This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft File: 2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json) Hash identifier: 5qYwhcu/gLTE3NVR6dAxs8ObqYnga2zcIJ/rWmYYUvc= Subject key identifier: 72:86:74:B8:1C:E0:9D:69:16:36:FE:82:E9:19:26:F6:91:79:2F:64 Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a Certificate serial: 019B3C105972FC8395F6FAC607D000B5EE90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft Manifest number: 1355 Signing time: Sat 20 Dec 2025 14:01:02 +0000 Manifest this update: Sat 20 Dec 2025 14:01:02 +0000 Manifest next update: Sun 21 Dec 2025 14:01:02 +0000 Files and hashes: 1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: 6J7ph7nxA5eowQPHFNeCGIqPl0wc3NmeuFUcTKoxShk=) 2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:59:72:fc:83:95:f6:fa:c6:07:d0:00:b5:ee:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a Validity Not Before: Dec 20 14:01:02 2025 GMT Not After : Dec 21 14:01:02 2025 GMT Subject: CN=728674b81ce09d691636fe82e91926f691792f64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:60:cd:51:b0:f1:86:a1:ae:a9:80:91:9f:03: 8c:ec:3b:1b:fc:d3:f5:59:4c:79:60:34:cd:51:12: ed:fc:1c:e8:4d:01:ff:14:17:56:42:93:d2:45:11: 3c:a4:3e:96:60:1f:39:f1:22:ee:84:5e:87:d5:10: 15:d3:83:04:21:da:f9:1f:ce:79:7f:4b:c9:28:d5: 5f:c3:ef:e9:83:fa:8d:69:ed:35:0b:d1:de:62:72: d8:26:20:e8:a3:34:6c:b4:46:b5:93:81:cc:7b:68: b2:14:6d:1f:cc:05:1c:72:ff:a1:23:34:71:d6:5d: 27:ae:02:17:80:e5:a0:bb:f2:26:a9:82:9d:0a:7d: da:a8:35:b9:c8:95:33:cf:4b:1f:b6:18:7a:3b:bf: 3a:07:71:96:aa:17:5b:44:b5:2a:92:bb:36:2c:ae: 49:23:e7:e5:82:fb:76:fe:9c:e2:64:21:3b:31:7d: 03:71:ec:8b:f5:da:5d:98:fe:c4:72:67:06:56:87: 07:d5:30:91:27:04:1a:64:c0:d0:2c:40:90:c2:72: 2e:c5:cf:72:a0:b8:18:69:71:27:cd:b6:11:36:03: 1f:02:94:49:15:60:c6:1d:58:8e:cd:4f:2a:59:06: 92:b6:c3:1f:be:16:36:f6:09:a3:a4:f3:f4:0f:79: e3:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:86:74:B8:1C:E0:9D:69:16:36:FE:82:E9:19:26:F6:91:79:2F:64 X509v3 Authority Key Identifier: keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:05:ef:41:59:df:c5:85:bc:29:c2:a1:f1:ec:df:62:d8:14: 6e:74:ed:7c:61:ce:4f:e3:cb:85:32:62:dc:a3:7b:15:f5:40: 80:0f:5d:dd:83:d7:67:3a:c8:6e:43:f9:d0:06:41:cd:cb:64: 4a:5b:66:e3:d0:4a:39:85:6d:f8:91:43:e7:c8:5b:a0:5f:b9: ac:5b:df:e9:2e:81:50:a0:4a:ff:25:eb:e6:e1:d5:3c:6b:db: a7:6e:05:b9:78:46:3b:79:3a:af:81:f0:18:11:94:6c:7c:9e: b7:c0:df:c9:b2:05:7b:71:fc:0e:42:ec:32:42:6b:be:54:e6: 7a:ca:b1:65:9f:fb:8d:ef:1d:6c:e5:00:a9:f0:ea:6c:cc:f6: 32:aa:89:0b:c1:1c:90:50:f4:96:3e:8c:c8:15:7a:88:6c:43: 36:a7:fe:fc:4a:33:db:a2:d8:21:eb:64:83:91:6b:51:fe:a1: b5:22:f8:5a:bb:77:dc:e3:42:87:c9:a5:f6:90:c0:b2:03:29: b9:da:f9:85:b4:9b:9e:89:47:56:e7:ff:fa:a5:8b:3e:39:e8: 6a:6e:67:b3:c3:74:bf:26:a0:b7:0c:df:a6:2c:9f:10:9e:66: a0:89:2e:3a:7e:77:fb:2a:a9:5b:20:24:1e:76:bb:3b:19:88: ad:24:ca:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EFly/IOV9vrGB9AAte6QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0 ZTEzNWEwHhcNMjUxMjIwMTQwMTAyWhcNMjUxMjIxMTQwMTAyWjAzMTEwLwYDVQQD Eyg3Mjg2NzRiODFjZTA5ZDY5MTYzNmZlODJlOTE5MjZmNjkxNzkyZjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGDNUbDxhqGuqYCRnwOM7Dsb/NP1 WUx5YDTNURLt/BzoTQH/FBdWQpPSRRE8pD6WYB858SLuhF6H1RAV04MEIdr5H855 f0vJKNVfw+/pg/qNae01C9HeYnLYJiDoozRstEa1k4HMe2iyFG0fzAUccv+hIzRx 1l0nrgIXgOWgu/ImqYKdCn3aqDW5yJUzz0sfthh6O786B3GWqhdbRLUqkrs2LK5J I+flgvt2/pziZCE7MX0DceyL9dpdmP7EcmcGVocH1TCRJwQaZMDQLECQwnIuxc9y oLgYaXEnzbYRNgMfApRJFWDGHViOzU8qWQaStsMfvhY29gmjpPP0D3nj+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKGdLgc4J1pFjb+gukZJvaReS9kMB8GA1UdIwQY MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUQXvQVnf xYW8KcKh8ezfYtgUbnTtfGHOT+PLhTJi3KN7FfVAgA9d3YPXZzrIbkP50AZBzctk Sltm49BKOYVt+JFD58hboF+5rFvf6S6BUKBK/yXr5uHVPGvbp24FuXhGO3k6r4Hw GBGUbHyet8DfybIFe3H8DkLsMkJrvlTmesqxZZ/7je8dbOUAqfDqbMz2MqqJC8Ec kFD0lj6MyBV6iGxDNqf+/Eoz26LYIetkg5FrUf6htSL4Wrt33ONCh8ml9pDAsgMp udr5hbSbnolHVuf/+qWLPjnoam5ns8N0vyagtwzfpiyfEJ5moIkuOn53+yqpWyAk Hna7OxmIrSTKQQ== -----END CERTIFICATE-----Generated at Sat Dec 20 18:16:09 2025 by rpki-client