This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft File: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft (raw, json) Hash identifier: KLdlWhTe4v6BVa6CMQ7UodmEMUiVHD6g7JQS3ea/gmI= Subject key identifier: 28:5E:61:2C:E9:86:DA:10:11:D2:9E:4A:AE:70:3D:B4:6B:54:84:ED Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1 Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1 Certificate serial: 019B2098C5AEE0224DDB30CBDDCF084C73DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft Manifest number: 0E6C Signing time: Mon 15 Dec 2025 06:00:41 +0000 Manifest this update: Mon 15 Dec 2025 06:00:41 +0000 Manifest next update: Tue 16 Dec 2025 06:00:41 +0000 Files and hashes: 1: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl (hash: 6+5g88rTfgxmUanZclKsqlYqHjf0IqGHyRKOVI3G/Uo=) 2: wUSVu8lDNfoUWdaRO2jsDgRSmsg.roa (hash: A2CVwSparFGjp8/uMP7BcSnzpGUx0FpocYCZqqW30C8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 06:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:98:c5:ae:e0:22:4d:db:30:cb:dd:cf:08:4c:73:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1 Validity Not Before: Dec 15 06:00:41 2025 GMT Not After : Dec 16 06:00:41 2025 GMT Subject: CN=285e612ce986da1011d29e4aae703db46b5484ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:33:4e:2b:dc:0d:ee:6c:ea:e7:57:a2:c2:09: ed:c3:ba:5e:11:66:63:9f:07:e3:e2:37:dc:cc:e8: d2:7b:5a:e1:78:80:ae:22:ce:c7:14:65:5e:c7:84: 9f:c7:58:02:8c:5e:2c:ff:44:5c:40:43:9b:0b:9a: 71:0a:97:32:a8:57:09:72:42:e7:a2:28:d6:94:f0: 4f:e9:7f:a7:dc:89:16:b7:57:a8:b7:df:68:82:e4: 52:fa:f2:c0:f5:fb:8a:f7:05:93:17:bb:15:5e:a8: d3:4d:e4:18:03:61:80:2a:e9:de:d0:e4:fb:af:11: 44:fc:3f:85:4d:d4:eb:4c:ce:34:b0:60:19:6e:a2: 3c:3f:59:6d:c8:cf:32:68:e3:3d:3b:81:30:99:45: ee:ca:e7:d5:ff:26:46:06:41:6a:d8:95:7c:40:63: 92:7b:9d:e3:f4:8a:6d:c9:10:d3:92:c2:ae:0d:41: a8:72:2d:ee:db:ad:cb:ab:26:06:5b:dd:14:22:ab: ad:fe:47:30:9d:79:88:47:71:36:6b:5b:51:91:23: 34:1a:a3:32:19:66:5e:3d:43:80:7d:3c:4f:f3:bc: 99:72:69:22:aa:c9:ff:40:9a:13:fa:7f:48:e2:e5: 65:94:dd:cf:ed:88:a9:53:38:d1:6d:71:49:21:a8: 82:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:5E:61:2C:E9:86:DA:10:11:D2:9E:4A:AE:70:3D:B4:6B:54:84:ED X509v3 Authority Key Identifier: keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:c4:7e:5b:7b:28:2b:ba:4a:f4:11:8b:94:1a:20:99:ca:e1: 8d:e8:ae:80:ce:ba:96:dc:7a:32:ed:ff:36:f7:2a:21:2b:68: 8b:ea:bf:22:1f:6b:9c:e1:5b:1f:61:08:70:bd:81:49:f0:31: 21:8b:c5:b3:ae:96:99:cb:64:6b:f5:23:6f:8f:5b:72:54:ef: 3a:fe:68:2e:0d:5a:5a:a9:bd:c5:1d:1e:7f:0f:b1:80:43:77: 3b:7f:b2:2d:ff:22:59:bc:b7:06:4d:60:6e:90:2c:a5:b6:46: b2:18:f4:3b:46:2e:79:3d:1d:34:08:b9:be:46:41:fe:e6:76: af:92:02:c2:61:d7:38:e5:93:dd:77:dc:82:67:e4:47:8e:19: d2:46:65:d9:23:16:62:74:8e:6e:e2:7c:e4:8a:8a:37:6e:a3: 44:b7:01:c3:4d:d7:f8:30:c6:78:37:59:58:35:0e:b4:9c:52: 93:4d:7a:6e:e4:dc:8c:ba:ba:c4:0b:2f:5e:d8:12:71:72:99: 72:bb:35:e2:3a:e4:07:14:56:bf:98:d8:be:a7:24:33:45:8f: 28:15:77:1f:fd:41:81:c1:45:d0:ad:6b:70:4d:ab:4d:59:00: d3:42:cf:9c:9a:fc:f0:ae:73:c7:3a:6d:c1:53:01:76:ba:77: 78:44:a6:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgmMWu4CJN2zDL3c8ITHPcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl OTExYzEwHhcNMjUxMjE1MDYwMDQxWhcNMjUxMjE2MDYwMDQxWjAzMTEwLwYDVQQD EygyODVlNjEyY2U5ODZkYTEwMTFkMjllNGFhZTcwM2RiNDZiNTQ4NGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjNOK9wN7mzq51eiwgntw7peEWZj nwfj4jfczOjSe1rheICuIs7HFGVex4Sfx1gCjF4s/0RcQEObC5pxCpcyqFcJckLn oijWlPBP6X+n3IkWt1eot99oguRS+vLA9fuK9wWTF7sVXqjTTeQYA2GAKune0OT7 rxFE/D+FTdTrTM40sGAZbqI8P1ltyM8yaOM9O4EwmUXuyufV/yZGBkFq2JV8QGOS e53j9IptyRDTksKuDUGoci3u263LqyYGW90UIqut/kcwnXmIR3E2a1tRkSM0GqMy GWZePUOAfTxP87yZcmkiqsn/QJoT+n9I4uVllN3P7YipUzjRbXFJIaiCUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCheYSzphtoQEdKeSq5wPbRrVITtMB8GA1UdIwQY MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt M2EwZmFhMjhiNWFjLzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMR+W3so K7pK9BGLlBogmcrhjeiugM66ltx6Mu3/NvcqIStoi+q/Ih9rnOFbH2EIcL2BSfAx IYvFs66Wmctka/Ujb49bclTvOv5oLg1aWqm9xR0efw+xgEN3O3+yLf8iWby3Bk1g bpAspbZGshj0O0YueT0dNAi5vkZB/uZ2r5ICwmHXOOWT3XfcgmfkR44Z0kZl2SMW YnSObuJ85IqKN26jRLcBw03X+DDGeDdZWDUOtJxSk016buTcjLq6xAsvXtgScXKZ crs14jrkBxRWv5jYvqckM0WPKBV3H/1BgcFF0K1rcE2rTVkA00LPnJr88K5zxzpt wVMBdrp3eESmKQ== -----END CERTIFICATE-----Generated at Mon Dec 15 13:23:51 2025 by rpki-client