This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft File: 2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json) Hash identifier: rAUFrpQykC1lGkLFTGRbbtuRIdiqAqEQG8TGlu5NgcY= Subject key identifier: 57:9F:42:32:31:CF:83:28:62:EC:86:80:D2:88:6F:46:9D:E1:4A:96 Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D Certificate issuer: /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Certificate serial: 019B35A015C5C7CE24A2FBCC46A85176BEFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft Manifest number: 0B91 Signing time: Fri 19 Dec 2025 08:00:42 +0000 Manifest this update: Fri 19 Dec 2025 08:00:42 +0000 Manifest next update: Sat 20 Dec 2025 08:00:42 +0000 Files and hashes: 1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: C19Rg8q3oo55vCulOhpUzq4lCVAiHtNKm7qjD4sSpgI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a0:15:c5:c7:ce:24:a2:fb:cc:46:a8:51:76:be:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Validity Not Before: Dec 19 08:00:42 2025 GMT Not After : Dec 20 08:00:42 2025 GMT Subject: CN=579f423231cf832862ec8680d2886f469de14a96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:10:49:d1:ed:a0:71:30:8b:e3:c5:b6:09:04: 99:e9:a3:00:e3:3d:e7:18:c7:f7:98:ba:39:91:3f: 06:55:fe:e8:1f:68:76:88:1c:d0:3b:83:5f:f8:01: e1:51:a0:36:76:be:3f:d9:b1:12:1b:b6:2f:5d:b9: cf:bc:1f:53:a9:a8:1e:3c:e5:4a:b6:5c:45:aa:ed: a5:ed:3c:11:1b:81:1e:71:02:5f:0a:a7:80:ff:70: 09:d7:8a:14:b9:ce:c8:9a:cb:83:cc:29:f3:30:17: 70:2a:2e:19:d3:c4:99:5d:b5:91:fb:54:c9:df:a6: 55:36:0a:26:27:e9:d1:f8:22:59:d8:5d:b8:92:ac: 39:56:e7:03:ba:78:e5:49:fb:27:2a:43:fa:92:98: 73:23:35:cc:4f:67:36:c3:06:26:ec:4f:6d:1b:e3: f4:ad:17:1e:09:e1:11:b3:b8:63:b7:37:2b:0b:29: 2b:4e:31:27:f3:0a:1e:75:65:84:53:c2:8b:e0:4a: 6a:3e:bc:b1:11:2a:79:99:05:a4:03:69:d9:2c:93: 57:12:3c:d7:3c:ea:65:53:93:aa:6d:98:63:2a:4a: 8d:2a:98:7b:62:6c:8c:53:70:9d:f9:c1:64:7e:fd: 43:55:cb:4e:0e:8a:ab:14:db:51:7a:73:19:1d:a4: 0a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:9F:42:32:31:CF:83:28:62:EC:86:80:D2:88:6F:46:9D:E1:4A:96 X509v3 Authority Key Identifier: keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:7d:f0:4d:aa:cb:f6:c7:ff:55:4f:25:06:fe:4e:5b:d6:03: 21:f0:41:48:e8:af:41:88:d0:3f:31:40:a3:7c:db:e8:a5:a3: 28:dd:dd:14:93:8f:d1:a0:c8:89:08:1c:30:d4:c3:05:69:4e: 41:be:67:cc:f1:08:7c:b2:d1:5c:15:27:11:4b:c0:ae:33:ca: 16:98:48:0d:be:72:17:44:6d:fb:ea:82:06:21:7f:36:81:8c: 82:ba:ef:60:87:75:f7:10:61:08:35:80:3f:38:5d:d2:ba:33: a4:e1:8a:f7:9a:b6:ea:d5:b8:51:2c:d6:d2:f3:ff:a3:de:c8: 7a:f9:16:63:d1:dd:a6:70:dd:aa:da:63:b0:fd:10:94:4d:01: 3e:24:a8:6a:ff:88:e8:91:35:89:0b:6f:be:9c:8a:45:c4:e1: 58:82:a5:77:3e:c3:37:ee:15:14:ef:40:61:f2:48:31:17:80: 50:12:08:96:97:d1:2f:82:a3:67:f1:d6:0f:8d:2c:cc:06:cc: 95:65:f2:5a:3e:f7:47:9f:99:bb:8a:fe:ee:08:76:1a:1b:67: 83:02:1d:93:76:5c:97:a5:50:12:ab:54:be:dc:80:0e:c5:d2: c5:34:c9:0a:3d:8a:4d:d4:1d:f2:51:88:04:8b:e8:d7:18:82: d1:64:0e:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oBXFx84kovvMRqhRdr77MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx MjZkMGQwHhcNMjUxMjE5MDgwMDQyWhcNMjUxMjIwMDgwMDQyWjAzMTEwLwYDVQQD Eyg1NzlmNDIzMjMxY2Y4MzI4NjJlYzg2ODBkMjg4NmY0NjlkZTE0YTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RBJ0e2gcTCL48W2CQSZ6aMA4z3n GMf3mLo5kT8GVf7oH2h2iBzQO4Nf+AHhUaA2dr4/2bESG7YvXbnPvB9TqagePOVK tlxFqu2l7TwRG4EecQJfCqeA/3AJ14oUuc7ImsuDzCnzMBdwKi4Z08SZXbWR+1TJ 36ZVNgomJ+nR+CJZ2F24kqw5VucDunjlSfsnKkP6kphzIzXMT2c2wwYm7E9tG+P0 rRceCeERs7hjtzcrCykrTjEn8woedWWEU8KL4EpqPryxESp5mQWkA2nZLJNXEjzX POplU5OqbZhjKkqNKph7YmyMU3Cd+cFkfv1DVctODoqrFNtRenMZHaQK1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFefQjIxz4MoYuyGgNKIb0ad4UqWMB8GA1UdIwQY MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANH3wTarL 9sf/VU8lBv5OW9YDIfBBSOivQYjQPzFAo3zb6KWjKN3dFJOP0aDIiQgcMNTDBWlO Qb5nzPEIfLLRXBUnEUvArjPKFphIDb5yF0Rt++qCBiF/NoGMgrrvYId19xBhCDWA Pzhd0rozpOGK95q26tW4USzW0vP/o97IevkWY9HdpnDdqtpjsP0QlE0BPiSoav+I 6JE1iQtvvpyKRcThWIKldz7DN+4VFO9AYfJIMReAUBIIlpfRL4KjZ/HWD40szAbM lWXyWj73R5+Zu4r+7gh2GhtngwIdk3Zcl6VQEqtUvtyADsXSxTTJCj2KTdQd8lGI BIvo1xiC0WQOIA== -----END CERTIFICATE-----Generated at Fri Dec 19 09:32:35 2025 by rpki-client