This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json) Hash identifier: w+9d3RC7r56vyFgjm3qJ0n2cVOGffXzBhgW1bC1WjXc= Subject key identifier: 39:9E:F0:D6:8A:5F:2D:AE:26:E1:6B:1C:24:C2:2D:9E:38:92:B6:8E Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df Certificate serial: 019B25BFA8389F4C735A44407DBB853C8EAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft Manifest number: 042A Signing time: Tue 16 Dec 2025 06:01:15 +0000 Manifest this update: Tue 16 Dec 2025 06:01:15 +0000 Manifest next update: Wed 17 Dec 2025 06:01:15 +0000 Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: 6tbMuk2YHNxDmKH2VmdR7TGyI6MjIaf2QutcwkwwMBc=) 2: S9_pIBHq75Wq7oGW-jAli5gxMaE.roa (hash: cpq5fUvjVAhKKLO06wh9HRGgk0x/xpun3Cli9g36l8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 06:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:bf:a8:38:9f:4c:73:5a:44:40:7d:bb:85:3c:8e:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df Validity Not Before: Dec 16 06:01:15 2025 GMT Not After : Dec 17 06:01:15 2025 GMT Subject: CN=399ef0d68a5f2dae26e16b1c24c22d9e3892b68e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8a:30:23:d4:57:27:f8:b9:1f:51:42:52:56: e7:08:8a:73:d7:98:86:25:ee:5b:8c:3f:90:10:00: 6f:3a:61:38:d3:93:1d:d5:33:df:22:01:71:6c:b8: 9a:07:c0:a0:b1:77:46:af:5f:ad:7b:89:d4:9b:49: d2:a2:35:6b:35:04:63:a3:b4:e3:4e:a6:51:2f:0f: 59:14:2f:12:85:ef:87:59:1f:d5:be:46:b2:2f:e8: 72:7a:d1:97:84:8d:c2:7c:19:d4:08:74:28:b4:4c: bc:f4:4d:ab:d0:a0:ec:82:a4:15:d1:01:3d:6b:2a: 6d:e8:7e:05:50:ce:d9:a6:d1:a8:01:b9:03:36:b3: 3a:2e:a7:90:3b:f7:c3:a8:0b:18:ba:2b:f9:eb:87: 3c:72:aa:ad:d4:f1:69:8e:e4:7f:bf:61:15:6b:39: 5c:1f:fc:18:fe:9c:e1:0d:31:84:e4:72:9f:3f:06: d8:b2:3b:08:d5:89:a3:0c:b8:98:4e:4c:44:dd:12: 82:9d:ff:65:1a:b9:66:9d:4c:60:36:86:d9:4e:1e: 0a:4c:dc:f5:c3:ca:8f:ba:a2:70:70:39:10:22:aa: da:dd:32:dd:1e:d0:3c:4e:79:d3:6b:94:a0:e5:3c: f8:bb:29:e3:5b:9b:a0:e3:c7:66:87:5c:22:c5:4b: 2c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:9E:F0:D6:8A:5F:2D:AE:26:E1:6B:1C:24:C2:2D:9E:38:92:B6:8E X509v3 Authority Key Identifier: keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:df:49:bb:17:b3:2c:a0:8e:03:39:f6:d8:48:82:4f:8d:8b: 79:45:3d:95:ef:5d:62:15:9b:8d:78:4e:bd:8d:80:58:5e:f0: 2a:45:72:31:fb:32:a1:93:ad:52:0e:3d:4b:58:73:17:65:fd: 09:91:61:8c:a7:83:8c:7e:6c:f5:7a:07:b4:08:e0:2c:38:52: a5:d2:2f:f4:8e:93:ce:be:63:13:f3:eb:64:d5:98:56:39:84: d5:ea:83:99:ce:2d:ab:9f:1f:11:99:33:81:0f:7c:f6:42:25: a7:92:37:23:82:25:b4:93:fa:f4:40:27:79:66:df:bd:c5:08: 0d:65:1f:95:69:b3:6d:95:df:d1:aa:a5:0a:25:34:1b:d2:6a: a1:6e:43:62:7b:c7:3c:2f:46:44:4f:03:65:56:62:c6:e5:8b: 55:2b:71:a0:6c:ae:ef:94:f8:e0:dc:37:60:07:a8:77:be:cf: d9:e7:d0:9f:aa:c4:7b:f1:96:09:c1:3f:56:07:6b:32:59:6f: a9:19:6d:c6:eb:67:5f:80:bd:84:cf:59:88:0f:77:f6:47:ca: de:41:62:5b:19:5c:d6:bd:52:16:3c:72:a7:d4:6c:a2:cf:8b: 40:c3:a6:6f:d2:e8:33:fe:21:f9:53:b3:7e:9e:43:5f:97:28: 81:34:9d:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslv6g4n0xzWkRAfbuFPI6uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz OTI3ZGYwHhcNMjUxMjE2MDYwMTE1WhcNMjUxMjE3MDYwMTE1WjAzMTEwLwYDVQQD EygzOTllZjBkNjhhNWYyZGFlMjZlMTZiMWMyNGMyMmQ5ZTM4OTJiNjhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIowI9RXJ/i5H1FCUlbnCIpz15iG Je5bjD+QEABvOmE405Md1TPfIgFxbLiaB8CgsXdGr1+te4nUm0nSojVrNQRjo7Tj TqZRLw9ZFC8She+HWR/VvkayL+hyetGXhI3CfBnUCHQotEy89E2r0KDsgqQV0QE9 aypt6H4FUM7ZptGoAbkDNrM6LqeQO/fDqAsYuiv564c8cqqt1PFpjuR/v2EVazlc H/wY/pzhDTGE5HKfPwbYsjsI1YmjDLiYTkxE3RKCnf9lGrlmnUxgNobZTh4KTNz1 w8qPuqJwcDkQIqra3TLdHtA8TnnTa5Sg5Tz4uynjW5ug48dmh1wixUssyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDme8NaKXy2uJuFrHCTCLZ44kraOMB8GA1UdIwQY MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhN9Juxez LKCOAzn22EiCT42LeUU9le9dYhWbjXhOvY2AWF7wKkVyMfsyoZOtUg49S1hzF2X9 CZFhjKeDjH5s9XoHtAjgLDhSpdIv9I6Tzr5jE/PrZNWYVjmE1eqDmc4tq58fEZkz gQ989kIlp5I3I4IltJP69EAneWbfvcUIDWUflWmzbZXf0aqlCiU0G9JqoW5DYnvH PC9GRE8DZVZixuWLVStxoGyu75T44Nw3YAeod77P2efQn6rEe/GWCcE/VgdrMllv qRltxutnX4C9hM9ZiA939kfK3kFiWxlc1r1SFjxyp9Rsos+LQMOmb9LoM/4h+VOz fp5DX5cogTSdKA== -----END CERTIFICATE-----Generated at Tue Dec 16 13:30:47 2025 by rpki-client