This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft File: 2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json) Hash identifier: alCAiH9ld4/cnH6XzWR0zzHWRbUnA4GNYmcJ9fhzZFg= Subject key identifier: AE:96:F5:C8:E5:EE:E8:B6:FE:FC:B1:46:77:70:A3:15:AE:2A:EB:EF Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79 Certificate issuer: /CN=d90ad1111318300ba678e88e0502b1fc51e35379 Certificate serial: 019B59ACED241DCA884BC84DE66638F08094 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft Manifest number: 03A1 Signing time: Fri 26 Dec 2025 08:01:03 +0000 Manifest this update: Fri 26 Dec 2025 08:01:03 +0000 Manifest next update: Sat 27 Dec 2025 08:01:03 +0000 Files and hashes: 1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: Ue4py157S0al67YjOOEKJRD1Mat5k91rkX1vPbW7mXY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:ed:24:1d:ca:88:4b:c8:4d:e6:66:38:f0:80:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379 Validity Not Before: Dec 26 08:01:03 2025 GMT Not After : Dec 27 08:01:03 2025 GMT Subject: CN=ae96f5c8e5eee8b6fefcb1467770a315ae2aebef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:2a:75:03:17:7b:71:18:13:34:b9:2d:d2:d0: e0:7f:ea:b6:c2:f9:1d:b8:3b:64:c5:25:e1:a1:4d: d1:c5:fd:23:db:15:44:f9:79:a9:6e:38:aa:b9:d9: b1:ee:3c:54:60:0c:c3:54:88:1f:89:ad:cb:41:4c: 31:d4:9b:8b:21:58:ab:97:03:f7:75:89:a1:7e:8e: ae:c3:37:51:2e:49:a1:c5:a1:04:99:97:e9:a8:d3: 3c:c6:c5:b2:65:21:fd:0d:4b:37:a7:23:8a:1f:11: 1f:eb:4d:d3:91:c8:a6:81:d4:e7:b2:eb:1f:34:41: 5b:a8:33:f6:cc:50:e5:17:97:d9:98:85:56:e7:fa: 77:f3:2f:7b:0d:43:87:11:77:80:77:25:89:6b:ec: 70:4c:32:1c:c7:56:5a:63:ad:16:c0:76:9a:17:d1: 9c:5b:75:ae:a4:70:22:74:86:d1:26:98:8c:c3:48: e9:9b:0f:ec:49:f5:14:96:44:64:d7:05:0a:1f:26: 5c:01:cf:0f:45:a3:22:4e:20:2c:7d:75:ff:17:65: 71:6c:20:7a:05:c9:2e:91:ac:55:2b:ca:67:d6:6e: 08:a3:bd:e0:ce:63:aa:39:5e:34:2d:71:33:be:27: 96:27:3d:b6:27:32:a6:dc:d9:5c:b2:12:46:cb:dd: 01:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:96:F5:C8:E5:EE:E8:B6:FE:FC:B1:46:77:70:A3:15:AE:2A:EB:EF X509v3 Authority Key Identifier: keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:c3:05:d3:70:4a:53:2c:29:d2:f8:31:8c:30:6b:f4:c7:b6: ae:e7:a6:c8:d2:f2:6d:73:93:36:7c:06:c7:19:59:bc:84:ee: 48:6a:ce:4a:73:f3:4f:04:14:47:e7:96:76:22:41:13:ae:59: b9:a1:3f:10:db:80:fb:0b:f3:b5:d1:41:4b:34:eb:04:fc:d6: bb:cb:cb:a4:6a:1b:1b:93:78:f6:96:33:8e:76:5e:25:d8:23: 68:c9:76:10:03:70:8a:c6:ed:01:67:35:0b:fb:73:9d:00:5c: 8c:11:0c:f7:4a:e8:45:b5:3a:da:71:a7:0d:54:25:06:bb:52: 40:9b:b8:f7:3a:40:61:64:44:38:50:31:7e:6c:f4:19:f5:20: a7:a0:69:a5:af:62:0d:88:b8:b9:d2:9e:01:c7:e0:26:aa:5f: 45:45:04:8f:d5:fd:f2:31:2d:59:e1:cb:b7:58:72:6e:76:a3: d1:0c:7f:c1:0e:32:ea:3a:ee:44:bc:30:69:64:15:25:39:43: 44:b1:fd:de:50:19:06:d5:a9:3c:55:53:b2:0d:ae:56:7d:3c: eb:89:bb:5f:84:71:a0:66:80:95:ec:7f:fc:f4:c5:5b:5d:ee: 37:2c:23:99:82:1f:44:01:ce:c5:51:50:e7:a8:e4:4e:e6:14: d2:08:cd:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrO0kHcqIS8hN5mY48ICUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl MzUzNzkwHhcNMjUxMjI2MDgwMTAzWhcNMjUxMjI3MDgwMTAzWjAzMTEwLwYDVQQD EyhhZTk2ZjVjOGU1ZWVlOGI2ZmVmY2IxNDY3NzcwYTMxNWFlMmFlYmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ip1Axd7cRgTNLkt0tDgf+q2wvkd uDtkxSXhoU3Rxf0j2xVE+Xmpbjiqudmx7jxUYAzDVIgfia3LQUwx1JuLIVirlwP3 dYmhfo6uwzdRLkmhxaEEmZfpqNM8xsWyZSH9DUs3pyOKHxEf603TkcimgdTnsusf NEFbqDP2zFDlF5fZmIVW5/p38y97DUOHEXeAdyWJa+xwTDIcx1ZaY60WwHaaF9Gc W3WupHAidIbRJpiMw0jpmw/sSfUUlkRk1wUKHyZcAc8PRaMiTiAsfXX/F2VxbCB6 BckukaxVK8pn1m4Io73gzmOqOV40LXEzvieWJz22JzKm3NlcshJGy90BhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK6W9cjl7ui2/vyxRndwoxWuKuvvMB8GA1UdIwQY MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1 LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGcMF03BK Uywp0vgxjDBr9Me2ruemyNLybXOTNnwGxxlZvITuSGrOSnPzTwQUR+eWdiJBE65Z uaE/ENuA+wvztdFBSzTrBPzWu8vLpGobG5N49pYzjnZeJdgjaMl2EANwisbtAWc1 C/tznQBcjBEM90roRbU62nGnDVQlBrtSQJu49zpAYWREOFAxfmz0GfUgp6Bppa9i DYi4udKeAcfgJqpfRUUEj9X98jEtWeHLt1hybnaj0Qx/wQ4y6jruRLwwaWQVJTlD RLH93lAZBtWpPFVTsg2uVn0864m7X4RxoGaAlex//PTFW13uNywjmYIfRAHOxVFQ 56jkTuYU0gjN0A== -----END CERTIFICATE-----Generated at Fri Dec 26 16:04:00 2025 by rpki-client