This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json) Hash identifier: rLvOAtH2BGzGZoLTyCkqEsIWlxt4v5gRhi0JjPw0wGs= Subject key identifier: 62:39:E1:EB:6A:62:3E:0B:9C:35:AA:77:C2:04:37:B2:F9:C4:19:D0 Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a Certificate serial: 019B0F3760CE9074F979165FA130F0E41C11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft Manifest number: 169F Signing time: Thu 11 Dec 2025 21:00:46 +0000 Manifest this update: Thu 11 Dec 2025 21:00:46 +0000 Manifest next update: Fri 12 Dec 2025 21:00:46 +0000 Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: qtQ1yOkAAx5gZcdeLmI3vsfHrkNfeZiyht36wAeG7hg=) 2: 6R0wvkFPscZQ2uww-ZvwnaXh--0.roa (hash: wyiJ7rZP6x6kzeIfld1VjsLp4nIqzGhNhuxTGdTq1Ek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:60:ce:90:74:f9:79:16:5f:a1:30:f0:e4:1c:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a Validity Not Before: Dec 11 21:00:46 2025 GMT Not After : Dec 12 21:00:46 2025 GMT Subject: CN=6239e1eb6a623e0b9c35aa77c20437b2f9c419d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:fe:93:af:0c:b4:60:9e:c1:0f:8b:b1:91:8c: b2:a1:f7:1b:21:94:fc:ec:e9:37:47:5a:2b:d4:c1: 51:b0:e4:b4:ba:a3:17:71:e1:2f:fc:71:16:be:57: 81:26:90:48:a4:65:0e:6d:39:68:af:5b:f1:4f:d8: 23:71:4e:b4:e3:76:b0:bf:33:0c:a9:a1:49:e1:17: dd:3c:17:d0:8e:d0:c0:87:cc:f0:38:cc:6f:4c:0a: 41:99:ad:bc:11:bf:2a:cb:89:17:b8:8d:66:a1:0e: e8:58:1c:ee:3a:3a:e4:de:e3:bc:7b:73:ff:2c:ec: 89:df:b9:0d:fd:8a:12:f0:c9:2f:81:bc:4d:c9:b5: 8e:8e:3d:3c:4a:6f:cc:46:9f:d0:1a:70:27:e2:2b: 1b:43:f9:30:3d:66:19:38:a1:f4:ad:30:23:58:cf: c5:9c:e8:31:dd:b8:47:80:6e:cf:aa:72:b2:b3:11: cb:89:5a:f5:e7:da:56:5c:e2:91:56:f5:18:cb:0d: fc:14:88:03:af:bf:0f:f5:83:db:bf:c9:f1:ba:fe: 63:c4:51:dd:7a:fb:bd:a8:47:44:87:ca:93:78:91: 9e:f9:e0:20:34:e8:43:be:7e:70:c9:0d:f6:b5:6b: 8a:0e:1d:d7:99:b0:c5:f2:57:0b:39:9c:3f:5e:bf: 95:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:39:E1:EB:6A:62:3E:0B:9C:35:AA:77:C2:04:37:B2:F9:C4:19:D0 X509v3 Authority Key Identifier: keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:40:f1:96:da:b7:d3:fc:a5:88:08:94:e4:0b:0b:30:79:1c: 6d:1d:a7:e9:7c:f3:9b:91:d1:4d:f0:ed:a7:8a:18:4b:22:d5: 49:60:70:b5:21:20:ab:10:ef:26:e5:5f:fd:5d:e2:a6:84:29: cc:cb:7c:cd:89:b0:54:04:9a:40:9c:44:63:39:37:04:f4:1b: 19:04:87:cd:1e:7d:0e:13:12:24:75:7a:c9:52:11:85:2f:d1: 68:d6:67:9d:8c:04:c6:7b:bc:6b:9f:1d:75:be:c7:79:f8:28: ff:fa:21:28:81:0f:a0:f1:d2:97:3d:ca:aa:03:53:d5:35:36: 5b:af:6b:ae:60:c3:b0:82:c0:a5:c5:0c:41:fc:d9:d4:96:ad: 11:c0:b9:4e:35:5a:9a:11:ee:13:e6:43:00:a3:2f:6a:b3:66: f4:58:4a:94:2c:9b:ab:ca:1a:b0:15:68:92:4a:c7:24:0a:b6: 79:0a:32:cd:bc:a0:0c:30:c4:30:9f:3f:a0:02:2a:6e:cd:8a: bf:44:60:75:85:31:79:ec:71:64:24:93:0f:d8:16:50:00:a6: d5:c6:cc:14:3c:3b:bd:b1:57:3d:ed:d4:60:6e:90:6b:8d:ed: f1:ff:25:ae:80:dc:bb:ed:af:85:41:7f:22:68:01:04:d3:eb: 28:90:91:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPN2DOkHT5eRZfoTDw5BwRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk OTEzM2EwHhcNMjUxMjExMjEwMDQ2WhcNMjUxMjEyMjEwMDQ2WjAzMTEwLwYDVQQD Eyg2MjM5ZTFlYjZhNjIzZTBiOWMzNWFhNzdjMjA0MzdiMmY5YzQxOWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/6Trwy0YJ7BD4uxkYyyofcbIZT8 7Ok3R1or1MFRsOS0uqMXceEv/HEWvleBJpBIpGUObTlor1vxT9gjcU6043awvzMM qaFJ4RfdPBfQjtDAh8zwOMxvTApBma28Eb8qy4kXuI1moQ7oWBzuOjrk3uO8e3P/ LOyJ37kN/YoS8MkvgbxNybWOjj08Sm/MRp/QGnAn4isbQ/kwPWYZOKH0rTAjWM/F nOgx3bhHgG7PqnKysxHLiVr159pWXOKRVvUYyw38FIgDr78P9YPbv8nxuv5jxFHd evu9qEdEh8qTeJGe+eAgNOhDvn5wyQ32tWuKDh3XmbDF8lcLOZw/Xr+V+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGI54etqYj4LnDWqd8IEN7L5xBnQMB8GA1UdIwQY MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0Dxltq3 0/yliAiU5AsLMHkcbR2n6Xzzm5HRTfDtp4oYSyLVSWBwtSEgqxDvJuVf/V3ipoQp zMt8zYmwVASaQJxEYzk3BPQbGQSHzR59DhMSJHV6yVIRhS/RaNZnnYwExnu8a58d db7Hefgo//ohKIEPoPHSlz3KqgNT1TU2W69rrmDDsILApcUMQfzZ1JatEcC5TjVa mhHuE+ZDAKMvarNm9FhKlCybq8oasBVokkrHJAq2eQoyzbygDDDEMJ8/oAIqbs2K v0RgdYUxeexxZCSTD9gWUACm1cbMFDw7vbFXPe3UYG6Qa43t8f8lroDcu+2vhUF/ ImgBBNPrKJCR8g== -----END CERTIFICATE-----Generated at Thu Dec 11 23:55:50 2025 by rpki-client