This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft File: 2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft (raw, json) Hash identifier: UlRVnTAF1VylUd+vUvxNVqKLuBQnbQTvtcCy1xh6700= Subject key identifier: 02:A2:CB:82:E1:5F:34:9C:EF:03:23:12:67:6B:4F:FC:D3:B6:C7:C8 Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02 Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02 Certificate serial: 019B2BF893F3C4EA7B70DC76BD8CAD4EBB91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft Manifest number: 1648 Signing time: Wed 17 Dec 2025 11:01:09 +0000 Manifest this update: Wed 17 Dec 2025 11:01:09 +0000 Manifest next update: Thu 18 Dec 2025 11:01:09 +0000 Files and hashes: 1: 2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl (hash: rjRZc0lFWldIntPuuOoEkQfPq93CkJT3qwsmof7i0es=) 2: jnl0pkc8VZioDFc1rU2LXYR9u10.roa (hash: hBLoItEXtLXi0Hx0eyOzMHvYDZZAUIWBeCW6pZ7dYGc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:93:f3:c4:ea:7b:70:dc:76:bd:8c:ad:4e:bb:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02 Validity Not Before: Dec 17 11:01:09 2025 GMT Not After : Dec 18 11:01:09 2025 GMT Subject: CN=02a2cb82e15f349cef032312676b4ffcd3b6c7c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:98:57:36:91:72:70:95:ec:9f:f8:1e:6c:6c: c8:b8:38:db:e2:74:de:bd:7f:8f:34:95:1e:3a:a0: 96:6d:f8:8d:55:dd:99:ec:09:b1:d4:54:23:4e:17: b6:62:2d:82:fd:c0:ee:aa:98:19:5f:40:c8:f2:7e: 48:3a:b9:32:9d:14:d1:38:46:25:57:00:52:1c:26: 94:02:ab:74:0a:14:a7:a9:c2:c6:94:26:aa:bc:6b: 20:6b:f9:8e:99:7d:01:93:e0:76:71:d6:2a:cf:ec: d8:35:45:53:b3:85:3d:a1:84:b0:42:49:d0:fd:55: 4b:bd:9d:14:ad:fb:06:a3:00:aa:80:a4:ff:b4:32: 77:89:65:26:4b:36:55:58:42:21:a0:ff:b8:c7:8a: 91:29:d2:8c:a2:0f:9f:98:7f:17:b0:55:d3:f5:0a: a3:7c:38:e0:c7:e7:cd:e3:ae:3f:cc:e4:e9:01:fd: 4a:85:3a:36:9a:37:77:9f:6f:b5:f3:76:3f:ed:b9: d8:1c:39:8d:18:26:83:85:52:71:4a:95:a4:e2:76: 11:8b:01:f7:c4:2a:ba:5e:99:37:40:cc:4d:4f:88: 5a:0b:9b:06:e6:bf:ae:6b:fd:ff:c0:97:21:4e:4a: 9b:69:4b:94:d5:3d:63:6a:26:d0:d1:6b:7e:93:01: e3:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:A2:CB:82:E1:5F:34:9C:EF:03:23:12:67:6B:4F:FC:D3:B6:C7:C8 X509v3 Authority Key Identifier: keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:e4:a0:cd:b0:fe:b1:4e:75:eb:9b:e1:3d:2b:72:93:32:5d: 19:0a:2c:33:94:f6:52:c7:c0:ae:e8:20:99:8a:11:79:51:b6: 22:ba:73:fc:a2:00:e8:d3:8c:25:82:2a:ae:56:64:77:b6:c7: ca:90:15:93:2b:3b:14:b2:aa:c0:5c:d2:0d:3e:56:02:bb:c3: d3:bf:23:d7:c7:7d:03:b6:8f:36:cd:d8:58:e1:7d:69:ce:b0: 21:b6:03:3d:f0:fc:55:c8:13:e1:08:2e:8a:99:34:92:ae:ed: 8b:99:9d:fc:ad:15:f2:27:dc:a4:6a:d7:70:8f:73:e0:46:13: 6b:53:9f:69:99:64:58:56:be:23:0a:20:47:4f:36:59:73:02: 94:30:d7:94:20:19:b4:d1:2e:4a:97:98:0b:33:6a:4e:97:2b: 4e:e0:53:9b:99:da:90:b5:3d:86:4d:5d:c3:e6:52:ab:34:1e: bf:12:82:29:0b:71:e4:d4:d9:c5:27:5d:33:9c:90:7d:7c:57: 2c:6b:fc:f3:b5:d6:64:48:ef:57:92:60:71:27:ac:10:57:bc: 7b:20:e6:e8:f9:85:10:c4:19:59:d7:70:83:4b:4e:ee:ff:a0: 8c:ca:b7:1a:f3:ea:76:b1:72:a8:01:05:65:00:ca:71:9d:c2: 34:1b:d7:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+JPzxOp7cNx2vYytTruRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5NzczZDczM2QxODQ1YzQxZDNmOWEzNjJiNTViNzRlNjg2 ZjljMDIwHhcNMjUxMjE3MTEwMTA5WhcNMjUxMjE4MTEwMTA5WjAzMTEwLwYDVQQD EygwMmEyY2I4MmUxNWYzNDljZWYwMzIzMTI2NzZiNGZmY2QzYjZjN2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqphXNpFycJXsn/gebGzIuDjb4nTe vX+PNJUeOqCWbfiNVd2Z7Amx1FQjThe2Yi2C/cDuqpgZX0DI8n5IOrkynRTROEYl VwBSHCaUAqt0ChSnqcLGlCaqvGsga/mOmX0Bk+B2cdYqz+zYNUVTs4U9oYSwQknQ /VVLvZ0UrfsGowCqgKT/tDJ3iWUmSzZVWEIhoP+4x4qRKdKMog+fmH8XsFXT9Qqj fDjgx+fN464/zOTpAf1KhTo2mjd3n2+183Y/7bnYHDmNGCaDhVJxSpWk4nYRiwH3 xCq6Xpk3QMxNT4haC5sG5r+ua/3/wJchTkqbaUuU1T1jaibQ0Wt+kwHjhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAKiy4LhXzSc7wMjEmdrT/zTtsfIMB8GA1UdIwQY MBaAFNl3PXM9GEXEHT+aNitVt05ob5wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMt MDFhMjlmNWY2ZGRlLzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMtMDFhMjlmNWY2ZGRl LzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfeSgzbD+ sU5165vhPStykzJdGQosM5T2UsfAruggmYoReVG2Irpz/KIA6NOMJYIqrlZkd7bH ypAVkys7FLKqwFzSDT5WArvD078j18d9A7aPNs3YWOF9ac6wIbYDPfD8VcgT4Qgu ipk0kq7ti5md/K0V8ifcpGrXcI9z4EYTa1OfaZlkWFa+IwogR082WXMClDDXlCAZ tNEuSpeYCzNqTpcrTuBTm5nakLU9hk1dw+ZSqzQevxKCKQtx5NTZxSddM5yQfXxX LGv887XWZEjvV5JgcSesEFe8eyDm6PmFEMQZWddwg0tO7v+gjMq3GvPqdrFyqAEF ZQDKcZ3CNBvX2A== -----END CERTIFICATE-----Generated at Wed Dec 17 19:10:06 2025 by rpki-client