This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.mft File: 2ilr0AMdba2mxzBzYI89EeRFzkQ.mft (raw, json) Hash identifier: 0fx+L/0ym+uk4OZ9Ode7L0H8Mq1XZazPDtU0y+hFTPc= Subject key identifier: E8:65:C8:D0:77:C3:85:A1:E4:76:B3:B1:95:E9:6A:1A:52:44:9D:3D Authority key identifier: DA:29:6B:D0:03:1D:6D:AD:A6:C7:30:73:60:8F:3D:11:E4:45:CE:44 Certificate issuer: /CN=da296bd0031d6dada6c73073608f3d11e445ce44 Certificate serial: 019B38A10865A081FE83D9FDB8706825F7D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ilr0AMdba2mxzBzYI89EeRFzkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.mft Manifest number: 05C8 Signing time: Fri 19 Dec 2025 22:00:36 +0000 Manifest this update: Fri 19 Dec 2025 22:00:36 +0000 Manifest next update: Sat 20 Dec 2025 22:00:36 +0000 Files and hashes: 1: 2ilr0AMdba2mxzBzYI89EeRFzkQ.crl (hash: S7kSdYwfcEeU8ki8aUi9IIvA8dmYA3iWedDerL9l+E4=) 2: xbFh-XL0EOh1euSo-ddC7jaGUKM.roa (hash: 8IT/bBcEgFQE8EaggOanI6nAulFvf6rnXMDUQLI1njI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2ilr0AMdba2mxzBzYI89EeRFzkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:08:65:a0:81:fe:83:d9:fd:b8:70:68:25:f7:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da296bd0031d6dada6c73073608f3d11e445ce44 Validity Not Before: Dec 19 22:00:36 2025 GMT Not After : Dec 20 22:00:36 2025 GMT Subject: CN=e865c8d077c385a1e476b3b195e96a1a52449d3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:8a:6a:17:4d:9d:67:cb:95:18:fb:e3:a6:77: d0:56:96:3f:67:79:cb:6d:86:e5:d2:7d:ef:99:32: 0d:1a:76:d5:08:dc:68:60:4e:ce:b1:d7:df:60:69: 9e:ce:c6:9d:ba:1e:78:e5:7b:be:02:8d:02:03:ec: a1:53:eb:1a:24:84:11:ac:79:fe:62:00:1b:7a:2d: 07:a9:d1:18:da:09:5f:75:b8:80:ef:31:27:91:3e: 1f:9c:3b:cd:cc:05:c5:7e:2a:1c:73:28:1c:6a:25: 05:b5:df:40:ca:2a:2a:60:9c:c2:9f:ea:3a:62:1e: 14:88:61:e3:1b:91:f7:4a:6e:77:66:05:75:b5:58: c4:01:0b:24:2f:6e:58:09:ab:0b:54:c6:4c:44:54: 13:71:c6:8a:1c:8d:de:75:15:13:23:de:28:d2:f0: 2b:b8:96:33:49:f4:8b:aa:29:8c:40:73:21:49:ff: bf:6b:0a:cf:5c:f1:c4:95:36:57:d5:92:ef:6a:30: 59:9d:02:be:e2:93:1d:40:71:ed:ca:8b:65:36:7d: 8f:8e:61:26:c9:ae:5f:5c:65:8a:5e:a9:2b:c8:d4: b8:a9:25:a3:f2:e1:c6:e9:84:f4:6b:5b:8f:57:27: 85:5f:14:a5:a9:d9:26:c3:16:81:4c:e0:64:8a:2c: b9:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:65:C8:D0:77:C3:85:A1:E4:76:B3:B1:95:E9:6A:1A:52:44:9D:3D X509v3 Authority Key Identifier: keyid:DA:29:6B:D0:03:1D:6D:AD:A6:C7:30:73:60:8F:3D:11:E4:45:CE:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ilr0AMdba2mxzBzYI89EeRFzkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1aafa0-0278-4dd6-8807-5726c2b5148d/1/2ilr0AMdba2mxzBzYI89EeRFzkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:52:18:2f:50:ce:76:ad:cc:a1:dc:ba:ee:06:cf:07:4f:5d: