This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft File: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft (raw, json) Hash identifier: wdFa53BjswOABU2RlzkqU/DYgCExCMyKZT267cRGn4A= Subject key identifier: 74:FC:81:FF:86:2E:4B:70:B2:91:2C:87:01:F6:90:BB:52:4A:1E:FF Authority key identifier: DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34 Certificate issuer: /CN=db211be3755559ca102520c13670d08580d70334 Certificate serial: 019AF1D1A2B9FF80BB18CB878F53182C4151 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft Manifest number: 4E Signing time: Sat 06 Dec 2025 04:00:38 +0000 Manifest this update: Sat 06 Dec 2025 04:00:38 +0000 Manifest next update: Sun 07 Dec 2025 04:00:38 +0000 Files and hashes: 1: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl (hash: ZT9hCPzYy3XHcHK65oamJmMygAiHaYYU/DeXXAxDi4A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a2:b9:ff:80:bb:18:cb:87:8f:53:18:2c:41:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db211be3755559ca102520c13670d08580d70334 Validity Not Before: Dec 6 04:00:38 2025 GMT Not After : Dec 7 04:00:38 2025 GMT Subject: CN=74fc81ff862e4b70b2912c8701f690bb524a1eff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:20:00:40:2b:53:e3:f8:24:3c:27:e7:d0:fa: 27:b6:2e:40:b3:57:10:08:b5:10:24:50:fb:b3:48: 64:bf:87:10:2e:3e:cd:f4:40:16:f4:62:1e:13:60: 3e:8b:ed:4d:0e:37:44:dc:03:ae:48:f7:36:65:c2: 15:7d:1d:b8:7e:ba:8e:6d:5b:a3:6b:13:59:c2:0d: 03:0f:bb:0e:63:30:67:4f:6e:6b:6c:0c:2a:fa:82: b8:98:1d:c5:ef:8e:30:7d:2c:06:e6:f0:e6:f9:a6: 1b:98:5b:a0:59:39:9e:8f:d5:b2:08:c5:83:f7:cc: b5:b2:cd:bb:29:a1:4c:29:7c:22:99:a1:a9:b3:7c: bd:ad:58:a3:88:3c:da:ef:de:1e:d9:f3:2e:4b:aa: 31:f3:f7:a5:a5:12:3a:50:23:aa:ab:91:7c:e5:cd: 4f:99:49:0b:34:3a:ea:5a:07:ee:73:4f:d3:82:7a: fb:60:67:ee:4d:db:0c:f8:5e:85:f2:cd:36:ba:cd: ce:e0:a6:da:03:5c:6d:35:3d:7f:a5:0d:bd:5c:b6: 06:3f:ad:7c:bd:56:36:37:d7:71:99:7c:b2:cc:3e: 08:f5:e9:54:d6:b2:f7:68:f9:4d:57:9e:9c:13:84: 7e:75:30:d6:4c:4f:bb:49:7e:16:a1:c1:e6:bd:31: b8:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:FC:81:FF:86:2E:4B:70:B2:91:2C:87:01:F6:90:BB:52:4A:1E:FF X509v3 Authority Key Identifier: keyid:DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:b9:47:23:83:88:e1:bc:1c:a2:0a:36:44:00:ad:40:22:8c: 07:91:be:cd:e6:32:1c:9f:9b:9f:b9:6f:82:0e:a3:42:f1:c8: a9:92:ae:9e:0a:9e:b9:57:7b:5a:ee:3c:9f:d1:a7:7c:94:71: 58:e6:e0:3e:f2:f4:e8:ab:64:0b:5a:53:19:21:c0:9b:ba:3c: 1b:96:b8:c4:5b:c3:fa:1f:a3:aa:20:ff:7c:b6:90:a1:dd:9c: d8:dc:99:cc:2a:49:37:87:a4:01:3d:44:9c:bb:9d:49:da:24: 10:e9:f5:88:a3:d7:f0:0e:71:62:fb:56:44:9b:6d:3f:7d:b4: db:36:87:ce:44:56:6d:5f:b7:8b:a7:1c:3a:c9:67:16:df:98: f4:00:8c:24:ba:98:e7:8c:dc:73:03:aa:84:bc:a0:17:2a:fb: bb:dc:9a:be:ef:54:e7:e1:ad:57:59:55:12:8a:20:c4:7a:94: 83:de:b4:55:2c:d4:85:1e:9b:fc:db:0a:c5:dd:ea:39:ed:57: 7a:54:36:6e:d1:8f:8d:2a:09:e5:c0:16:02:b7:e4:e0:33:49: c5:3e:a7:62:7d:8b:4f:ff:ab:7d:24:5d:55:3e:0d:e7:f5:79: b6:0d:d7:16:e5:18:30:20:9d:bb:90:b3:4d:51:b4:64:d7:28: 6e:da:33:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0aK5/4C7GMuHj1MYLEFRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMjExYmUzNzU1NTU5Y2ExMDI1MjBjMTM2NzBkMDg1ODBk NzAzMzQwHhcNMjUxMjA2MDQwMDM4WhcNMjUxMjA3MDQwMDM4WjAzMTEwLwYDVQQD Eyg3NGZjODFmZjg2MmU0YjcwYjI5MTJjODcwMWY2OTBiYjUyNGExZWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyAAQCtT4/gkPCfn0Ponti5As1cQ CLUQJFD7s0hkv4cQLj7N9EAW9GIeE2A+i+1NDjdE3AOuSPc2ZcIVfR24frqObVuj axNZwg0DD7sOYzBnT25rbAwq+oK4mB3F744wfSwG5vDm+aYbmFugWTmej9WyCMWD 98y1ss27KaFMKXwimaGps3y9rVijiDza794e2fMuS6ox8/elpRI6UCOqq5F85c1P mUkLNDrqWgfuc0/Tgnr7YGfuTdsM+F6F8s02us3O4KbaA1xtNT1/pQ29XLYGP618 vVY2N9dxmXyyzD4I9elU1rL3aPlNV56cE4R+dTDWTE+7SX4WocHmvTG4eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHT8gf+GLktwspEshwH2kLtSSh7/MB8GA1UdIwQY MBaAFNshG+N1VVnKECUgwTZw0IWA1wM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2Mt ODdhMTk0MWYxYmUzLzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2MtODdhMTk0MWYxYmUz LzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeLlHI4OI 4bwcogo2RACtQCKMB5G+zeYyHJ+bn7lvgg6jQvHIqZKungqeuVd7Wu48n9GnfJRx WObgPvL06KtkC1pTGSHAm7o8G5a4xFvD+h+jqiD/fLaQod2c2NyZzCpJN4ekAT1E nLudSdokEOn1iKPX8A5xYvtWRJttP3202zaHzkRWbV+3i6ccOslnFt+Y9ACMJLqY 54zccwOqhLygFyr7u9yavu9U5+GtV1lVEoogxHqUg960VSzUhR6b/NsKxd3qOe1X elQ2btGPjSoJ5cAWArfk4DNJxT6nYn2LT/+rfSRdVT4N5/V5tg3XFuUYMCCdu5Cz TVG0ZNcobtoztw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:42:05 2025 by rpki-client