This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft File: 2GucF3igUp7n4jIAPL5cmTw2_ds.mft (raw, json) Hash identifier: rDAOMinCfZigUY5tydytPHOYOG61vnEUEIF8icYgvyU= Subject key identifier: A1:D9:D1:24:B1:75:53:10:71:3A:70:DE:16:CE:61:9B:F8:92:9D:78 Authority key identifier: D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB Certificate issuer: /CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Certificate serial: 019B104A09B3B34B1930444F3510C732095F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft Manifest number: 04D1 Signing time: Fri 12 Dec 2025 02:00:46 +0000 Manifest this update: Fri 12 Dec 2025 02:00:46 +0000 Manifest next update: Sat 13 Dec 2025 02:00:46 +0000 Files and hashes: 1: 2GucF3igUp7n4jIAPL5cmTw2_ds.crl (hash: bWJq37fkHNcO/BWF3RBE4/VErIpd2UBfBeLDAassx9A=) 2: xaTFNHvIwGFGt2nvvisSJGJJn1U.roa (hash: dncutlGZCp4ijfHdULe589Ce9+6dKbRvNV71t7mvtSc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:4a:09:b3:b3:4b:19:30:44:4f:35:10:c7:32:09:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Validity Not Before: Dec 12 02:00:46 2025 GMT Not After : Dec 13 02:00:46 2025 GMT Subject: CN=a1d9d124b1755310713a70de16ce619bf8929d78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:81:b0:e9:ba:e7:59:2b:ed:d6:18:72:97:28: fc:69:69:a6:7b:d0:41:64:9d:a9:e1:ea:fb:bf:94: 35:f0:42:85:63:87:f9:b7:5a:43:70:b5:c2:95:e1: 66:0b:e2:d2:e1:a2:95:e3:6a:bd:7d:32:51:24:dd: be:e1:5f:a2:cc:b8:a0:31:73:0a:73:f8:b4:11:5d: cb:9d:2a:2d:3e:4d:f0:4e:83:37:d4:0c:b6:2d:27: e9:fa:9d:6f:6c:78:13:bf:1f:4a:ad:d4:75:5e:93: 42:24:8e:4d:02:8c:f6:f2:47:8a:c4:3b:b9:4e:ba: f7:60:9e:21:c5:cd:10:d9:e7:12:d9:40:c9:15:f6: aa:b8:69:31:d0:c6:db:41:39:01:84:03:aa:bc:78: d6:f4:a4:59:11:a0:fd:f8:0e:d6:2d:f6:df:f5:09: 12:34:f6:a2:29:bb:26:3d:d5:39:4b:7d:05:b8:11: c8:85:0e:33:17:7c:96:61:f4:96:80:f2:d8:0e:c9: 39:f8:c3:ac:8f:67:ff:c4:83:6a:77:bb:07:87:56: 21:96:67:c6:82:7a:2e:f5:db:21:9c:74:d0:b7:99: 1b:58:aa:1d:d9:5e:49:e2:0f:03:27:09:cc:45:60: 9f:98:c5:90:57:34:1e:83:35:af:d6:b9:cb:bf:c1: c4:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:D9:D1:24:B1:75:53:10:71:3A:70:DE:16:CE:61:9B:F8:92:9D:78 X509v3 Authority Key Identifier: keyid:D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:16:67:85:80:b6:21:08:fa:cb:e8:50:70:d0:1d:a6:21:38: bb:ac:16:aa:2e:9f:e7:9c:2d:28:61:72:61:88:1c:82:89:c3: 5e:c3:51:94:e2:cb:a3:d2:6b:6a:b6:51:d5:57:78:99:2e:c9: 5d:6c:76:70:d0:90:61:71:ff:24:a8:fd:f4:30:57:bc:19:e0: 4b:a2:d4:58:28:3e:5c:b0:b9:c3:04:98:55:fb:8b:ca:53:26: e3:ad:db:1d:c1:bc:79:cb:42:3c:dc:23:5b:c5:d1:89:fb:a0: fa:da:34:ef:fd:83:d6:aa:a5:0b:75:a0:8a:d4:88:03:b4:09: 4d:d8:e3:bd:d1:86:15:de:39:d8:62:f1:84:7c:4b:23:27:a8: ff:10:01:12:80:2c:a5:ef:32:45:c1:1c:6f:64:41:11:fe:ed: 29:10:28:53:2f:78:88:ef:d4:6e:e5:12:fb:76:62:68:9e:bf: 65:93:06:ec:26:3a:d2:de:4d:b1:af:90:56:e1:ab:03:86:fe: 1f:5c:28:2d:9e:98:8e:00:32:82:6c:17:d7:26:c1:96:a7:33: 91:56:78:3f:ae:90:b1:16:ac:9e:58:56:7f:c0:74:52:6b:e4: 25:0a:2e:78:c5:1d:f5:c0:79:45:65:2b:71:8a:04:89:85:2b: 32:8e:b9:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQSgmzs0sZMERPNRDHMglfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NmI5YzE3NzhhMDUyOWVlN2UyMzIwMDNjYmU1Yzk5M2Mz NmZkZGIwHhcNMjUxMjEyMDIwMDQ2WhcNMjUxMjEzMDIwMDQ2WjAzMTEwLwYDVQQD EyhhMWQ5ZDEyNGIxNzU1MzEwNzEzYTcwZGUxNmNlNjE5YmY4OTI5ZDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oGw6brnWSvt1hhylyj8aWmme9BB ZJ2p4er7v5Q18EKFY4f5t1pDcLXCleFmC+LS4aKV42q9fTJRJN2+4V+izLigMXMK c/i0EV3LnSotPk3wToM31Ay2LSfp+p1vbHgTvx9KrdR1XpNCJI5NAoz28keKxDu5 Trr3YJ4hxc0Q2ecS2UDJFfaquGkx0MbbQTkBhAOqvHjW9KRZEaD9+A7WLfbf9QkS NPaiKbsmPdU5S30FuBHIhQ4zF3yWYfSWgPLYDsk5+MOsj2f/xINqd7sHh1YhlmfG gnou9dshnHTQt5kbWKod2V5J4g8DJwnMRWCfmMWQVzQegzWv1rnLv8HErQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKHZ0SSxdVMQcTpw3hbOYZv4kp14MB8GA1UdIwQY MBaAFNhrnBd4oFKe5+IyADy+XJk8Nv3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQt YTgwYTk1ZTVhMDk5LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQtYTgwYTk1ZTVhMDk5 LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIRZnhYC2 IQj6y+hQcNAdpiE4u6wWqi6f55wtKGFyYYgcgonDXsNRlOLLo9JrarZR1Vd4mS7J XWx2cNCQYXH/JKj99DBXvBngS6LUWCg+XLC5wwSYVfuLylMm463bHcG8ectCPNwj W8XRifug+to07/2D1qqlC3WgitSIA7QJTdjjvdGGFd452GLxhHxLIyeo/xABEoAs pe8yRcEcb2RBEf7tKRAoUy94iO/UbuUS+3ZiaJ6/ZZMG7CY60t5Nsa+QVuGrA4b+ H1woLZ6YjgAygmwX1ybBlqczkVZ4P66QsRasnlhWf8B0UmvkJQoueMUd9cB5RWUr cYoEiYUrMo65pw== -----END CERTIFICATE-----Generated at Fri Dec 12 04:00:11 2025 by rpki-client