This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft File: 2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json) Hash identifier: is3AqDxwSPY8JxtZW9cYMPr5q+ktsDgsqzWqJua6lA4= Subject key identifier: 32:4E:08:43:D4:EB:49:D3:D0:B9:E1:C4:E9:5B:39:ED:EB:81:73:77 Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41 Certificate issuer: /CN=d9b37a38ce887d37636046aef387a1c233152e41 Certificate serial: 019B38A15A8655BECB376D1EFD47CCFD4472 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft Manifest number: 0817 Signing time: Fri 19 Dec 2025 22:00:57 +0000 Manifest this update: Fri 19 Dec 2025 22:00:57 +0000 Manifest next update: Sat 20 Dec 2025 22:00:57 +0000 Files and hashes: 1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: iz3ukoFKlnisDiYEwkTh0LUvAXhykWsOTn2wQWYqnxU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:5a:86:55:be:cb:37:6d:1e:fd:47:cc:fd:44:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41 Validity Not Before: Dec 19 22:00:57 2025 GMT Not After : Dec 20 22:00:57 2025 GMT Subject: CN=324e0843d4eb49d3d0b9e1c4e95b39edeb817377 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:6f:fa:51:ee:df:7b:9e:cc:ca:54:66:76:99: 91:ab:cd:a1:de:7b:40:26:96:98:f1:1b:c2:4c:f9: 59:d0:dc:89:9d:bc:7d:63:4d:b6:90:2f:e9:b1:61: f5:09:9e:f5:26:5f:50:20:37:de:f3:c5:07:a8:ea: c5:d5:c8:bf:0f:ef:74:15:78:22:4a:c8:b1:f3:99: 3f:12:d3:a4:94:85:3f:82:ea:dc:30:7d:21:0a:a8: a8:67:4d:3f:e7:0b:d9:d1:67:65:ab:38:f0:fd:f6: a0:4f:d1:0f:9d:bb:c6:0e:59:ed:c7:06:fa:8a:18: 47:cb:7e:e2:e5:46:2f:27:04:33:f2:7b:b8:4f:e6: 07:df:f7:92:06:d7:1d:c8:04:b5:20:3f:ae:dc:94: 3a:c1:e1:eb:06:4b:e3:d5:d3:ce:7d:43:e4:81:91: 56:54:3b:19:6e:d4:10:e1:21:13:9b:27:97:8e:ce: bd:a1:93:73:1f:3f:a1:1d:ae:1e:07:df:32:2e:29: 46:d7:a7:6a:83:70:53:ee:c4:e9:a3:c3:62:25:40: 7b:6b:c3:0d:d2:0b:de:57:b8:a4:33:a3:db:b0:0d: d6:e4:1e:cd:64:c2:36:ad:b9:37:80:96:01:61:7c: 89:7c:ec:8a:a4:f5:c0:7e:ed:29:f9:87:10:60:e2: 2e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:4E:08:43:D4:EB:49:D3:D0:B9:E1:C4:E9:5B:39:ED:EB:81:73:77 X509v3 Authority Key Identifier: keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:ff:27:20:96:fb:37:c3:d8:1f:c3:7b:b7:9b:50:08:85:de: 71:5e:8a:8b:80:23:b3:a0:fa:e6:6a:0f:a5:5a:fd:ed:c6:fb: 7e:0a:43:69:e2:8e:a9:44:ba:df:43:6f:05:da:ac:70:bb:7c: 71:95:15:78:97:af:43:d9:53:a8:a2:27:55:a3:3b:cd:e3:d9: 30:c4:11:6f:4a:19:3e:6a:2b:7c:b1:21:cf:07:ed:72:ce:90: 41:14:26:9e:58:e2:d9:46:40:9a:0a:2d:f3:f0:8f:65:f0:d8: 7f:26:78:23:a6:6f:11:23:1d:1d:31:0f:79:b8:b0:e7:5f:83: 31:fb:e8:71:0b:d4:08:39:6b:cb:8b:90:55:92:a4:3d:43:85: ca:24:1e:a4:61:e8:4a:ea:eb:50:51:41:15:bb:be:88:4a:7b: c7:d8:9a:af:d8:e3:7b:8d:60:c9:8e:0e:39:e9:6b:a4:e6:8d: 69:a8:72:50:71:11:2c:7f:96:5a:07:96:e9:56:6e:39:8e:04: f0:f7:58:b4:ae:80:7f:8e:4e:d2:25:01:5b:7a:75:71:f1:eb: 7f:9b:44:e3:33:fc:cd:43:e9:03:fb:96:aa:a3:ae:29:b0:05: 2b:2c:18:d9:26:bc:37:eb:f6:fe:7b:72:bd:21:fc:13:bc:b4: fd:d4:00:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oVqGVb7LN20e/UfM/URyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx NTJlNDEwHhcNMjUxMjE5MjIwMDU3WhcNMjUxMjIwMjIwMDU3WjAzMTEwLwYDVQQD EygzMjRlMDg0M2Q0ZWI0OWQzZDBiOWUxYzRlOTViMzllZGViODE3Mzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4m/6Ue7fe57MylRmdpmRq82h3ntA JpaY8RvCTPlZ0NyJnbx9Y022kC/psWH1CZ71Jl9QIDfe88UHqOrF1ci/D+90FXgi Ssix85k/EtOklIU/gurcMH0hCqioZ00/5wvZ0Wdlqzjw/fagT9EPnbvGDlntxwb6 ihhHy37i5UYvJwQz8nu4T+YH3/eSBtcdyAS1ID+u3JQ6weHrBkvj1dPOfUPkgZFW VDsZbtQQ4SETmyeXjs69oZNzHz+hHa4eB98yLilG16dqg3BT7sTpo8NiJUB7a8MN 0gveV7ikM6PbsA3W5B7NZMI2rbk3gJYBYXyJfOyKpPXAfu0p+YcQYOIuGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDJOCEPU60nT0LnhxOlbOe3rgXN3MB8GA1UdIwQY MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/8nIJb7 N8PYH8N7t5tQCIXecV6Ki4Ajs6D65moPpVr97cb7fgpDaeKOqUS630NvBdqscLt8 cZUVeJevQ9lTqKInVaM7zePZMMQRb0oZPmorfLEhzwftcs6QQRQmnlji2UZAmgot 8/CPZfDYfyZ4I6ZvESMdHTEPebiw51+DMfvocQvUCDlry4uQVZKkPUOFyiQepGHo SurrUFFBFbu+iEp7x9iar9jje41gyY4OOelrpOaNaahyUHERLH+WWgeW6VZuOY4E 8PdYtK6Af45O0iUBW3p1cfHrf5tE4zP8zUPpA/uWqqOuKbAFKywY2Sa8N+v2/nty vSH8E7y0/dQAdQ== -----END CERTIFICATE-----Generated at Sat Dec 20 07:39:46 2025 by rpki-client