This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft File: 2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft (raw, json) Hash identifier: a7ctWGQ4wVyeF098kWVWmpIdmIUDlvZ/ADUFKvF0tX4= Subject key identifier: 93:18:51:63:8F:FC:39:EC:D2:92:BA:B3:17:0F:44:8D:38:3E:F7:9B Authority key identifier: D8:50:B9:60:AD:E9:44:9F:1E:80:81:43:A3:71:CE:2E:3A:18:7E:48 Certificate issuer: /CN=d850b960ade9449f1e808143a371ce2e3a187e48 Certificate serial: 019AF91D3F4565977CA28786696442E9FC71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft Manifest number: 2D Signing time: Sun 07 Dec 2025 14:00:34 +0000 Manifest this update: Sun 07 Dec 2025 14:00:34 +0000 Manifest next update: Mon 08 Dec 2025 14:00:34 +0000 Files and hashes: 1: 2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl (hash: k1XHUbILptIRu2Cs4OXu2SDawbJCvKG+YMg+Wyz2NG4=) 2: hW7s4O9TdBAfT4Osak2Oj5BJAz4.asa (hash: R04Z5dzTVpp/mJ118ZonHq/GgrG1tGSGF8iWqD8/YV8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f9:1d:3f:45:65:97:7c:a2:87:86:69:64:42:e9:fc:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d850b960ade9449f1e808143a371ce2e3a187e48 Validity Not Before: Dec 7 14:00:34 2025 GMT Not After : Dec 8 14:00:34 2025 GMT Subject: CN=931851638ffc39ecd292bab3170f448d383ef79b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:2a:dc:9a:5d:43:c2:5c:42:72:32:9f:ea:b6: b7:f4:cc:48:be:3b:08:74:07:5f:89:a1:36:1a:29: 5e:b2:4e:d8:93:7c:9b:c8:e3:05:dd:07:4a:35:be: 77:79:fe:ec:b5:ba:48:4c:02:86:d1:16:80:17:6b: 62:3b:9e:6d:c2:17:3d:bf:9f:48:2d:6c:6f:d6:81: e6:af:74:6c:c3:d0:db:76:c4:72:75:25:60:34:72: ee:3b:4b:bd:20:e4:da:f6:b9:65:e4:6a:04:b5:60: bd:13:8c:ba:ac:25:06:63:3d:c0:dd:7e:50:d3:23: 31:9d:eb:eb:c1:d2:0d:9a:b1:d9:d2:ca:6f:72:c3: 78:d4:ba:94:f0:03:f7:21:e0:8b:b0:50:39:94:90: 5e:c2:6c:17:2a:54:f2:dc:61:9f:a7:12:2f:18:16: 6c:d4:3c:e9:ea:c8:51:fd:b8:6e:59:79:d3:cc:05: 0f:87:56:ab:dc:50:b0:91:ae:ed:e3:52:4c:d0:cc: 9e:da:7b:d6:a5:87:34:fc:c2:04:67:49:4b:3c:69: 4a:97:72:19:28:f0:73:72:5e:dd:3f:7c:f1:53:39: 7a:ef:ce:7e:17:46:91:0f:eb:b3:dd:cf:d2:ea:0e: 38:7e:d8:a5:56:48:ed:de:d4:bd:79:0e:93:0d:05: 4f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:18:51:63:8F:FC:39:EC:D2:92:BA:B3:17:0F:44:8D:38:3E:F7:9B X509v3 Authority Key Identifier: