This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json) Hash identifier: khhlsAmMGVSQBNOuJ1IB+4wn9J15wxU/GVDGa8fG2+M= Subject key identifier: DF:9D:D2:FF:77:83:C7:B8:11:AE:14:E5:20:68:2C:89:E9:30:C4:0A Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61 Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61 Certificate serial: 019B59ACC560EE99BC39935FE7726C21F6BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft Manifest number: 179C Signing time: Fri 26 Dec 2025 08:00:53 +0000 Manifest this update: Fri 26 Dec 2025 08:00:53 +0000 Manifest next update: Sat 27 Dec 2025 08:00:53 +0000 Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: l6jMsmIZXqmqNeHUq3EjzZXBIEs/nq0GlmmaFlLLNMI=) 2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 08:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:c5:60:ee:99:bc:39:93:5f:e7:72:6c:21:f6:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61 Validity Not Before: Dec 26 08:00:53 2025 GMT Not After : Dec 27 08:00:53 2025 GMT Subject: CN=df9dd2ff7783c7b811ae14e520682c89e930c40a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:6b:8f:f4:b3:d0:25:ea:b7:f3:62:2f:80:5c: 4a:a5:88:8c:0f:25:89:28:8b:09:03:b2:27:9e:2b: 4d:67:ef:b5:6a:4d:e5:14:17:1d:7b:12:38:38:ba: 11:bc:f7:09:9c:4f:e6:b2:13:9c:0b:15:30:1b:b4: d2:4d:71:88:cc:89:3a:16:ea:59:29:ce:5a:78:32: 0d:d7:83:4c:64:0f:62:1c:1c:88:ef:d3:99:79:73: c4:41:c8:cc:89:0e:e6:0b:34:e1:a0:46:d5:5a:0c: 6d:34:9b:a2:d9:fc:bd:9e:b5:9d:f4:32:81:07:da: a8:d3:80:ba:b1:d4:4a:d3:be:df:82:32:c7:51:1e: 16:ab:73:eb:8a:8d:a0:9f:e9:aa:a5:99:f8:03:01: 68:29:46:df:80:7e:13:f0:cc:e4:0f:70:a5:9e:04: 88:0f:eb:4b:af:57:1b:ab:6f:fc:e0:87:49:b1:24: 88:f3:52:98:55:0e:9b:5f:9b:56:61:c4:61:7a:e4: 78:f7:3d:50:00:5b:5e:99:b9:87:f3:68:b1:89:19: ea:5d:88:f8:f1:ac:a0:5e:b1:64:20:39:e2:4a:f4: 10:39:62:ed:80:c3:1b:24:3b:6d:66:bb:d1:0e:96: 8c:51:17:10:81:52:a5:1c:a0:15:fb:d2:fb:4e:62: 44:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:9D:D2:FF:77:83:C7:B8:11:AE:14:E5:20:68:2C:89:E9:30:C4:0A X509v3 Authority Key Identifier: keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:b9:83:7f:a0:75:8e:56:73:96:84:87:9c:48:7d:97:60:97: 68:40:e3:c5:c7:4f:9d:f9:f2:42:f2:1c:e6:a4:61:5c:86:b2: 47:94:8d:d4:3d:e3:39:cc:12:cc:5e:ea:a0:4f:a6:a9:6a:c6: 17:21:ae:42:8d:2d:0f:37:7e:40:0c:4e:2c:fc:24:dd:fc:ff: 72:1a:dc:db:22:30:59:54:3c:32:0e:96:cb:be:0d:a9:58:3a: 57:3b:b0:f3:fe:7f:6d:69:55:4b:80:90:db:38:9e:21:76:7b: e3:69:74:17:b1:d6:1f:7c:50:6e:a4:91:96:93:d7:4b:d1:fb: ef:17:6b:9e:7a:c8:58:7c:ae:66:95:46:26:b0:a8:7a:30:2f: 37:c3:dd:e7:c6:04:85:48:3d:6e:39:66:1b:7d:dc:b5:9f:87: 1e:58:37:1b:84:61:65:93:30:85:f2:0b:87:65:2f:cc:c5:2a: 66:65:24:3b:1a:6b:1b:bb:37:8a:e0:62:22:29:3e:ff:b8:3c: a2:be:07:c9:60:35:31:d2:03:7e:71:db:e9:3a:71:fb:67:bd: 43:a1:cf:ad:bd:d4:da:82:b5:78:a0:54:4b:3a:30:00:dd:40: d5:04:d2:f2:c7:2f:38:94:09:57:39:70:f1:08:9d:ba:b5:89: 15:b9:1b:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrMVg7pm8OZNf53JsIfa/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3 YjJjNjEwHhcNMjUxMjI2MDgwMDUzWhcNMjUxMjI3MDgwMDUzWjAzMTEwLwYDVQQD EyhkZjlkZDJmZjc3ODNjN2I4MTFhZTE0ZTUyMDY4MmM4OWU5MzBjNDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGuP9LPQJeq382IvgFxKpYiMDyWJ KIsJA7InnitNZ++1ak3lFBcdexI4OLoRvPcJnE/mshOcCxUwG7TSTXGIzIk6FupZ Kc5aeDIN14NMZA9iHByI79OZeXPEQcjMiQ7mCzThoEbVWgxtNJui2fy9nrWd9DKB B9qo04C6sdRK077fgjLHUR4Wq3Prio2gn+mqpZn4AwFoKUbfgH4T8MzkD3ClngSI D+tLr1cbq2/84IdJsSSI81KYVQ6bX5tWYcRheuR49z1QAFtembmH82ixiRnqXYj4 8aygXrFkIDniSvQQOWLtgMMbJDttZrvRDpaMURcQgVKlHKAV+9L7TmJEywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN+d0v93g8e4Ea4U5SBoLInpMMQKMB8GA1UdIwQY MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWbmDf6B1 jlZzloSHnEh9l2CXaEDjxcdPnfnyQvIc5qRhXIayR5SN1D3jOcwSzF7qoE+mqWrG FyGuQo0tDzd+QAxOLPwk3fz/chrc2yIwWVQ8Mg6Wy74NqVg6Vzuw8/5/bWlVS4CQ 2zieIXZ742l0F7HWH3xQbqSRlpPXS9H77xdrnnrIWHyuZpVGJrCoejAvN8Pd58YE hUg9bjlmG33ctZ+HHlg3G4RhZZMwhfILh2UvzMUqZmUkOxprG7s3iuBiIik+/7g8 or4HyWA1MdIDfnHb6Tpx+2e9Q6HPrb3U2oK1eKBUSzowAN1A1QTS8scvOJQJVzlw 8QidurWJFbkbzQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:05:21 2025 by rpki-client