This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft File: _2szYaGioA284xkBmCf-u3Fb0EQ.mft (raw, json) Hash identifier: u/sm6/pIB2D0RGOAGvzUrspkdgWUydLXlDlX9BUCons= Subject key identifier: 46:C1:B6:01:CD:A5:1A:F8:6B:6A:B9:15:EC:94:75:A4:DE:6C:9E:FA Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044 Certificate serial: 019B10B86C97624E16343A8B27468225ABBD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft Manifest number: 16D4 Signing time: Fri 12 Dec 2025 04:01:20 +0000 Manifest this update: Fri 12 Dec 2025 04:01:20 +0000 Manifest next update: Sat 13 Dec 2025 04:01:20 +0000 Files and hashes: 1: WWNEma98vqvt3aWub4KvZrisRPY.roa (hash: 8ej/FxtmoHvT2+4JYPncO9OF+5JwUWMEm2sRynTw/0U=) 2: _2szYaGioA284xkBmCf-u3Fb0EQ.crl (hash: DyvR+xlg3F1KfhGM39O5HLEJTi4HgRNwwiYLGFfLawY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 04:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:b8:6c:97:62:4e:16:34:3a:8b:27:46:82:25:ab:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044 Validity Not Before: Dec 12 04:01:20 2025 GMT Not After : Dec 13 04:01:20 2025 GMT Subject: CN=46c1b601cda51af86b6ab915ec9475a4de6c9efa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:90:1a:4f:7a:f2:be:40:af:e6:7f:80:b4:68: 55:34:d5:1d:0d:5e:dd:54:75:10:7a:62:7a:07:3a: 79:6c:c9:a3:e0:d4:79:1d:a1:d2:9d:ee:96:84:6a: cf:f3:45:04:65:6b:93:eb:87:4c:46:3e:11:c9:c6: 8c:fe:ea:61:aa:a8:fa:b8:b1:65:55:95:d9:b1:29: a7:5c:77:43:15:d3:b2:19:ab:a4:8f:fe:bb:42:b6: 4d:4f:94:b5:fb:f5:1f:66:03:fe:c5:b9:d9:c5:88: 10:4b:de:b2:67:19:c2:90:e6:42:ae:85:ec:cb:68: 9c:ba:fe:f3:e5:68:07:d5:27:25:a0:f9:62:77:52: 0d:ff:b7:72:09:42:bb:d2:3b:35:f9:4e:c7:b1:20: f2:66:34:d8:d0:c9:a1:eb:69:61:74:1c:9b:ed:49: 47:44:d6:2f:b9:96:8b:dc:56:19:c2:65:8f:94:54: bd:ef:8b:17:09:8f:a3:32:d7:a1:30:86:bd:5a:d5: c5:b8:5c:49:6a:5c:7a:5b:3f:0b:2c:85:33:6d:1e: e3:ef:82:47:65:92:41:e2:ca:7f:dc:3a:1a:9b:52: 90:22:89:2c:2c:d4:5d:23:db:5c:15:c1:88:7e:dc: a7:19:76:9d:82:4b:4f:b0:66:69:10:a2:2e:a4:c2: 1e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:C1:B6:01:CD:A5:1A:F8:6B:6A:B9:15:EC:94:75:A4:DE:6C:9E:FA X509v3 Authority Key Identifier: keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:7d:78:1c:7a:44:d0:59:f6:ec:b3:1a:c0:e5:ed:12:db:3f: f4:04:56:ae:e3:58:19:d5:74:59:3a:a9:3d:66:27:72:30:2c: d2:a9:3d:a1:b8:b6:02:4d:ad:92:4b:61:79:8e:6b:ac:a2:21: 7a:4a:43:14:8d:02:9f:dd:f6:99:cf:a1:66:21:a1:f7:2f:ff: 0a:c8:6c:ac:b4:72:48:5e:e9:1a:b3:5d:37:c6:ac:15:75:fb: a7:c9:62:96:c9:c9:18:73:f9:94:6a:78:5c:30:c0:0e:b9:09: 08:4d:c1:e7:4d:2f:b8:24:fd:f5:50:d4:8a:b5:ca:d2:1b:59: e7:65:7f:c2:7f:b4:ca:aa:38:76:c3:e1:ea:e6:1b:81:6a:7f: 74:a9:81:97:e9:38:02:fe:f3:28:cd:b0:d3:5a:87:d5:d9:90: 67:f5:1d:52:5a:6d:2d:fc:ab:9a:25:9b:83:8b:97:d8:85:4c: b0:1d:2b:d5:7e:56:44:d5:df:0f:fb:36:2a:4c:ba:81:0f:03: 4f:60:07:61:68:9a:8e:19:b8:17:7b:a1:c1:24:4b:08:a0:b3: b4:34:b9:9b:de:05:ce:dd:bb:35:12:00:f3:c9:64:72:6b:7c: 80:e3:70:c7:38:f8:37:9b:c0:16:95:ff:c8:71:4b:3a:54:68: 57:76:4b:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQuGyXYk4WNDqLJ0aCJau9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1 YmQwNDQwHhcNMjUxMjEyMDQwMTIwWhcNMjUxMjEzMDQwMTIwWjAzMTEwLwYDVQQD Eyg0NmMxYjYwMWNkYTUxYWY4NmI2YWI5MTVlYzk0NzVhNGRlNmM5ZWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5AaT3ryvkCv5n+AtGhVNNUdDV7d VHUQemJ6Bzp5bMmj4NR5HaHSne6WhGrP80UEZWuT64dMRj4RycaM/uphqqj6uLFl VZXZsSmnXHdDFdOyGaukj/67QrZNT5S1+/UfZgP+xbnZxYgQS96yZxnCkOZCroXs y2icuv7z5WgH1ScloPlid1IN/7dyCUK70js1+U7HsSDyZjTY0Mmh62lhdByb7UlH RNYvuZaL3FYZwmWPlFS974sXCY+jMtehMIa9WtXFuFxJalx6Wz8LLIUzbR7j74JH ZZJB4sp/3Doam1KQIoksLNRdI9tcFcGIftynGXadgktPsGZpEKIupMIe5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbBtgHNpRr4a2q5FeyUdaTebJ76MB8GA1UdIwQY MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt ZjYyMzIwOTUxYTM2LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2 LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHX14HHpE 0Fn27LMawOXtEts/9ARWruNYGdV0WTqpPWYncjAs0qk9obi2Ak2tkktheY5rrKIh ekpDFI0Cn932mc+hZiGh9y//CshsrLRySF7pGrNdN8asFXX7p8lilsnJGHP5lGp4 XDDADrkJCE3B500vuCT99VDUirXK0htZ52V/wn+0yqo4dsPh6uYbgWp/dKmBl+k4 Av7zKM2w01qH1dmQZ/UdUlptLfyrmiWbg4uX2IVMsB0r1X5WRNXfD/s2Kky6gQ8D T2AHYWiajhm4F3uhwSRLCKCztDS5m94Fzt27NRIA88lkcmt8gONwxzj4N5vAFpX/ yHFLOlRoV3ZLeQ== -----END CERTIFICATE-----Generated at Fri Dec 12 13:11:48 2025 by rpki-client