This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft File: 2f-H9S43t2bsv0s_nLJlWN0wiCA.mft (raw, json) Hash identifier: 9qEs1/3o393X18RGkjGbFtNfYfv9/pQHDOe1Qx0UAHM= Subject key identifier: BA:93:D1:F0:04:08:80:D1:43:6E:5F:E0:06:EB:C1:E7:50:EF:2B:67 Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20 Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820 Certificate serial: 019B18DF5E3829C4733AC0E0656CDC93B659 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft Manifest number: 0D44 Signing time: Sat 13 Dec 2025 18:00:50 +0000 Manifest this update: Sat 13 Dec 2025 18:00:50 +0000 Manifest next update: Sun 14 Dec 2025 18:00:50 +0000 Files and hashes: 1: 2f-H9S43t2bsv0s_nLJlWN0wiCA.crl (hash: EyUZys0L5mTzv8hWIYw97kviegfMUJtzv3a7QdnuWFU=) 2: nyss7FejNtDGTUXRBz8EpK-bUtQ.roa (hash: 1YbJTbv2jhWedSFo8tfV4w9Efzyk/as9DY0FQwn+kas=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:df:5e:38:29:c4:73:3a:c0:e0:65:6c:dc:93:b6:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820 Validity Not Before: Dec 13 18:00:50 2025 GMT Not After : Dec 14 18:00:50 2025 GMT Subject: CN=ba93d1f0040880d1436e5fe006ebc1e750ef2b67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:2e:92:36:cd:ff:f0:61:7d:9d:be:df:be:6e: cc:d8:59:ca:c1:51:3c:7d:a5:8a:2c:5f:a1:54:93: 2e:4a:10:ce:23:b3:6e:d2:04:e4:25:53:e7:3d:81: 8c:9b:69:df:3b:9b:57:99:64:6f:22:62:c3:7c:e6: 15:46:ac:ce:e3:68:a0:24:3c:25:bd:88:d8:2b:76: 7c:3f:a0:b2:98:7e:97:df:4a:8a:9b:fe:7d:52:10: ca:e0:d3:b7:2e:12:c4:74:33:6d:46:a1:be:22:8e: a5:7d:20:54:2c:e9:a9:5d:a5:e1:48:df:9e:3a:b6: a9:39:48:b5:e4:6c:09:f1:60:65:47:fa:72:3b:1e: ab:c0:31:b4:2b:a2:78:bb:85:48:6a:e1:6b:ea:26: b6:8b:99:ac:27:88:36:44:71:5a:e3:0e:97:c0:ad: e2:bc:38:0e:cd:c5:34:a7:39:5c:e0:dc:23:7e:17: 07:44:80:8d:42:f1:ee:6d:d0:a6:ec:74:7e:d2:c2: 32:4a:84:1c:c7:51:fc:5d:21:68:9a:8f:db:0c:19: a6:68:74:5d:f8:34:0d:02:62:44:54:f0:4a:6b:2b: 67:18:4b:98:ce:e0:14:bc:2a:15:ce:6b:69:ef:50: 8b:c6:b0:b9:79:4f:7f:07:63:26:29:d8:23:7d:98: d7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:93:D1:F0:04:08:80:D1:43:6E:5F:E0:06:EB:C1:E7:50:EF:2B:67 X509v3 Authority Key Identifier: keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:bb:16:34:b9:e6:02:aa:c7:1b:9e:52:99:b2:db:eb:f6:80: 91:32:e9:bb:d4:9f:e2:c4:9f:ca:a4:4b:90:23:96:d1:29:e2: f1:80:4c:1d:1a:ff:0b:f8:54:c9:03:84:c0:df:e3:0b:bd:5d: 1a:c1:bb:87:61:80:97:f7:12:4b:d2:2b:c5:51:06:8f:cf:6f: 33:77:38:39:51:c0:6a:b6:77:f9:a3:aa:0a:47:67:ea:2f:33: 67:9b:25:03:16:34:a9:dc:ea:34:64:3f:3f:b5:72:76:8d:fb: 3f:88:67:17:df:fb:8b:1f:05:d5:33:fe:69:93:eb:35:b0:d8: ee:c7:b4:2a:cc:d1:fc:a7:d6:ce:97:27:a8:96:3f:e9:7b:ee: 9c:75:19:bc:d4:07:89:08:99:d6:de:12:78:eb:4a:71:85:aa: 1b:be:62:74:13:06:36:ff:d2:e3:ec:0e:81:95:7e:4f:03:a4: 76:6e:6e:b3:47:f3:48:2b:0e:96:c6:05:84:13:73:3b:6e:bc: 46:8a:02:37:41:e7:9c:5c:f6:1e:be:1d:da:d2:5a:88:79:fa: e6:4f:e5:2f:32:0c:54:dc:eb:10:5e:e5:31:46:25:6e:25:a4: 42:d1:34:35:0f:a7:47:5e:55:2e:ab:2f:ee:e7:41:b9:e5:44: af:49:49:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsY3144KcRzOsDgZWzck7ZZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz MDg4MjAwHhcNMjUxMjEzMTgwMDUwWhcNMjUxMjE0MTgwMDUwWjAzMTEwLwYDVQQD EyhiYTkzZDFmMDA0MDg4MGQxNDM2ZTVmZTAwNmViYzFlNzUwZWYyYjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC6SNs3/8GF9nb7fvm7M2FnKwVE8 faWKLF+hVJMuShDOI7Nu0gTkJVPnPYGMm2nfO5tXmWRvImLDfOYVRqzO42igJDwl vYjYK3Z8P6CymH6X30qKm/59UhDK4NO3LhLEdDNtRqG+Io6lfSBULOmpXaXhSN+e OrapOUi15GwJ8WBlR/pyOx6rwDG0K6J4u4VIauFr6ia2i5msJ4g2RHFa4w6XwK3i vDgOzcU0pzlc4NwjfhcHRICNQvHubdCm7HR+0sIySoQcx1H8XSFomo/bDBmmaHRd +DQNAmJEVPBKaytnGEuYzuAUvCoVzmtp71CLxrC5eU9/B2MmKdgjfZjXlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLqT0fAECIDRQ25f4AbrwedQ7ytnMB8GA1UdIwQY MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt MWU3MzAwY2NkYTM2LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2 LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7sWNLnm AqrHG55SmbLb6/aAkTLpu9Sf4sSfyqRLkCOW0Sni8YBMHRr/C/hUyQOEwN/jC71d GsG7h2GAl/cSS9IrxVEGj89vM3c4OVHAarZ3+aOqCkdn6i8zZ5slAxY0qdzqNGQ/ P7Vydo37P4hnF9/7ix8F1TP+aZPrNbDY7se0KszR/KfWzpcnqJY/6XvunHUZvNQH iQiZ1t4SeOtKcYWqG75idBMGNv/S4+wOgZV+TwOkdm5us0fzSCsOlsYFhBNzO268 RooCN0HnnFz2Hr4d2tJaiHn65k/lLzIMVNzrEF7lMUYlbiWkQtE0NQ+nR15VLqsv 7udBueVEr0lJjg== -----END CERTIFICATE-----Generated at Sun Dec 14 00:02:35 2025 by rpki-client