This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft File: 2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json) Hash identifier: ykUjMn6WZEOhgOXNZ2pc5bCe0ybuW9ajd60W3NGkt8M= Subject key identifier: 4A:CF:B1:F5:A4:FB:A3:7A:60:B7:1A:F0:FF:44:6E:CE:06:0A:9F:C2 Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD Certificate issuer: /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Certificate serial: 019B3C103834BC64BBBC1050217C1B87F69F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft Manifest number: 04ED Signing time: Sat 20 Dec 2025 14:00:54 +0000 Manifest this update: Sat 20 Dec 2025 14:00:54 +0000 Manifest next update: Sun 21 Dec 2025 14:00:54 +0000 Files and hashes: 1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: ytn2X5VFB+pBtXzi8y6jRU2Dg8vyr/NLqqov3giwAQA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:38:34:bc:64:bb:bc:10:50:21:7c:1b:87:f6:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Validity Not Before: Dec 20 14:00:54 2025 GMT Not After : Dec 21 14:00:54 2025 GMT Subject: CN=4acfb1f5a4fba37a60b71af0ff446ece060a9fc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:31:31:85:fc:a4:d3:86:fc:9f:4f:cd:4e:20: 61:22:a7:65:75:8b:3c:05:27:c3:e9:93:88:7e:57: 45:db:35:d9:8e:ae:ab:a6:98:32:a0:66:55:06:8b: 3a:36:b0:12:32:43:6c:3e:f8:35:da:94:c3:0c:67: 2c:4d:bd:3b:1a:4d:4b:14:3d:93:88:f3:d6:9c:05: 7e:dc:2e:e3:29:0c:41:67:15:d4:29:74:0b:50:d9: f8:60:e8:96:9e:62:7e:3f:23:55:84:f8:5c:75:56: 83:d6:85:32:51:3f:5d:c8:86:09:c8:41:75:34:35: 93:30:0c:8f:45:b3:2f:23:86:94:25:d9:e3:78:8d: 84:5c:17:67:8c:53:c3:80:1d:d2:b3:f2:46:46:fc: aa:8f:1f:9d:80:7d:19:e3:87:45:24:3a:5c:ff:cc: 6a:2e:7a:d7:4f:1f:fe:c7:91:95:3d:58:fe:95:ae: 0c:b9:df:e0:5b:9c:16:b5:19:34:ef:56:c7:1d:4f: 6d:6c:ec:4e:86:1b:5d:46:78:d9:2b:3b:47:04:36: 16:d8:db:80:2e:88:4d:4b:4c:13:d1:20:97:5d:44: ed:6b:b4:b3:ef:cb:f9:f1:ff:8a:23:a4:68:3f:ae: af:bd:b8:1f:c2:33:d7:88:f7:79:61:17:bd:cd:b8: f3:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:CF:B1:F5:A4:FB:A3:7A:60:B7:1A:F0:FF:44:6E:CE:06:0A:9F:C2 X509v3 Authority Key Identifier: keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:c5:14:cb:2f:61:c6:d8:19:51:cd:df:51:ff:70:61:ff:ef: 95:76:5b:75:99:1c:9d:45:5b:5e:44:aa:56:d5:7d:cf:da:81: 4e:35:36:84:70:a4:20:0a:77:4b:9c:2e:12:0b:a5:94:79:3a: 4d:de:f2:e7:1b:cb:6f:43:ed:36:bc:9b:fc:b9:83:c6:cc:0f: 65:15:5d:71:21:98:98:dc:32:2d:c7:16:d6:9d:5e:e4:fe:6a: 49:b6:a3:56:8f:11:c6:31:be:b3:f8:9b:f0:f3:16:05:0c:17: bf:6f:ed:6e:47:97:4c:a1:d6:a7:d3:95:70:58:aa:5e:1b:d2: 03:e6:cb:c8:df:cc:5a:0b:4c:11:26:6b:6a:0b:64:d8:7d:7b: 33:d9:37:d6:5c:55:ad:89:71:21:d4:20:b5:56:89:59:91:b4: d6:b5:ae:08:d9:96:51:54:2f:91:33:09:88:c9:ab:7f:eb:d3: fd:88:48:d7:cb:b1:57:62:65:86:81:d1:19:4c:28:c8:f1:d1: e5:43:a2:3a:a9:ef:ce:3b:8f:86:ae:c5:10:82:1a:46:d7:d0: 7c:06:2e:29:72:3c:0d:d9:41:7b:56:85:e2:8f:50:61:58:7d: 2f:da:df:7d:1c:d8:8c:7f:0f:30:76:c0:1f:54:67:27:32:2b: 7c:49:d3:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EDg0vGS7vBBQIXwbh/afMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2 NjIyY2QwHhcNMjUxMjIwMTQwMDU0WhcNMjUxMjIxMTQwMDU0WjAzMTEwLwYDVQQD Eyg0YWNmYjFmNWE0ZmJhMzdhNjBiNzFhZjBmZjQ0NmVjZTA2MGE5ZmMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszExhfyk04b8n0/NTiBhIqdldYs8 BSfD6ZOIfldF2zXZjq6rppgyoGZVBos6NrASMkNsPvg12pTDDGcsTb07Gk1LFD2T iPPWnAV+3C7jKQxBZxXUKXQLUNn4YOiWnmJ+PyNVhPhcdVaD1oUyUT9dyIYJyEF1 NDWTMAyPRbMvI4aUJdnjeI2EXBdnjFPDgB3Ss/JGRvyqjx+dgH0Z44dFJDpc/8xq LnrXTx/+x5GVPVj+la4Mud/gW5wWtRk071bHHU9tbOxOhhtdRnjZKztHBDYW2NuA LohNS0wT0SCXXUTta7Sz78v58f+KI6RoP66vvbgfwjPXiPd5YRe9zbjzwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFErPsfWk+6N6YLca8P9Ebs4GCp/CMB8GA1UdIwQY MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5 LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcUUyy9h xtgZUc3fUf9wYf/vlXZbdZkcnUVbXkSqVtV9z9qBTjU2hHCkIAp3S5wuEgullHk6 Td7y5xvLb0PtNryb/LmDxswPZRVdcSGYmNwyLccW1p1e5P5qSbajVo8RxjG+s/ib 8PMWBQwXv2/tbkeXTKHWp9OVcFiqXhvSA+bLyN/MWgtMESZragtk2H17M9k31lxV rYlxIdQgtVaJWZG01rWuCNmWUVQvkTMJiMmrf+vT/YhI18uxV2JlhoHRGUwoyPHR 5UOiOqnvzjuPhq7FEIIaRtfQfAYuKXI8DdlBe1aF4o9QYVh9L9rffRzYjH8PMHbA H1RnJzIrfEnTdA== -----END CERTIFICATE-----Generated at Sat Dec 20 18:09:16 2025 by rpki-client