This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft File: kR2gx6mUBcRrqthMudk-g0WZyOE.mft (raw, json) Hash identifier: U3HdYHdHsEcSOYZfHwnXwY+egn3wDueYhkLSx3d+OPc= Subject key identifier: 2F:E3:82:21:CE:7C:57:5F:7D:9A:9E:5F:DB:19:F6:AA:B9:67:90:39 Authority key identifier: 91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1 Certificate issuer: /CN=911da0c7a99405c46baad84cb9d93e834599c8e1 Certificate serial: 019B5A517C9CB65BDC22618A1D86D49509EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 11:00:48 +0000 Manifest this update: Fri 26 Dec 2025 11:00:48 +0000 Manifest next update: Sat 27 Dec 2025 11:00:48 +0000 Files and hashes: 1: EpBy5lEF1BDLVRWSQ7QWoN5zbUU.roa (hash: 1y3tSjFaZERbPwiKrhlP5/eJ5GlotVuhhvMAWtoaIrk=) 2: kR2gx6mUBcRrqthMudk-g0WZyOE.crl (hash: gvP01W9otQ20LjPVXEMeiyzT5OYeklcBszbbfeb8G8o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:7c:9c:b6:5b:dc:22:61:8a:1d:86:d4:95:09:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=911da0c7a99405c46baad84cb9d93e834599c8e1 Validity Not Before: Dec 26 11:00:48 2025 GMT Not After : Dec 27 11:00:48 2025 GMT Subject: CN=2fe38221ce7c575f7d9a9e5fdb19f6aab9679039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:99:bd:bc:5b:28:5d:93:b4:2b:ac:3c:6b:65: d2:6e:54:ae:65:ae:49:dc:f5:8c:ab:12:bb:ed:16: 76:d4:0a:3b:14:aa:36:dc:7a:8e:4c:4a:2c:b3:76: f1:10:f5:97:33:d5:0e:71:56:a5:11:e4:2c:90:5a: 7a:bc:74:db:e9:fa:2f:e2:3c:22:c4:44:2b:b7:c3: e7:dc:18:3a:8b:33:65:8b:fd:89:ca:e2:12:96:72: 20:10:8b:55:59:77:c2:00:b2:36:72:fd:b4:15:d8: 5b:a3:a4:87:47:5a:d3:5b:25:1e:29:37:f4:96:54: b4:65:ce:43:02:6f:7f:2c:02:81:b8:a4:17:d9:46: b9:3b:80:60:f0:3e:82:f5:ef:6c:fa:dd:64:65:ed: bf:78:8a:a0:35:cf:eb:08:0b:c8:6a:9f:2d:b1:b3: 45:71:2b:47:e1:97:03:a7:04:e0:dc:0a:e5:bb:d9: 73:a4:d4:fe:84:8a:af:af:fc:90:8e:59:4f:6a:e1: be:f2:d6:2e:51:8f:69:67:b5:dc:4c:76:ad:87:e6: 74:1e:46:00:90:10:09:e8:71:22:5a:6b:63:3f:2f: 7b:ce:30:b6:4c:58:98:ff:02:08:06:35:0f:f2:16: c9:66:18:82:ec:88:ee:29:a2:36:60:f6:4b:74:7e: 4f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:E3:82:21:CE:7C:57:5F:7D:9A:9E:5F:DB:19:F6:AA:B9:67:90:39 X509v3 Authority Key Identifier: keyid:91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:53:e1:f0:33:f2:b6:26:e5:d9:33:03:67:3b:bf:f8:3c:a1: 99:6c:26:bd:d4:d6:5e:40:24:8f:e9:31:38:02:87:bf:e5:ad: 71:8b:7a:0d:09:be:24:0b:f4:14:b8:ea:02:23:26:d0:32:9a: c8:a8:d0:d0:7b:25:b6:fa:26:f3:29:20:aa:92:43:29:3c:b0: aa:df:20:d9:62:cd:c8:c5:61:44:43:d8:74:ea:f9:3b:0c:26: 88:b6:1d:7b:a4:82:99:fd:ed:23:bd:d9:ba:6a:ba:dc:d6:88: fe:ba:89:36:3f:85:25:69:91:05:a6:7e:e2:b8:23:93:ba:18: 35:b8:af:8c:b4:23:b5:f0:49:69:2b:84:56:33:00:50:d8:e5: 97:c4:e3:5a:76:bf:ae:25:0a:31:19:5a:4a:a6:e4:1a:49:54: 22:aa:e6:94:78:fd:c7:ce:a0:b6:3d:58:13:ce:e5:b9:b7:c4: 48:5e:4e:70:aa:32:af:ca:ee:a9:96:df:d0:b5:ff:f5:78:66: 3e:de:69:58:4f:91:c4:d3:5a:7e:92:6a:83:aa:99:93:49:e8: f8:49:d1:97:f4:31:b6:d4:dd:35:22:c6:e1:af:7b:2a:b5:c0: bc:e7:1e:49:f4:fa:9d:6d:1a:46:23:fa:57:61:d4:d1:bd:78: f8:60:dd:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUXyctlvcImGKHYbUlQnuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxMWRhMGM3YTk5NDA1YzQ2YmFhZDg0Y2I5ZDkzZTgzNDU5 OWM4ZTEwHhcNMjUxMjI2MTEwMDQ4WhcNMjUxMjI3MTEwMDQ4WjAzMTEwLwYDVQQD EygyZmUzODIyMWNlN2M1NzVmN2Q5YTllNWZkYjE5ZjZhYWI5Njc5MDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJm9vFsoXZO0K6w8a2XSblSuZa5J 3PWMqxK77RZ21Ao7FKo23HqOTEoss3bxEPWXM9UOcValEeQskFp6vHTb6fov4jwi xEQrt8Pn3Bg6izNli/2JyuISlnIgEItVWXfCALI2cv20Fdhbo6SHR1rTWyUeKTf0 llS0Zc5DAm9/LAKBuKQX2Ua5O4Bg8D6C9e9s+t1kZe2/eIqgNc/rCAvIap8tsbNF cStH4ZcDpwTg3Arlu9lzpNT+hIqvr/yQjllPauG+8tYuUY9pZ7XcTHath+Z0HkYA kBAJ6HEiWmtjPy97zjC2TFiY/wIIBjUP8hbJZhiC7IjuKaI2YPZLdH5PvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC/jgiHOfFdffZqeX9sZ9qq5Z5A5MB8GA1UdIwQY MBaAFJEdoMeplAXEa6rYTLnZPoNFmcjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQt NDcyZjAyNDUwZWMzLzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQtNDcyZjAyNDUwZWMz LzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANlPh8DPy tibl2TMDZzu/+DyhmWwmvdTWXkAkj+kxOAKHv+WtcYt6DQm+JAv0FLjqAiMm0DKa yKjQ0Hsltvom8ykgqpJDKTywqt8g2WLNyMVhREPYdOr5OwwmiLYde6SCmf3tI73Z umq63NaI/rqJNj+FJWmRBaZ+4rgjk7oYNbivjLQjtfBJaSuEVjMAUNjll8TjWna/ riUKMRlaSqbkGklUIqrmlHj9x86gtj1YE87lubfESF5OcKoyr8ruqZbf0LX/9Xhm Pt5pWE+RxNNafpJqg6qZk0no+EnRl/QxttTdNSLG4a97KrXAvOceSfT6nW0aRiP6 V2HU0b14+GDd2Q== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:24 2025 by rpki-client