keyid:D8:50:B9:60:AD:E9:44:9F:1E:80:81:43:A3:71:CE:2E:3A:18:7E:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:6e:9e:1b:c1:2c:71:29:92:f5:1a:a4:63:52:d9:73:92:ad: 2d:6f:d8:93:28:57:40:7f:9b:4c:43:23:4e:74:a5:1c:c3:95: 1a:e3:c6:a6:e5:80:fe:43:3a:3a:47:eb:b2:66:09:55:bd:ca: 35:b9:b6:f0:cd:da:86:a2:9b:05:29:15:75:be:16:3d:2f:38: 48:56:a2:5a:6b:cf:d0:cd:99:1d:5c:3c:e7:49:7d:89:32:63: ef:ed:c3:c8:22:cb:70:e2:50:95:44:e0:09:c7:4d:00:69:bb: 31:86:6e:5a:6a:ea:ce:3c:b7:da:be:3e:73:d7:b6:6e:68:51: ef:f3:df:70:21:84:f5:67:a3:38:39:4c:42:11:46:dd:f7:1e: 8e:66:35:47:49:7e:4f:52:a6:24:9b:01:20:09:c2:49:e7:a5: 43:2d:d0:75:b0:f1:83:7a:c2:48:00:97:17:eb:15:5e:96:e9: 51:78:19:9f:98:4d:90:36:de:b2:dd:96:f0:1e:75:ec:70:c7: 37:fb:c2:25:22:01:4b:5c:85:47:bd:23:ff:36:c2:c5:11:0c: 59:6b:cc:98:ea:c4:b7:2c:cb:13:8c:91:35:6b:ef:4a:c7:35: 64:07:2b:9e:0c:ce:21:2f:2c:cb:78:6a:a4:fb:8b:13:0b:f6: b6:a9:23:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr5HT9FZZd8ooeGaWRC6fxxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NTBiOTYwYWRlOTQ0OWYxZTgwODE0M2EzNzFjZTJlM2Ex ODdlNDgwHhcNMjUxMjA3MTQwMDM0WhcNMjUxMjA4MTQwMDM0WjAzMTEwLwYDVQQD Eyg5MzE4NTE2MzhmZmMzOWVjZDI5MmJhYjMxNzBmNDQ4ZDM4M2VmNzliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yrcml1DwlxCcjKf6ra39MxIvjsI dAdfiaE2Gilesk7Yk3ybyOMF3QdKNb53ef7stbpITAKG0RaAF2tiO55twhc9v59I LWxv1oHmr3Rsw9DbdsRydSVgNHLuO0u9IOTa9rll5GoEtWC9E4y6rCUGYz3A3X5Q 0yMxnevrwdINmrHZ0spvcsN41LqU8AP3IeCLsFA5lJBewmwXKlTy3GGfpxIvGBZs 1Dzp6shR/bhuWXnTzAUPh1ar3FCwka7t41JM0Mye2nvWpYc0/MIEZ0lLPGlKl3IZ KPBzcl7dP3zxUzl6785+F0aRD+uz3c/S6g44ftilVkjt3tS9eQ6TDQVPTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJMYUWOP/Dns0pK6sxcPRI04PvebMB8GA1UdIwQY MBaAFNhQuWCt6USfHoCBQ6Nxzi46GH5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85OGIyZjUtNzVlMS00MjQ1LTk3NmQt MDE1MGM5NGY5NDBkLzEvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC85OGIyZjUtNzVlMS00MjQ1LTk3NmQtMDE1MGM5NGY5NDBk LzEvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlm6eG8Es cSmS9RqkY1LZc5KtLW/YkyhXQH+bTEMjTnSlHMOVGuPGpuWA/kM6OkfrsmYJVb3K Nbm28M3ahqKbBSkVdb4WPS84SFaiWmvP0M2ZHVw850l9iTJj7+3DyCLLcOJQlUTg CcdNAGm7MYZuWmrqzjy32r4+c9e2bmhR7/PfcCGE9WejODlMQhFG3fcejmY1R0l+ T1KmJJsBIAnCSeelQy3QdbDxg3rCSACXF+sVXpbpUXgZn5hNkDbest2W8B517HDH N/vCJSIBS1yFR70j/zbCxREMWWvMmOrEtyzLE4yRNWvvSsc1ZAcrngzOIS8sy3hq pPuLEwv2tqkj4g== -----END CERTIFICATE-----Generated at Sun Dec 7 17:13:45 2025 by rpki-client