This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json) Hash identifier: Xds6aDMP7qzLpe7Ggi8Ag66TEcdY15qp2bzyX720hG4= Subject key identifier: C6:09:7A:1D:18:71:7E:F2:CB:A2:EF:1F:59:D5:F1:86:02:EA:05:58 Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Certificate serial: 019B5A1AF02EDEDB24464A5CA8170E53ACA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft Manifest number: 0179 Signing time: Fri 26 Dec 2025 10:01:13 +0000 Manifest this update: Fri 26 Dec 2025 10:01:13 +0000 Manifest next update: Sat 27 Dec 2025 10:01:13 +0000 Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: U5x6HgH63Vywk/MBSfNJPlgnoQg9MHQI4/7busDVGks=) 2: G9oTd4bBpmlm3pZMn3YyyXAVIyI.roa (hash: XC2pyO3ZNZCKadVf4J0EDWPKrfSqScmOhmM8oMNNkCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 10:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:f0:2e:de:db:24:46:4a:5c:a8:17:0e:53:ac:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Validity Not Before: Dec 26 10:01:13 2025 GMT Not After : Dec 27 10:01:13 2025 GMT Subject: CN=c6097a1d18717ef2cba2ef1f59d5f18602ea0558 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:46:49:5d:58:81:19:0a:46:b1:3a:56:e0:b1: 69:13:33:90:5e:af:8a:ba:79:01:dd:a8:32:44:f5: 75:05:f3:87:4b:00:37:ab:1c:cf:79:d8:a3:38:8a: 9a:0a:bc:84:78:6b:04:56:f2:c8:4d:c9:ec:c9:32: 82:46:92:e4:75:f4:36:3a:46:6e:4c:22:28:aa:71: af:85:c9:f9:ec:b3:01:31:53:35:5f:32:fb:dc:6e: 01:11:f6:26:86:8a:a9:d0:9e:11:bb:bc:cc:42:f8: 50:74:92:da:1d:60:6f:c4:c7:79:af:fd:e8:21:29: 6d:d4:2d:a2:62:dc:bf:16:43:85:aa:b0:fa:29:68: 1a:7f:1f:c2:90:8c:e6:c0:ba:bc:88:9d:d9:f0:fe: 6d:f8:0a:62:a1:58:27:71:b2:6c:d5:cf:3b:ee:eb: 72:50:3f:59:76:50:12:5c:46:3f:64:c7:e5:86:e0: f0:06:d6:3d:32:18:83:43:83:c5:bc:9c:49:c0:6d: 27:fa:69:13:95:3f:a1:d2:91:e7:8e:f3:cb:e6:0b: 06:3f:6b:41:55:45:10:ac:52:84:8d:fc:80:64:3f: 69:cd:c9:9a:15:33:f5:78:07:52:41:48:74:95:1f: 54:e0:08:de:af:e6:9a:b1:51:28:8c:2f:25:40:f2: c7:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:09:7A:1D:18:71:7E:F2:CB:A2:EF:1F:59:D5:F1:86:02:EA:05:58 X509v3 Authority Key Identifier: keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:ab:08:07:27:41:74:d2:4a:de:75:78:b7:75:2c:13:3d:87: 81:e0:d2:81:f7:58:07:c0:54:09:9d:03:07:2c:cb:65:32:5d: b8:8d:34:45:d0:cf:e7:ab:f5:5d:b4:d2:06:62:03:c4:a7:bd: 6f:26:14:ea:af:a6:9e:e1:23:0e:6b:e5:ef:1d:e4:ee:43:2d: 2f:98:23:c9:3b:59:4d:79:9a:56:62:4a:d8:ab:8c:ed:3a:61: bd:34:ea:76:8b:c2:54:e7:b3:8a:5e:12:87:8a:5a:36:ab:8d: c2:91:83:09:7c:ef:9d:4a:ea:72:e9:c4:3c:ba:94:00:b5:ed: a3:0d:36:d7:0f:3b:04:55:0f:2a:70:8d:bb:25:41:40:dd:5d: 3d:75:9a:57:69:8e:c6:62:1b:1b:8f:6f:b0:4b:a8:3d:e4:be: 7c:d3:c2:71:db:87:74:7d:96:ed:3a:c2:fb:80:45:6b:de:58: 9e:83:b2:4f:97:80:6d:46:6a:82:0e:d6:e2:33:33:c7:b3:7f: 48:3e:a3:69:2f:8c:c2:e6:bc:06:91:5c:41:db:1a:3a:04:72: 2b:fd:dc:16:bc:f9:80:bf:14:fc:3a:ba:38:6c:e0:98:70:d0: 4a:50:d7:f2:0c:5f:c6:9b:5d:13:75:e2:a6:22:68:59:90:20: 9f:00:7b:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGvAu3tskRkpcqBcOU6yhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm ZTUyYjkwHhcNMjUxMjI2MTAwMTEzWhcNMjUxMjI3MTAwMTEzWjAzMTEwLwYDVQQD EyhjNjA5N2ExZDE4NzE3ZWYyY2JhMmVmMWY1OWQ1ZjE4NjAyZWEwNTU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UZJXViBGQpGsTpW4LFpEzOQXq+K unkB3agyRPV1BfOHSwA3qxzPedijOIqaCryEeGsEVvLITcnsyTKCRpLkdfQ2OkZu TCIoqnGvhcn57LMBMVM1XzL73G4BEfYmhoqp0J4Ru7zMQvhQdJLaHWBvxMd5r/3o ISlt1C2iYty/FkOFqrD6KWgafx/CkIzmwLq8iJ3Z8P5t+ApioVgncbJs1c877uty UD9ZdlASXEY/ZMflhuDwBtY9MhiDQ4PFvJxJwG0n+mkTlT+h0pHnjvPL5gsGP2tB VUUQrFKEjfyAZD9pzcmaFTP1eAdSQUh0lR9U4Ajer+aasVEojC8lQPLHjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMYJeh0YcX7yy6LvH1nV8YYC6gVYMB8GA1UdIwQY MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0 LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaasIBydB dNJK3nV4t3UsEz2HgeDSgfdYB8BUCZ0DByzLZTJduI00RdDP56v1XbTSBmIDxKe9 byYU6q+mnuEjDmvl7x3k7kMtL5gjyTtZTXmaVmJK2KuM7TphvTTqdovCVOezil4S h4paNquNwpGDCXzvnUrqcunEPLqUALXtow021w87BFUPKnCNuyVBQN1dPXWaV2mO xmIbG49vsEuoPeS+fNPCcduHdH2W7TrC+4BFa95YnoOyT5eAbUZqgg7W4jMzx7N/ SD6jaS+Mwua8BpFcQdsaOgRyK/3cFrz5gL8U/Dq6OGzgmHDQSlDX8gxfxptdE3Xi piJoWZAgnwB7pQ== -----END CERTIFICATE-----Generated at Fri Dec 26 17:44:17 2025 by rpki-client