This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft File: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft (raw, json) Hash identifier: 9EZjRvGdo+/rEHODZp9S2FU7VYzfWOv+x1T/R+GXXOE= Subject key identifier: 21:C3:B4:81:6E:1D:19:CD:14:2D:62:9C:BB:AF:35:30:4E:2F:46:9F Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9 Certificate issuer: /CN=d94284b94325f5060f8a0e87c1be2827788f18f9 Certificate serial: 019B42EEA69EB698C44181145377D0F39FC5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft Manifest number: 14CE Signing time: Sun 21 Dec 2025 22:01:34 +0000 Manifest this update: Sun 21 Dec 2025 22:01:34 +0000 Manifest next update: Mon 22 Dec 2025 22:01:34 +0000 Files and hashes: 1: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl (hash: reo/3BIOlEnOT+Xkxq94W/E4ijM1x3tEk68AL0JCUL8=) 2: ysJps6pTqYBp8hRsJvvn2nSnB6Y.roa (hash: xFEzrUJlVVBWEtFecNObcV0TMloS/XizxOFPtUYtswE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:a6:9e:b6:98:c4:41:81:14:53:77:d0:f3:9f:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9 Validity Not Before: Dec 21 22:01:34 2025 GMT Not After : Dec 22 22:01:34 2025 GMT Subject: CN=21c3b4816e1d19cd142d629cbbaf35304e2f469f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:0f:a6:07:bc:0a:0a:34:84:08:cf:90:ff:af: 5d:c3:2e:d1:29:6d:b5:ac:80:69:0a:19:62:e6:95: 74:9b:30:67:5b:26:64:a4:29:95:db:3d:34:91:c8: 7b:be:08:f4:b5:a3:9c:a8:a6:49:6f:a6:c8:a3:22: d8:61:1a:6b:b9:9e:48:ea:0a:de:72:bb:8e:e0:d5: 42:60:00:bd:f7:c1:06:8b:f0:a8:6c:6f:39:c4:c2: 04:62:1e:a2:3d:35:4b:dd:01:9f:e0:e8:3c:64:2d: fb:0a:8c:16:66:92:7c:c5:b8:e9:8d:d2:25:44:06: 90:84:e0:6a:29:e8:fe:6f:a4:a5:29:c0:df:32:0e: e2:8c:22:07:85:95:04:7d:b3:24:f9:9d:2d:cd:67: cf:18:27:5e:ca:36:fc:46:6c:87:7a:8b:9d:34:18: dd:31:39:1b:14:48:94:e4:f8:84:a4:25:49:23:34: e6:6e:19:85:13:3a:0e:f2:5c:46:9f:99:22:06:e3: d5:1a:a2:f5:96:94:5c:a2:2f:c5:72:70:77:e2:c6: 20:c0:79:70:27:34:60:61:50:a5:91:32:3d:c6:da: 67:c7:5c:80:ad:04:02:c4:3e:4d:37:74:32:63:32: ae:eb:b5:54:b9:92:07:18:2a:cc:73:1b:8f:8b:60: e9:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:C3:B4:81:6E:1D:19:CD:14:2D:62:9C:BB:AF:35:30:4E:2F:46:9F X509v3 Authority Key Identifier: keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:e8:b2:9f:2b:5e:79:9e:1d:cf:3b:14:59:c5:11:17:7f:f5: 75:dc:66:ef:41:77:60:33:dd:81:42:58:8a:a9:37:c8:e9:23: 36:b5:b2:4e:ee:6f:ac:a1:28:c4:50:7e:6f:f3:10:59:71:cb: d2:1f:a5:bd:ad:0f:0a:c6:34:6e:ed:cc:ed:44:fa:ef:1c:f4: 2e:a2:d8:d2:35:c6:96:1e:10:7c:b7:be:22:5a:bf:ff:11:dc: 87:9b:5c:42:4a:56:8b:78:ea:ef:5d:ad:b2:50:1e:16:0a:55: 48:3d:87:0d:73:b0:77:f2:89:ba:d6:a1:01:71:f4:b9:f1:54: ca:18:57:b8:5e:68:ec:7e:e2:cc:f2:ba:42:0d:c6:04:16:db: 59:27:1e:d3:67:cb:a4:d2:aa:ec:39:5b:3c:68:d2:51:21:33: 17:65:84:00:33:b8:65:55:68:d8:fa:d1:92:84:28:fd:44:5c: 81:59:90:53:58:87:0f:f3:b5:51:f5:0b:cd:47:e2:3d:ce:c9: 40:ca:15:53:79:cc:f0:fa:17:5f:99:58:68:2e:a9:3c:bc:f6: d0:2c:f0:0c:a7:5d:ac:b3:7f:c5:34:5b:df:29:c5:bb:fb:74: 99:ee:5d:74:40:1b:c6:56:4c:f0:87:20:4a:a9:85:e2:4d:0b: 8d:0c:4b:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7qaetpjEQYEUU3fQ85/FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4 ZjE4ZjkwHhcNMjUxMjIxMjIwMTM0WhcNMjUxMjIyMjIwMTM0WjAzMTEwLwYDVQQD EygyMWMzYjQ4MTZlMWQxOWNkMTQyZDYyOWNiYmFmMzUzMDRlMmY0NjlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog+mB7wKCjSECM+Q/69dwy7RKW21 rIBpChli5pV0mzBnWyZkpCmV2z00kch7vgj0taOcqKZJb6bIoyLYYRpruZ5I6gre cruO4NVCYAC998EGi/CobG85xMIEYh6iPTVL3QGf4Og8ZC37CowWZpJ8xbjpjdIl RAaQhOBqKej+b6SlKcDfMg7ijCIHhZUEfbMk+Z0tzWfPGCdeyjb8RmyHeoudNBjd MTkbFEiU5PiEpCVJIzTmbhmFEzoO8lxGn5kiBuPVGqL1lpRcoi/FcnB34sYgwHlw JzRgYVClkTI9xtpnx1yArQQCxD5NN3QyYzKu67VUuZIHGCrMcxuPi2DppQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCHDtIFuHRnNFC1inLuvNTBOL0afMB8GA1UdIwQY MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt OTVkNTk0NjVlOWE4LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4 LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGOiynyte eZ4dzzsUWcURF3/1ddxm70F3YDPdgUJYiqk3yOkjNrWyTu5vrKEoxFB+b/MQWXHL 0h+lva0PCsY0bu3M7UT67xz0LqLY0jXGlh4QfLe+Ilq//xHch5tcQkpWi3jq712t slAeFgpVSD2HDXOwd/KJutahAXH0ufFUyhhXuF5o7H7izPK6Qg3GBBbbWSce02fL pNKq7DlbPGjSUSEzF2WEADO4ZVVo2PrRkoQo/URcgVmQU1iHD/O1UfULzUfiPc7J QMoVU3nM8PoXX5lYaC6pPLz20CzwDKddrLN/xTRb3ynFu/t0me5ddEAbxlZM8Icg SqmF4k0LjQxLXQ== -----END CERTIFICATE-----Generated at Mon Dec 22 04:22:43 2025 by rpki-client