b3:ec:2a:d6:2d:4a:e7:3e:cf:e9:7e:99:77:14:0d:8c:b2:10: 9a:89:c9:df:0c:90:44:c3:c5:7e:cf:27:f3:12:22:a8:4e:e9: 35:b1:f8:80:b9:25:c2:e2:6d:f1:3f:09:16:55:20:aa:d4:91: 76:a1:5d:d1:2e:fd:b4:c1:17:8c:98:4a:31:91:18:2f:64:17: 78:51:6b:e9:c5:36:65:41:74:8b:26:68:34:3d:46:66:9e:4e: 32:a0:8d:a7:93:73:6c:fe:b4:65:c1:70:bb:52:4c:98:22:1a: 02:f1:0b:89:27:88:95:2a:3c:a6:15:3b:9e:f2:0f:77:5e:53: 75:5a:8a:db:23:91:47:c5:ff:e9:b9:3a:ef:3d:4b:d6:da:a2: f9:90:7c:8e:c6:bf:f7:b6:08:66:25:33:e8:39:6a:45:0c:50: a9:1d:44:48:2a:30:99:1b:b7:51:29:7b:5d:5a:ea:a5:ea:4c: 3c:31:fe:ce:e7:5f:2e:68:0c:93:f1:8a:a3:9e:e8:1d:3c:ce: 3f:26:db:c7:5d:88:d9:a8:4c:ca:df:a1:ca:d3:6b:ef:65:04: ac:49:c5:97:30:73:64:4d:1c:ea:cc:6e:33:c4:ed:c1:ed:ec: 47:a0:bc:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oQhloIH+g9n9uHBoJffRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMjk2YmQwMDMxZDZkYWRhNmM3MzA3MzYwOGYzZDExZTQ0 NWNlNDQwHhcNMjUxMjE5MjIwMDM2WhcNMjUxMjIwMjIwMDM2WjAzMTEwLwYDVQQD EyhlODY1YzhkMDc3YzM4NWExZTQ3NmIzYjE5NWU5NmExYTUyNDQ5ZDNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIpqF02dZ8uVGPvjpnfQVpY/Z3nL bYbl0n3vmTINGnbVCNxoYE7OsdffYGmezsaduh545Xu+Ao0CA+yhU+saJIQRrHn+ YgAbei0HqdEY2glfdbiA7zEnkT4fnDvNzAXFfioccygcaiUFtd9AyioqYJzCn+o6 Yh4UiGHjG5H3Sm53ZgV1tVjEAQskL25YCasLVMZMRFQTccaKHI3edRUTI94o0vAr uJYzSfSLqimMQHMhSf+/awrPXPHElTZX1ZLvajBZnQK+4pMdQHHtyotlNn2PjmEm ya5fXGWKXqkryNS4qSWj8uHG6YT0a1uPVyeFXxSlqdkmwxaBTOBkiiy5fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOhlyNB3w4Wh5HazsZXpahpSRJ09MB8GA1UdIwQY MBaAFNopa9ADHW2tpscwc2CPPRHkRc5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmlscjBBTWRiYTJteHpCellJODlFZVJGemtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xYWFmYTAtMDI3OC00ZGQ2LTg4MDct NTcyNmMyYjUxNDhkLzEvMmlscjBBTWRiYTJteHpCellJODlFZVJGemtRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC8xYWFmYTAtMDI3OC00ZGQ2LTg4MDctNTcyNmMyYjUxNDhk LzEvMmlscjBBTWRiYTJteHpCellJODlFZVJGemtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMVIYL1DO dq3Mody67gbPB09ds+wq1i1K5z7P6X6ZdxQNjLIQmonJ3wyQRMPFfs8n8xIiqE7p NbH4gLklwuJt8T8JFlUgqtSRdqFd0S79tMEXjJhKMZEYL2QXeFFr6cU2ZUF0iyZo ND1GZp5OMqCNp5NzbP60ZcFwu1JMmCIaAvELiSeIlSo8phU7nvIPd15TdVqK2yOR R8X/6bk67z1L1tqi+ZB8jsa/97YIZiUz6DlqRQxQqR1ESCowmRu3USl7XVrqpepM PDH+zudfLmgMk/GKo57oHTzOPybbx12I2ahMyt+hytNr72UErEnFlzBzZE0c6sxu M8Ttwe3sR6C8Ig== -----END CERTIFICATE-----Generated at Sat Dec 20 00:15:49 2025 by rpki-client