This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft File: 2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json) Hash identifier: T7wfVjwH2NpY5Hgwb+lzA6gXYhRva13PXo5mIbCLlZY= Subject key identifier: C6:EB:FA:F6:52:22:32:99:E8:3E:12:E9:A9:CC:E2:33:72:58:33:B7 Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 Certificate issuer: /CN=d86910b444de99fa81c393550c97e4a320bce812 Certificate serial: 019B330D4CDCB7462D5208FBBBEE09DE8CEC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft Manifest number: 0E8B Signing time: Thu 18 Dec 2025 20:01:08 +0000 Manifest this update: Thu 18 Dec 2025 20:01:08 +0000 Manifest next update: Fri 19 Dec 2025 20:01:08 +0000 Files and hashes: 1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: 437lpixUKGpZGaE+BJRNjUOaSb3bMDibOrAS10i4prg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:0d:4c:dc:b7:46:2d:52:08:fb:bb:ee:09:de:8c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812 Validity Not Before: Dec 18 20:01:08 2025 GMT Not After : Dec 19 20:01:08 2025 GMT Subject: CN=c6ebfaf652223299e83e12e9a9cce233725833b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e0:b6:ac:87:df:d2:2c:77:dd:03:14:a6:8b: 8e:44:09:71:5e:06:71:2c:8f:d9:34:90:bc:61:b4: 39:a4:f6:96:b2:7a:a6:4e:48:78:8e:6f:87:38:7b: 62:ef:1f:30:22:82:b8:df:8c:ab:87:f9:39:2f:e5: 65:d8:9f:e4:0a:80:3e:e5:48:97:84:59:e2:46:a6: e4:94:1f:ad:40:cd:c5:f6:77:b2:45:34:1f:af:e7: 5a:a1:d5:e8:80:7d:a6:81:a4:e9:0d:e4:38:6e:27: 0d:17:18:dc:c8:52:55:4c:0e:76:e2:35:3b:01:65: e8:c4:00:03:a8:ec:40:be:d3:cd:45:80:fd:55:93: ac:cf:84:e2:4c:08:3f:19:2d:a1:e9:11:6b:b4:c4: 79:7d:3d:ab:49:06:fb:c6:ab:44:29:ac:0f:6b:b7: 33:c4:21:1b:d1:b7:d2:79:c1:ea:06:91:99:4f:c0: fa:08:c9:1d:95:91:f1:f9:ff:fa:46:9b:78:f1:22: 8c:dd:24:e2:cf:79:4c:1c:2f:3d:af:71:02:69:07: 0c:5f:12:ec:29:49:19:75:7f:21:be:3a:a2:15:20: 1a:2b:76:2b:47:c5:81:e7:65:7a:c1:cc:df:25:5c: 37:af:21:9f:70:e8:b1:a5:34:ff:ff:4d:f6:0e:b0: 73:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:EB:FA:F6:52:22:32:99:E8:3E:12:E9:A9:CC:E2:33:72:58:33:B7 X509v3 Authority Key Identifier: keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:27:94:11:be:20:16:e0:b6:40:b9:05:61:5e:06:ff:0a:cd: dd:4a:13:ac:dd:3e:90:24:c1:56:9f:66:79:1a:ee:12:5f:30: ac:0f:ad:62:76:87:bf:58:1e:69:f4:11:78:bf:3f:83:91:6e: 3b:61:6b:cc:48:ac:d5:08:ee:6a:87:e4:ee:bd:5b:9c:1f:89: a7:5a:9d:32:7a:a5:af:76:30:d0:fa:80:2c:d5:57:cf:b4:08: bb:05:5f:b7:8f:43:f8:a8:19:4f:7e:03:89:48:11:1b:dd:02: 92:71:3d:71:4c:31:61:10:24:ae:03:68:1e:a5:7b:80:5f:24: 34:ad:0a:a1:4f:5d:ce:84:a7:b9:61:86:bd:4d:00:df:0b:30: 30:91:f1:6a:c1:48:6c:0d:91:d0:cf:8a:58:13:00:df:54:0c: 9e:29:b6:a3:14:7f:6e:57:df:35:bf:50:43:f5:66:c6:b0:39: 78:80:81:84:2c:ae:25:fd:73:ed:44:25:ec:dd:5e:9e:cc:d2: cf:c5:e8:74:e0:32:ad:53:3c:8f:c5:d8:28:f2:08:22:88:49: b1:fa:fd:e2:7a:30:69:c9:c9:24:c2:10:87:b3:05:6b:e6:4f: 47:27:17:36:d0:d7:87:09:95:e3:52:8f:bc:ac:e2:63:40:2a: f9:99:bc:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszDUzct0YtUgj7u+4J3ozsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi Y2U4MTIwHhcNMjUxMjE4MjAwMTA4WhcNMjUxMjE5MjAwMTA4WjAzMTEwLwYDVQQD EyhjNmViZmFmNjUyMjIzMjk5ZTgzZTEyZTlhOWNjZTIzMzcyNTgzM2I3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeC2rIff0ix33QMUpouORAlxXgZx LI/ZNJC8YbQ5pPaWsnqmTkh4jm+HOHti7x8wIoK434yrh/k5L+Vl2J/kCoA+5UiX hFniRqbklB+tQM3F9neyRTQfr+daodXogH2mgaTpDeQ4bicNFxjcyFJVTA524jU7 AWXoxAADqOxAvtPNRYD9VZOsz4TiTAg/GS2h6RFrtMR5fT2rSQb7xqtEKawPa7cz xCEb0bfSecHqBpGZT8D6CMkdlZHx+f/6Rpt48SKM3STiz3lMHC89r3ECaQcMXxLs KUkZdX8hvjqiFSAaK3YrR8WB52V6wczfJVw3ryGfcOixpTT//032DrBzmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMbr+vZSIjKZ6D4S6anM4jNyWDO3MB8GA1UdIwQY MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOyeUEb4g FuC2QLkFYV4G/wrN3UoTrN0+kCTBVp9meRruEl8wrA+tYnaHv1geafQReL8/g5Fu O2FrzEis1Qjuaofk7r1bnB+Jp1qdMnqlr3Yw0PqALNVXz7QIuwVft49D+KgZT34D iUgRG90CknE9cUwxYRAkrgNoHqV7gF8kNK0KoU9dzoSnuWGGvU0A3wswMJHxasFI bA2R0M+KWBMA31QMnim2oxR/blffNb9QQ/VmxrA5eICBhCyuJf1z7UQl7N1enszS z8XodOAyrVM8j8XYKPIIIohJsfr94nowacnJJMIQh7MFa+ZPRycXNtDXhwmV41KP vKziY0Aq+Zm87w== -----END CERTIFICATE-----Generated at Thu Dec 18 23:07:20 2025 by rpki-client