This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft File: 2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json) Hash identifier: yhzSCnMAaGOBEtZoOAFP4pk7b0wp/0sw6R9ZOtMd4Ss= Subject key identifier: BF:CB:A6:35:7F:69:1B:41:74:75:6C:C5:DB:F4:C3:94:13:B9:A8:B0 Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06 Certificate issuer: /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606 Certificate serial: 019B3758126F416B0443D2B1D330F18BAD8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft Manifest number: 16E2 Signing time: Fri 19 Dec 2025 16:01:17 +0000 Manifest this update: Fri 19 Dec 2025 16:01:17 +0000 Manifest next update: Sat 20 Dec 2025 16:01:17 +0000 Files and hashes: 1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: ZHocleRnVGjaL6jVO0ccQAoggb8t2QcmD98cNiOkqOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:58:12:6f:41:6b:04:43:d2:b1:d3:30:f1:8b:ad:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606 Validity Not Before: Dec 19 16:01:17 2025 GMT Not After : Dec 20 16:01:17 2025 GMT Subject: CN=bfcba6357f691b4174756cc5dbf4c39413b9a8b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b3:0a:74:70:55:a0:21:80:cb:58:de:e3:94: af:03:cf:a7:bf:f9:4e:26:21:ff:ae:a1:c4:1c:a4: f8:72:1d:33:e0:e0:11:6a:a5:bc:62:2d:9f:b9:66: 5d:79:6c:fa:48:17:e1:0e:e2:3a:61:bc:76:1f:7b: 1e:a2:f9:25:ee:cb:a7:fb:73:f1:de:68:0c:1a:3a: d6:63:2c:31:6f:6d:27:e5:42:51:fa:bd:5a:d3:02: f8:c3:1a:31:c9:10:ac:62:b8:2c:72:b8:e9:7c:50: c8:a2:59:a6:ce:60:d0:58:73:3e:b1:70:80:19:1b: 6e:ae:be:09:e9:f4:d0:1a:ac:10:c4:93:f6:ef:87: 13:75:28:f0:90:b0:e5:70:80:5c:4f:25:2d:62:53: a7:e2:4b:15:9b:89:9c:8d:9e:a5:65:40:6e:3c:b0: 02:ff:76:9b:36:c8:e1:f0:d5:c7:ce:b9:4f:89:54: 71:a0:1c:a4:b9:c7:91:5d:b6:5b:ec:57:b9:90:1f: 5d:7b:dc:86:cd:c1:67:01:61:0a:97:7f:55:54:c9: 2b:b6:9e:7c:14:af:1e:a0:fb:3f:21:e4:a9:e6:a0: 4b:12:df:86:fe:c8:3f:bf:c1:4a:a9:02:8e:70:e2: 6a:54:7b:af:17:71:1f:c8:6d:1b:d7:f6:fa:1d:01: 19:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:CB:A6:35:7F:69:1B:41:74:75:6C:C5:DB:F4:C3:94:13:B9:A8:B0 X509v3 Authority Key Identifier: keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:e5:36:6c:61:5a:48:c1:b6:8a:38:4a:1f:63:82:fa:3d:44: f8:51:b4:32:12:15:9c:7c:db:88:07:df:44:d2:78:c9:12:a4: c7:5d:f7:ad:13:d3:e4:a5:ce:de:53:8f:b8:4a:fc:9d:c4:9c: 79:b9:e4:7b:9b:c4:d8:95:7f:48:c1:d9:5b:3e:a6:ed:31:0a: a6:67:e9:84:d4:b4:b9:1f:3c:2f:af:0b:39:b1:4e:26:01:48: c4:e2:59:57:70:fb:30:fe:b4:c0:d8:7e:4b:8d:94:fa:d9:f0: 32:5b:c2:87:ae:8e:21:04:26:a0:2a:16:b7:d4:a7:7b:d9:3c: af:c5:3a:66:7a:a9:e9:8b:62:5e:40:d8:44:dc:ea:d2:da:cd: 7a:38:ed:11:08:e3:f9:d2:2c:47:59:ee:f6:4a:d9:0d:c6:91: 13:a5:cb:b2:94:e5:48:5c:24:04:8f:47:bb:d5:a0:68:de:ec: 7c:26:08:9a:7f:c3:a9:ed:43:4d:4d:a6:a2:b7:4e:c1:29:ee: 13:10:fb:06:6c:26:9d:da:b7:59:86:8e:94:43:d7:60:e4:a7: ce:20:5e:c1:ba:ec:3e:7c:63:88:92:c3:35:5f:c9:1d:88:8e: 28:c4:87:62:7e:08:48:47:e0:95:05:f7:83:72:53:75:fc:68: f9:d0:5d:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3WBJvQWsEQ9Kx0zDxi62MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm NzI2MDYwHhcNMjUxMjE5MTYwMTE3WhcNMjUxMjIwMTYwMTE3WjAzMTEwLwYDVQQD EyhiZmNiYTYzNTdmNjkxYjQxNzQ3NTZjYzVkYmY0YzM5NDEzYjlhOGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LMKdHBVoCGAy1je45SvA8+nv/lO JiH/rqHEHKT4ch0z4OARaqW8Yi2fuWZdeWz6SBfhDuI6Ybx2H3seovkl7sun+3Px 3mgMGjrWYywxb20n5UJR+r1a0wL4wxoxyRCsYrgscrjpfFDIolmmzmDQWHM+sXCA GRturr4J6fTQGqwQxJP274cTdSjwkLDlcIBcTyUtYlOn4ksVm4mcjZ6lZUBuPLAC /3abNsjh8NXHzrlPiVRxoBykuceRXbZb7Fe5kB9de9yGzcFnAWEKl39VVMkrtp58 FK8eoPs/IeSp5qBLEt+G/sg/v8FKqQKOcOJqVHuvF3EfyG0b1/b6HQEZWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/LpjV/aRtBdHVsxdv0w5QTuaiwMB8GA1UdIwQY MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3 LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOU2bGFa SMG2ijhKH2OC+j1E+FG0MhIVnHzbiAffRNJ4yRKkx133rRPT5KXO3lOPuEr8ncSc ebnke5vE2JV/SMHZWz6m7TEKpmfphNS0uR88L68LObFOJgFIxOJZV3D7MP60wNh+ S42U+tnwMlvCh66OIQQmoCoWt9Sne9k8r8U6Znqp6YtiXkDYRNzq0trNejjtEQjj +dIsR1nu9krZDcaRE6XLspTlSFwkBI9Hu9WgaN7sfCYImn/Dqe1DTU2mordOwSnu ExD7Bmwmndq3WYaOlEPXYOSnziBewbrsPnxjiJLDNV/JHYiOKMSHYn4ISEfglQX3 g3JTdfxo+dBdDg== -----END CERTIFICATE-----Generated at Fri Dec 19 17:24:46 2025 by rpki-client