This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json) Hash identifier: JlI8lmKM7Y3ADD86x/vMg9Lh1PCNbHR11UBceHuDGhw= Subject key identifier: 78:BF:AB:52:DA:2D:66:CB:82:BA:49:18:01:C4:B8:60:22:59:F2:83 Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Certificate serial: 019B4438ACA5B7B2F53D213BA47C306D1EC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft Manifest number: 0CE4 Signing time: Mon 22 Dec 2025 04:02:03 +0000 Manifest this update: Mon 22 Dec 2025 04:02:03 +0000 Manifest next update: Tue 23 Dec 2025 04:02:03 +0000 Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: ohk8MXHvln0GpHOn7YX4slWm/k+dL8VlaGZeiKkBUnY=) 2: YfAgsC_cdxTTdTc3lRuKLUA9Ek4.roa (hash: 6JxCw6QKy553BkYrq5SFqTFyUQePShSh+1QhYyHxmes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:ac:a5:b7:b2:f5:3d:21:3b:a4:7c:30:6d:1e:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Validity Not Before: Dec 22 04:02:03 2025 GMT Not After : Dec 23 04:02:03 2025 GMT Subject: CN=78bfab52da2d66cb82ba491801c4b8602259f283 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:68:1a:ac:d7:4d:71:5a:55:6b:10:7e:b3:5d: 88:2a:22:ec:93:42:77:25:8a:54:fc:cb:77:4b:55: 9a:cb:fc:05:f7:ca:6a:e3:3d:4f:3a:09:80:25:5c: 8d:eb:46:c7:d9:bc:6a:8b:3d:ce:ed:17:56:e4:91: 95:15:da:b3:e2:3d:db:3e:f3:80:a0:b7:41:21:b8: 29:85:6f:44:7e:fe:1a:c8:80:c8:ae:46:17:af:49: a4:4c:52:15:c2:62:71:2d:35:9c:44:6b:62:40:1d: e5:73:0b:a7:97:f2:bf:b6:6a:33:e4:5d:41:cb:57: ca:07:43:00:e4:9b:bc:1c:1d:63:1e:9c:5d:44:86: 77:be:84:8c:e1:1c:62:95:bf:49:d9:6d:cf:e4:6f: 08:82:ed:0e:14:a2:fa:da:fa:28:c3:81:42:49:7b: cd:ee:23:01:6b:c3:7f:52:c0:fc:5f:a6:4e:33:bb: 61:90:87:8c:70:7a:c6:28:ac:06:69:13:2a:e7:93: 9e:a4:93:27:46:d6:7e:a0:05:6d:19:ed:6d:9b:20: 41:96:79:83:c9:96:64:3a:36:52:35:c8:97:cb:cf: d5:37:df:ed:22:54:bd:0a:73:c6:c6:e5:09:e5:bb: e6:09:8b:99:c7:cd:44:59:09:82:0b:46:46:4a:fd: 22:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:BF:AB:52:DA:2D:66:CB:82:BA:49:18:01:C4:B8:60:22:59:F2:83 X509v3 Authority Key Identifier: keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:6d:c0:32:7a:9a:42:d2:a9:48:c5:63:84:60:a1:f1:be:35: 1b:d0:dd:e4:b2:4c:47:02:a4:90:ea:ee:db:aa:c8:a2:a1:b7: 6d:32:1c:79:50:e9:cb:ff:cf:9c:10:bb:f6:6f:b5:21:b6:af: 25:e1:48:7c:3b:05:3b:ff:83:fd:b4:20:4d:ac:cb:40:5b:84: 2b:2b:6d:a1:c6:52:61:19:2d:37:93:2e:42:26:06:bf:52:f1: f3:c3:33:07:76:a2:59:4a:70:16:6d:c8:52:67:f3:8c:86:d1: 53:db:82:8a:19:26:61:65:98:e1:70:11:66:20:30:d6:0c:1c: c8:c8:21:58:c3:bb:2a:32:df:cd:15:ae:d1:0a:f0:28:81:0f: 11:e8:eb:6f:46:f1:f7:e6:a4:5f:e7:5e:28:15:f6:89:96:51: 07:a6:e2:e6:5e:dc:50:d3:f8:17:b4:55:5e:c4:84:8b:80:82: 35:ea:dd:c5:1b:10:7f:dd:15:16:60:db:e6:d0:8f:f6:0f:fe: 5b:d9:8e:ec:2f:a8:88:a7:97:f8:25:13:89:68:ed:e9:67:fb: 49:69:64:67:c5:eb:3b:d7:65:67:14:77:ea:4c:20:3c:d8:ec: 65:e5:f5:07:d8:08:1d:45:59:d4:cc:3c:4a:fe:4b:53:27:46: 86:2f:9e:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOKylt7L1PSE7pHwwbR7IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3 NWU5NTUwHhcNMjUxMjIyMDQwMjAzWhcNMjUxMjIzMDQwMjAzWjAzMTEwLwYDVQQD Eyg3OGJmYWI1MmRhMmQ2NmNiODJiYTQ5MTgwMWM0Yjg2MDIyNTlmMjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mgarNdNcVpVaxB+s12IKiLsk0J3 JYpU/Mt3S1Way/wF98pq4z1POgmAJVyN60bH2bxqiz3O7RdW5JGVFdqz4j3bPvOA oLdBIbgphW9Efv4ayIDIrkYXr0mkTFIVwmJxLTWcRGtiQB3lcwunl/K/tmoz5F1B y1fKB0MA5Ju8HB1jHpxdRIZ3voSM4Rxilb9J2W3P5G8Igu0OFKL62voow4FCSXvN 7iMBa8N/UsD8X6ZOM7thkIeMcHrGKKwGaRMq55OepJMnRtZ+oAVtGe1tmyBBlnmD yZZkOjZSNciXy8/VN9/tIlS9CnPGxuUJ5bvmCYuZx81EWQmCC0ZGSv0iOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHi/q1LaLWbLgrpJGAHEuGAiWfKDMB8GA1UdIwQY MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5 LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFG3AMnqa QtKpSMVjhGCh8b41G9Dd5LJMRwKkkOru26rIoqG3bTIceVDpy//PnBC79m+1Ibav JeFIfDsFO/+D/bQgTazLQFuEKyttocZSYRktN5MuQiYGv1Lx88MzB3aiWUpwFm3I UmfzjIbRU9uCihkmYWWY4XARZiAw1gwcyMghWMO7KjLfzRWu0QrwKIEPEejrb0bx 9+akX+deKBX2iZZRB6bi5l7cUNP4F7RVXsSEi4CCNerdxRsQf90VFmDb5tCP9g/+ W9mO7C+oiKeX+CUTiWjt6Wf7SWlkZ8XrO9dlZxR36kwgPNjsZeX1B9gIHUVZ1Mw8 Sv5LUydGhi+erg== -----END CERTIFICATE-----Generated at Mon Dec 22 10:25:39 2025 by rpki-client