This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft File: 2Bytep8KCbPVTabNzedDEvrMbXc.mft (raw, json) Hash identifier: nMBe9TRjZ0up7OtBNk4x/kIWV0vlvu+jL86IRBocS5k= Subject key identifier: C9:E7:6C:32:68:86:4D:C7:EB:5A:1B:11:75:45:7F:A5:24:81:D9:11 Authority key identifier: D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77 Certificate issuer: /CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77 Certificate serial: 019AF19B04A3B56627854A55DC51330C7518 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft Manifest number: 09CB Signing time: Sat 06 Dec 2025 03:00:59 +0000 Manifest this update: Sat 06 Dec 2025 03:00:59 +0000 Manifest next update: Sun 07 Dec 2025 03:00:59 +0000 Files and hashes: 1: 2Bytep8KCbPVTabNzedDEvrMbXc.crl (hash: 1vyiO7fRm+9HrfwpIf0T0S8LQLob6DaiV/caVary7qg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:04:a3:b5:66:27:85:4a:55:dc:51:33:0c:75:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77 Validity Not Before: Dec 6 03:00:59 2025 GMT Not After : Dec 7 03:00:59 2025 GMT Subject: CN=c9e76c3268864dc7eb5a1b1175457fa52481d911 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:94:4f:73:ee:41:15:39:9b:d7:f4:61:02:d4: a9:ae:bb:f4:81:79:36:a3:bd:61:27:3f:e8:92:c6: 4a:6e:c1:fb:0d:e3:68:8f:29:b9:ae:6f:70:cf:41: ef:64:1d:5d:c4:96:44:6b:a5:75:60:7b:b7:22:9f: 92:fd:f1:bc:d3:25:4c:d4:56:c0:41:1e:45:16:04: 80:9d:5f:8e:48:e4:69:9b:a3:64:14:6f:11:78:c4: 86:c5:58:80:17:67:75:be:25:16:c3:ec:7a:5d:81: e9:98:69:32:68:df:03:85:64:af:63:f0:49:35:32: 63:6c:dd:bc:ea:60:61:ab:50:0d:1b:68:99:c9:81: ff:22:1c:72:31:26:f1:57:fc:8b:9c:ab:4d:9f:f0: 33:7f:70:a8:75:d0:fb:d9:1c:78:58:b3:57:d2:f4: 6c:84:8d:21:43:14:75:0e:7c:f0:23:12:9c:41:1f: b2:72:da:9b:d5:a0:1f:35:72:30:19:10:7b:de:15: 6d:aa:9c:b8:fd:e7:47:56:1e:d9:46:f1:f2:08:d6: 81:ef:14:ad:2a:5d:45:5f:b8:d5:85:55:73:00:4e: 4b:e3:2d:47:49:6b:dd:70:56:2b:08:ea:f7:91:e1: f1:65:94:75:6e:82:81:67:33:a1:58:cc:1b:ad:e1: 88:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E7:6C:32:68:86:4D:C7:EB:5A:1B:11:75:45:7F:A5:24:81:D9:11 X509v3 Authority Key Identifier: keyid:D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:01:db:53:1d:d1:50:ae:1f:8c:a3:9d:1e:96:52:e1:d6:ad: db:06:d3:1e:37:6e:b1:c4:0c:bd:1b:e4:c6:61:5c:5f:55:3c: 71:3a:d8:e1:5c:9c:07:57:75:7c:4b:05:93:d0:04:04:f7:92: 42:f4:b8:26:d1:39:e4:d0:d1:1c:9d:c1:4e:f4:10:40:0b:12: 18:15:30:66:49:28:77:8d:ae:bb:07:1d:fc:f0:7c:ba:21:be: dc:a5:4b:cc:20:2b:b0:79:86:39:e4:53:ec:24:be:e1:4e:48: b7:68:5d:01:6c:24:14:27:87:9f:67:a5:28:49:38:38:c5:34: f6:58:2f:ce:0c:72:ce:77:e8:51:6f:35:a2:32:19:c6:37:91: 92:19:e0:4d:89:3f:d1:fd:0d:af:eb:ac:c3:ae:ce:1e:9b:46: 58:0e:55:ea:2c:3c:de:49:88:58:09:cd:e5:0d:2f:aa:27:90: 01:08:8e:f3:f5:a6:a8:16:a3:ea:71:b8:9f:e3:17:e6:b9:6f: 33:84:4e:b6:b9:7e:b4:bc:54:b7:e1:27:80:24:b9:b8:9c:c3: 67:31:df:15:57:41:1c:97:4d:e1:d5:6f:d8:0c:a8:67:24:68: 75:61:ed:6e:14:c9:fd:8d:b2:08:4c:18:3e:f5:29:ea:3d:6d: 2c:9f:22:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmwSjtWYnhUpV3FEzDHUYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MWNhZDdhOWYwYTA5YjNkNTRkYTZjZGNkZTc0MzEyZmFj YzZkNzcwHhcNMjUxMjA2MDMwMDU5WhcNMjUxMjA3MDMwMDU5WjAzMTEwLwYDVQQD EyhjOWU3NmMzMjY4ODY0ZGM3ZWI1YTFiMTE3NTQ1N2ZhNTI0ODFkOTExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspRPc+5BFTmb1/RhAtSprrv0gXk2 o71hJz/oksZKbsH7DeNojym5rm9wz0HvZB1dxJZEa6V1YHu3Ip+S/fG80yVM1FbA QR5FFgSAnV+OSORpm6NkFG8ReMSGxViAF2d1viUWw+x6XYHpmGkyaN8DhWSvY/BJ NTJjbN286mBhq1ANG2iZyYH/IhxyMSbxV/yLnKtNn/Azf3CoddD72Rx4WLNX0vRs hI0hQxR1DnzwIxKcQR+yctqb1aAfNXIwGRB73hVtqpy4/edHVh7ZRvHyCNaB7xSt Kl1FX7jVhVVzAE5L4y1HSWvdcFYrCOr3keHxZZR1boKBZzOhWMwbreGIrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMnnbDJohk3H61obEXVFf6UkgdkRMB8GA1UdIwQY MBaAFNgcrXqfCgmz1U2mzc3nQxL6zG13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAt ZDNlYTcwN2M4ZjE4LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAtZDNlYTcwN2M4ZjE4 LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAowHbUx3R UK4fjKOdHpZS4dat2wbTHjduscQMvRvkxmFcX1U8cTrY4VycB1d1fEsFk9AEBPeS QvS4JtE55NDRHJ3BTvQQQAsSGBUwZkkod42uuwcd/PB8uiG+3KVLzCArsHmGOeRT 7CS+4U5It2hdAWwkFCeHn2elKEk4OMU09lgvzgxyznfoUW81ojIZxjeRkhngTYk/ 0f0Nr+usw67OHptGWA5V6iw83kmIWAnN5Q0vqieQAQiO8/WmqBaj6nG4n+MX5rlv M4ROtrl+tLxUt+EngCS5uJzDZzHfFVdBHJdN4dVv2AyoZyRodWHtbhTJ/Y2yCEwY PvUp6j1tLJ8i4g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:23 2025 by rpki-client