This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json) Hash identifier: HQqja9zPoxrI7rqTpDyfuPezndu0dsQmn7W2BubkDyc= Subject key identifier: 02:5C:07:F8:3C:61:8C:60:38:A5:D0:8E:7B:F4:0A:2F:1D:E0:B2:34 Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df Certificate serial: 019B3344ACE34F89801F0DB394AD09DABAEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft Manifest number: 0431 Signing time: Thu 18 Dec 2025 21:01:37 +0000 Manifest this update: Thu 18 Dec 2025 21:01:37 +0000 Manifest next update: Fri 19 Dec 2025 21:01:37 +0000 Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: OWK8wcqBWsqEECXOJCInBHi0XUtI8Yza8vWbDqMl9Sk=) 2: S9_pIBHq75Wq7oGW-jAli5gxMaE.roa (hash: cpq5fUvjVAhKKLO06wh9HRGgk0x/xpun3Cli9g36l8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:ac:e3:4f:89:80:1f:0d:b3:94:ad:09:da:ba:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df Validity Not Before: Dec 18 21:01:37 2025 GMT Not After : Dec 19 21:01:37 2025 GMT Subject: CN=025c07f83c618c6038a5d08e7bf40a2f1de0b234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:80:19:5e:83:a7:93:38:24:8c:14:be:de:82: c6:e9:f2:15:e5:e6:4f:ff:74:5b:67:1b:a0:5c:0d: 3a:25:1b:45:a4:27:34:9e:2c:7d:c0:87:94:c5:94: e6:17:ce:e8:8c:8b:36:ec:aa:2a:48:db:02:21:a4: e9:fd:c9:c3:71:98:1e:4a:e2:57:71:aa:ab:65:19: 5a:78:4d:6f:b7:b2:eb:15:46:4b:97:b8:83:70:3b: 87:de:ae:fc:01:40:9e:3f:54:f3:b9:d5:fb:1a:03: c1:34:8e:33:ad:ef:fd:78:1a:8b:ed:be:dc:25:f2: ba:c9:56:a9:89:db:a9:66:c4:96:35:d9:2d:58:27: c6:01:d7:99:15:fc:0d:52:49:8a:f8:0d:54:19:bb: 16:3c:8a:dc:b7:4f:f3:78:32:eb:f3:86:15:79:45: ff:0b:d2:21:2f:2c:9f:8b:18:03:70:b1:f0:4b:b7: 6d:d4:d7:e7:f3:30:8d:bd:5f:ed:dc:b8:ae:f3:d1: 9f:6c:73:79:c1:f9:30:23:4c:e8:18:c9:48:12:99: 05:28:dd:e2:fb:8c:82:17:e7:75:92:bf:9f:6e:f8: 2e:d8:94:7e:d0:e0:e1:cf:21:91:ac:0c:47:c7:b4: e1:d0:68:37:74:52:46:a4:a7:f6:39:24:fc:b4:ab: fa:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:5C:07:F8:3C:61:8C:60:38:A5:D0:8E:7B:F4:0A:2F:1D:E0:B2:34 X509v3 Authority Key Identifier: keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:ce:1b:e8:35:ba:91:f8:2b:88:ed:18:3d:b6:46:45:b6:19: c8:d3:a7:ac:f5:d0:89:8b:c9:18:8e:6b:07:5e:a5:5c:69:c9: a7:56:37:7c:d5:5c:68:01:2a:95:47:26:d8:4d:ff:63:0d:3c: 28:0c:cc:0c:e4:da:70:43:2f:32:c9:9b:ed:c2:f8:ea:21:d9: 90:13:04:42:b9:66:f1:e6:0e:f1:ed:e1:fd:6a:bb:63:da:b2: b5:4c:94:27:82:36:e6:3f:76:35:3f:ac:54:6f:4a:36:d1:b9: 4c:3a:a4:63:ad:77:83:dd:55:e0:71:c9:82:84:38:fc:1b:50: fb:4e:17:6d:75:55:9f:e0:fb:28:ea:51:c5:09:d9:5f:eb:f6: 2c:d6:52:e4:35:ce:f3:31:e7:e1:a0:2d:b3:7d:84:9d:43:98: bf:f2:ff:2f:0c:0e:ca:1e:83:2d:54:af:1b:e0:16:de:3f:57: e4:65:37:4f:0d:8a:da:d2:33:2e:88:f4:1b:ca:20:e6:ee:ad: 96:4f:98:27:38:e6:b9:64:e4:75:b9:a5:20:75:06:0e:c9:75: 01:b2:8a:5e:a7:eb:67:6f:e4:db:47:52:6d:39:fe:78:b5:e3: 85:72:7e:33:08:4d:72:f5:b9:b0:09:b2:28:16:1a:de:60:ed: ff:84:26:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRKzjT4mAHw2zlK0J2rrrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz OTI3ZGYwHhcNMjUxMjE4MjEwMTM3WhcNMjUxMjE5MjEwMTM3WjAzMTEwLwYDVQQD EygwMjVjMDdmODNjNjE4YzYwMzhhNWQwOGU3YmY0MGEyZjFkZTBiMjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYAZXoOnkzgkjBS+3oLG6fIV5eZP /3RbZxugXA06JRtFpCc0nix9wIeUxZTmF87ojIs27KoqSNsCIaTp/cnDcZgeSuJX caqrZRlaeE1vt7LrFUZLl7iDcDuH3q78AUCeP1TzudX7GgPBNI4zre/9eBqL7b7c JfK6yVapidupZsSWNdktWCfGAdeZFfwNUkmK+A1UGbsWPIrct0/zeDLr84YVeUX/ C9IhLyyfixgDcLHwS7dt1Nfn8zCNvV/t3Liu89GfbHN5wfkwI0zoGMlIEpkFKN3i +4yCF+d1kr+fbvgu2JR+0ODhzyGRrAxHx7Th0Gg3dFJGpKf2OST8tKv6yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAJcB/g8YYxgOKXQjnv0Ci8d4LI0MB8GA1UdIwQY MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaM4b6DW6 kfgriO0YPbZGRbYZyNOnrPXQiYvJGI5rB16lXGnJp1Y3fNVcaAEqlUcm2E3/Yw08 KAzMDOTacEMvMsmb7cL46iHZkBMEQrlm8eYO8e3h/Wq7Y9qytUyUJ4I25j92NT+s VG9KNtG5TDqkY613g91V4HHJgoQ4/BtQ+04XbXVVn+D7KOpRxQnZX+v2LNZS5DXO 8zHn4aAts32EnUOYv/L/LwwOyh6DLVSvG+AW3j9X5GU3Tw2K2tIzLoj0G8og5u6t lk+YJzjmuWTkdbmlIHUGDsl1AbKKXqfrZ2/k20dSbTn+eLXjhXJ+MwhNcvW5sAmy KBYa3mDt/4Qmgw== -----END CERTIFICATE-----Generated at Fri Dec 19 07:00:19 2025 by rpki-client