This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft File: 2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json) Hash identifier: ZAuNcx1eLFKJJhO6IH3nMo1TjjBSK/0DLuNBKwPWODc= Subject key identifier: 79:1E:6D:A0:95:2D:C1:C6:28:0D:82:B0:5C:8A:97:16:EC:EF:1E:D6 Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06 Certificate issuer: /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606 Certificate serial: 019B0521D61D2863A398E87C7F4C4C9BEE1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft Manifest number: 16C8 Signing time: Tue 09 Dec 2025 22:01:02 +0000 Manifest this update: Tue 09 Dec 2025 22:01:02 +0000 Manifest next update: Wed 10 Dec 2025 22:01:02 +0000 Files and hashes: 1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: JiFkVbAt8zSoxFY/1ceyBkq05lbO0lh68jrIVAPRaE4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 10 Dec 2025 22:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:05:21:d6:1d:28:63:a3:98:e8:7c:7f:4c:4c:9b:ee:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606 Validity Not Before: Dec 9 22:01:02 2025 GMT Not After : Dec 10 22:01:02 2025 GMT Subject: CN=791e6da0952dc1c6280d82b05c8a9716ecef1ed6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:dd:b0:08:9b:cf:e7:5c:fc:fa:62:c9:6b:a0: 99:df:b7:8a:af:65:92:d6:df:c4:df:bc:b3:98:a8: c9:41:3c:4f:cb:d1:67:e1:ad:d3:d1:fa:a9:4b:d8: b0:5d:0c:47:cc:25:a3:11:a3:b7:9f:d9:99:a8:8c: 01:8b:02:97:0d:7c:93:2d:54:7a:66:a0:b0:74:73: 7e:c3:e2:97:4e:35:49:2d:e6:40:bc:0d:08:f5:fe: a2:a3:ea:2e:c3:6b:70:a3:f2:cc:f3:6a:18:ff:0f: 67:d4:0f:ac:c8:3c:ef:6c:2a:40:71:af:9f:74:8a: 01:93:3b:37:11:61:1d:56:5a:c3:79:73:88:78:01: e4:75:ce:67:50:53:0a:3e:88:f9:b2:a7:28:d9:d3: d3:41:bb:60:5b:8c:9d:9b:1c:35:12:64:e3:85:a8: 9c:80:1d:05:64:fb:a7:c6:e2:5f:00:32:75:21:a0: cb:0f:c3:e5:38:4d:f6:23:62:a8:07:56:51:30:de: df:87:53:98:c5:f0:98:d4:7a:5c:d0:6e:88:01:0b: 10:f4:64:6a:0a:77:c3:45:62:f7:8b:d4:02:a1:4d: 35:9c:fd:84:1a:d6:67:70:db:0e:01:d0:71:50:4a: 4a:c6:84:dd:7d:39:97:08:83:c3:b7:b4:8c:93:7a: d1:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:1E:6D:A0:95:2D:C1:C6:28:0D:82:B0:5C:8A:97:16:EC:EF:1E:D6 X509v3 Authority Key Identifier: keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:9b:46:40:01:42:b3:68:5c:b5:18:c9:3d:d6:1d:bf:d8:0b: de:56:c2:4e:ca:27:d5:c9:dd:76:aa:de:76:ea:01:f3:f4:07: 05:09:a5:25:6b:a6:04:c4:6a:38:c6:d5:20:d0:33:d1:74:99: 72:65:26:a9:bf:74:37:36:3a:dc:64:83:2c:cb:bd:ee:d3:a1: e4:c7:c6:fe:82:bf:02:84:f7:26:36:cf:51:fc:6f:cb:93:51: e2:0c:6b:c5:da:a4:ff:df:da:4b:e1:ae:41:d1:10:2f:58:f4: 23:c5:c0:9f:20:bd:0f:b2:3c:3c:a6:c0:de:fb:cc:c5:5f:38: 4e:86:cb:8c:f9:26:11:21:5c:9e:ce:9b:e9:84:41:1c:b3:ff: 30:b2:3d:21:7f:9a:53:c4:ed:e9:fb:dd:71:dc:a6:ee:f1:1f: bf:13:91:6f:cf:d0:57:62:bb:9a:bd:eb:65:3a:1e:d7:36:40: f2:9f:df:cb:6c:f6:9d:ee:e8:f4:96:34:8c:de:c9:d8:ed:4d: 0a:fc:78:59:79:8d:c0:47:df:2e:c3:67:08:38:38:e9:2b:31: 88:bf:e8:d3:ae:be:7e:d2:f7:ca:f9:94:b7:ba:e6:c8:50:7c: df:f4:d4:db:ad:54:f9:6b:f2:5c:55:64:e2:fd:4e:92:4a:69: 7c:f7:92:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsFIdYdKGOjmOh8f0xMm+4cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm NzI2MDYwHhcNMjUxMjA5MjIwMTAyWhcNMjUxMjEwMjIwMTAyWjAzMTEwLwYDVQQD Eyg3OTFlNmRhMDk1MmRjMWM2MjgwZDgyYjA1YzhhOTcxNmVjZWYxZWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst2wCJvP51z8+mLJa6CZ37eKr2WS 1t/E37yzmKjJQTxPy9Fn4a3T0fqpS9iwXQxHzCWjEaO3n9mZqIwBiwKXDXyTLVR6 ZqCwdHN+w+KXTjVJLeZAvA0I9f6io+ouw2two/LM82oY/w9n1A+syDzvbCpAca+f dIoBkzs3EWEdVlrDeXOIeAHkdc5nUFMKPoj5sqco2dPTQbtgW4ydmxw1EmTjhaic gB0FZPunxuJfADJ1IaDLD8PlOE32I2KoB1ZRMN7fh1OYxfCY1Hpc0G6IAQsQ9GRq CnfDRWL3i9QCoU01nP2EGtZncNsOAdBxUEpKxoTdfTmXCIPDt7SMk3rRyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHkebaCVLcHGKA2CsFyKlxbs7x7WMB8GA1UdIwQY MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3 LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdJtGQAFC s2hctRjJPdYdv9gL3lbCTson1cnddqreduoB8/QHBQmlJWumBMRqOMbVINAz0XSZ cmUmqb90NzY63GSDLMu97tOh5MfG/oK/AoT3JjbPUfxvy5NR4gxrxdqk/9/aS+Gu QdEQL1j0I8XAnyC9D7I8PKbA3vvMxV84TobLjPkmESFcns6b6YRBHLP/MLI9IX+a U8Tt6fvdcdym7vEfvxORb8/QV2K7mr3rZToe1zZA8p/fy2z2ne7o9JY0jN7J2O1N Cvx4WXmNwEffLsNnCDg46SsxiL/o066+ftL3yvmUt7rmyFB83/TU261U+WvyXFVk 4v1OkkppfPeSVw== -----END CERTIFICATE-----Generated at Wed Dec 10 05:56:02 2025 by rpki-client