This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft File: 2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json) Hash identifier: thAqc9VlnDsfasc2OleCDSgDjfh5TojoK+HVEZChqnk= Subject key identifier: A2:D7:B4:27:AB:EE:85:5F:54:31:D4:49:B9:77:6F:64:E9:02:FE:FF Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 Certificate issuer: /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Certificate serial: 019B59AD18C1EBB28D9213C7115527075A5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft Manifest number: 0446 Signing time: Fri 26 Dec 2025 08:01:14 +0000 Manifest this update: Fri 26 Dec 2025 08:01:14 +0000 Manifest next update: Sat 27 Dec 2025 08:01:14 +0000 Files and hashes: 1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: islqCE75tkUpPQx396ksk3uj8liv+rJrHLH88V08GW4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ad:18:c1:eb:b2:8d:92:13:c7:11:55:27:07:5a:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Validity Not Before: Dec 26 08:01:14 2025 GMT Not After : Dec 27 08:01:14 2025 GMT Subject: CN=a2d7b427abee855f5431d449b9776f64e902feff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fc:df:62:32:69:cc:84:a3:dc:84:b5:84:7f: cb:92:c3:e8:ca:3c:97:4d:db:d1:9b:b7:9b:8e:16: 92:a2:c3:35:d4:e2:d5:1a:18:65:8a:40:5d:ed:fb: 3e:eb:47:aa:8d:3d:73:8a:08:9a:bb:34:f8:21:cc: cb:0b:13:59:ba:e9:e6:cb:a3:ea:ea:1a:fb:ab:7e: cb:e8:db:c5:eb:9c:62:73:6c:d0:98:f0:b4:50:2a: 1d:3b:d9:ee:48:48:52:5c:86:fc:db:fc:54:6e:35: 70:d1:21:fa:35:9a:ab:46:11:be:e9:a9:10:40:dc: 4b:66:03:42:a8:c3:0d:1a:d5:7e:0f:b5:9e:42:11: d1:3b:93:57:1a:95:6a:70:bd:db:4d:25:96:35:47: 35:38:b8:89:55:0f:da:e8:b2:81:09:20:2b:22:74: 30:1e:b0:28:49:f4:cc:17:a2:74:6a:7e:f9:58:cb: 56:86:71:27:9c:24:c3:4f:18:1a:0b:b3:1f:eb:e5: fe:52:c1:73:4e:d2:34:69:7b:ff:0a:9c:21:ef:b1: 68:15:c4:cb:2c:b4:83:f0:b2:d4:cc:a0:db:42:67: f9:a9:a8:7f:d9:de:c1:5c:07:59:ab:38:34:9d:bc: fb:46:25:42:2e:aa:dc:3d:7d:4e:09:46:76:27:95: 02:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:D7:B4:27:AB:EE:85:5F:54:31:D4:49:B9:77:6F:64:E9:02:FE:FF X509v3 Authority Key Identifier: keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:c1:a0:5b:95:74:0d:79:eb:7c:20:b2:69:f0:54:a5:30:14: 28:64:cd:48:98:2e:f1:81:e9:f2:a9:00:5a:90:c7:08:73:05: da:7b:4b:e0:90:d9:29:06:ef:f8:83:35:d7:24:c7:94:5f:12: 0a:c5:f7:4a:9f:83:4a:82:9d:c8:d1:f2:f0:c0:72:00:0a:3a: 55:49:8f:4c:b5:80:80:07:2c:80:27:14:32:6d:d9:51:db:7c: 9c:ce:6b:1e:7e:c3:28:7f:09:02:5e:34:3b:61:70:ca:61:9f: 15:43:89:87:a2:6a:2d:e2:b7:6a:d6:f3:9f:57:be:a7:5c:cf: c3:16:3b:dc:02:aa:1e:9f:88:7c:76:36:4c:66:9f:15:d4:4a: b8:bd:d9:a6:70:18:c7:8c:a9:0d:64:31:8f:cb:2d:c5:15:7a: a2:3a:ca:00:99:c5:a7:6e:be:13:2b:d0:59:5f:92:2c:49:c2: 26:38:03:49:80:c2:27:b6:4a:d5:09:1b:9c:5e:c4:67:fe:70: e3:18:0a:40:ef:08:b1:df:b2:93:5d:ef:1d:96:e0:3f:91:13: 99:2e:b7:13:ca:9f:62:96:e5:51:cb:a1:91:6e:0a:9d:64:5d: 00:c6:d6:87:c7:e2:e3:bd:7a:16:09:9e:d2:c7:fb:bb:f2:2d: 5d:55:c4:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrRjB67KNkhPHEVUnB1pdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm N2VhOTEwHhcNMjUxMjI2MDgwMTE0WhcNMjUxMjI3MDgwMTE0WjAzMTEwLwYDVQQD EyhhMmQ3YjQyN2FiZWU4NTVmNTQzMWQ0NDliOTc3NmY2NGU5MDJmZWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fzfYjJpzISj3IS1hH/LksPoyjyX TdvRm7ebjhaSosM11OLVGhhlikBd7fs+60eqjT1zigiauzT4IczLCxNZuunmy6Pq 6hr7q37L6NvF65xic2zQmPC0UCodO9nuSEhSXIb82/xUbjVw0SH6NZqrRhG+6akQ QNxLZgNCqMMNGtV+D7WeQhHRO5NXGpVqcL3bTSWWNUc1OLiJVQ/a6LKBCSArInQw HrAoSfTMF6J0an75WMtWhnEnnCTDTxgaC7Mf6+X+UsFzTtI0aXv/Cpwh77FoFcTL LLSD8LLUzKDbQmf5qah/2d7BXAdZqzg0nbz7RiVCLqrcPX1OCUZ2J5UCTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKLXtCer7oVfVDHUSbl3b2TpAv7/MB8GA1UdIwQY MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0 LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOsGgW5V0 DXnrfCCyafBUpTAUKGTNSJgu8YHp8qkAWpDHCHMF2ntL4JDZKQbv+IM11yTHlF8S CsX3Sp+DSoKdyNHy8MByAAo6VUmPTLWAgAcsgCcUMm3ZUdt8nM5rHn7DKH8JAl40 O2FwymGfFUOJh6JqLeK3atbzn1e+p1zPwxY73AKqHp+IfHY2TGafFdRKuL3ZpnAY x4ypDWQxj8stxRV6ojrKAJnFp26+EyvQWV+SLEnCJjgDSYDCJ7ZK1QkbnF7EZ/5w 4xgKQO8Isd+yk13vHZbgP5ETmS63E8qfYpblUcuhkW4KnWRdAMbWh8fi4716Fgme 0sf7u/ItXVXE5A== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:43 2025 by rpki-client