025 by rpki-client