This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json) Hash identifier: fLbnz8Bz12UCnAP5Yccs6XJayPpnqlvsh6sv90/4l9E= Subject key identifier: C9:CB:06:33:C1:7E:0C:5D:E0:4F:B0:6C:3A:7E:1A:00:E5:90:E3:59 Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9 Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9 Certificate serial: 019B1B3C080BEFE6B77B85971D7A4FECAC09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft Manifest number: 0490 Signing time: Sun 14 Dec 2025 05:01:17 +0000 Manifest this update: Sun 14 Dec 2025 05:01:17 +0000 Manifest next update: Mon 15 Dec 2025 05:01:17 +0000 Files and hashes: 1: j5QtHlhxEZZOM5CvXJMLssoxGGc.roa (hash: 8L3ZEU7bcEWssZWSFVojRb4D5wALELFNA26f5J8ZxnI=) 2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: xnD1B+s7hV/5BirzeWul5gCO/GWitdN9MMaFoOaEMQo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:3c:08:0b:ef:e6:b7:7b:85:97:1d:7a:4f:ec:ac:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9 Validity Not Before: Dec 14 05:01:17 2025 GMT Not After : Dec 15 05:01:17 2025 GMT Subject: CN=c9cb0633c17e0c5de04fb06c3a7e1a00e590e359 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fc:38:2c:1c:95:bf:81:a3:0f:6b:8b:7a:71: 24:19:c0:17:93:f2:4f:34:51:6b:51:52:f2:8c:a3: b0:a4:94:06:ac:5b:22:53:03:d6:95:c9:38:b4:fa: 1c:75:90:99:e4:10:84:6e:54:4c:9d:5b:71:d3:bf: 96:c5:6b:e1:90:14:41:88:cf:a6:c1:39:6e:bf:d8: 69:f5:20:29:9a:04:8b:7a:87:5a:e3:9e:2c:1d:49: 53:4b:7b:0f:f2:9a:6f:b2:64:83:fe:22:ad:f0:1a: cd:89:a8:19:35:47:e7:a7:1e:5a:65:0b:9c:6f:7e: f0:e5:23:04:92:75:4c:26:eb:64:de:dd:19:7e:f0: 83:8e:17:9b:39:2c:3d:d3:57:8e:7e:b8:e1:49:d7: a3:ef:ec:83:fc:55:49:d1:af:8e:73:50:b7:f4:a2: 46:5b:21:19:b3:49:a3:15:79:d9:85:e7:ff:9c:a6: b3:58:07:b5:f2:79:a0:8a:5c:a2:58:a6:4d:d1:21: 9e:6d:9e:d8:39:cc:a4:56:96:12:6a:67:11:82:ad: f1:f3:28:3e:34:c3:09:00:1f:1a:9b:e8:39:df:e3: f3:e9:f7:39:d0:45:6a:a8:7c:67:04:66:0c:c0:1e: fe:25:cb:8b:b1:0f:ea:6b:da:4a:08:e8:42:3a:50: d2:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:CB:06:33:C1:7E:0C:5D:E0:4F:B0:6C:3A:7E:1A:00:E5:90:E3:59 X509v3 Authority Key Identifier: keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:01:a2:18:db:3c:d6:da:b3:4c:b7:c1:0f:31:37:f9:58:c0: 53:81:19:20:58:62:c5:91:f5:86:ff:78:f6:e3:90:69:9c:e3: 54:6e:3f:9c:a6:20:69:de:3b:af:0c:b2:4c:d4:49:43:a4:6e: 91:5f:c1:dc:b7:6c:e7:6b:bf:4b:36:91:33:e6:df:ab:3c:75: d8:82:58:ec:c7:6a:96:a2:cb:f4:f4:8b:14:e7:ac:25:d6:28: 7b:04:19:4b:09:5f:2a:24:b7:08:9b:32:3b:e4:f6:7f:fe:eb: 87:cc:72:21:1e:3d:51:18:da:c5:fd:b5:48:c0:e7:41:22:51: d2:8c:a2:03:b8:d5:ae:e5:cc:a2:e2:48:42:b6:22:91:95:5e: 19:05:88:33:41:57:15:b4:36:3c:85:e2:d0:89:e6:b5:c5:79: 77:04:8e:1b:ea:64:e7:24:2c:90:49:8c:9a:99:65:c5:0c:73: 7c:84:30:f3:f2:a1:c1:48:71:1a:1d:7c:45:f0:6f:55:2f:15: 26:b9:a7:fd:74:c8:2d:ea:16:72:75:19:b7:c9:5f:7d:e6:4c: f5:ae:69:ac:70:ec:1d:e6:7c:e6:f7:35:4b:d5:92:0d:61:52: 59:29:40:72:ec:c7:ba:f4:b5:55:3a:9c:57:fe:19:c6:98:28: 80:b5:da:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbPAgL7+a3e4WXHXpP7KwJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm NGQ4YzkwHhcNMjUxMjE0MDUwMTE3WhcNMjUxMjE1MDUwMTE3WjAzMTEwLwYDVQQD EyhjOWNiMDYzM2MxN2UwYzVkZTA0ZmIwNmMzYTdlMWEwMGU1OTBlMzU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfw4LByVv4GjD2uLenEkGcAXk/JP NFFrUVLyjKOwpJQGrFsiUwPWlck4tPocdZCZ5BCEblRMnVtx07+WxWvhkBRBiM+m wTluv9hp9SApmgSLeoda454sHUlTS3sP8ppvsmSD/iKt8BrNiagZNUfnpx5aZQuc b37w5SMEknVMJutk3t0ZfvCDjhebOSw901eOfrjhSdej7+yD/FVJ0a+Oc1C39KJG WyEZs0mjFXnZhef/nKazWAe18nmgilyiWKZN0SGebZ7YOcykVpYSamcRgq3x8yg+ NMMJAB8am+g53+Pz6fc50EVqqHxnBGYMwB7+JcuLsQ/qa9pKCOhCOlDSwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMnLBjPBfgxd4E+wbDp+GgDlkONZMB8GA1UdIwQY MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQGiGNs8 1tqzTLfBDzE3+VjAU4EZIFhixZH1hv949uOQaZzjVG4/nKYgad47rwyyTNRJQ6Ru kV/B3Lds52u/SzaRM+bfqzx12IJY7MdqlqLL9PSLFOesJdYoewQZSwlfKiS3CJsy O+T2f/7rh8xyIR49URjaxf21SMDnQSJR0oyiA7jVruXMouJIQrYikZVeGQWIM0FX FbQ2PIXi0InmtcV5dwSOG+pk5yQskEmMmpllxQxzfIQw8/KhwUhxGh18RfBvVS8V Jrmn/XTILeoWcnUZt8lffeZM9a5prHDsHeZ85vc1S9WSDWFSWSlAcuzHuvS1VTqc V/4ZxpgogLXa+w== -----END CERTIFICATE-----Generated at Sun Dec 14 13:52:31 2025 by rpki-client