This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft File: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json) Hash identifier: mCVvyY/WRia5NJKiY1oPGF2QV/AoRGzUkMMTVdx2CAU= Subject key identifier: 50:5C:E2:03:9E:6E:0E:25:57:48:98:9E:CD:D3:44:4D:13:CF:BB:1A Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 Certificate issuer: /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Certificate serial: 019B5A5148EB3C2819EB152AA5DF6F006B02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft Manifest number: 05A1 Signing time: Fri 26 Dec 2025 11:00:35 +0000 Manifest this update: Fri 26 Dec 2025 11:00:35 +0000 Manifest next update: Sat 27 Dec 2025 11:00:35 +0000 Files and hashes: 1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: uWcldRS5Nj7vAXqAbA3ViiVjDlbFd5IwBwC2Rrz7jLs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:48:eb:3c:28:19:eb:15:2a:a5:df:6f:00:6b:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Validity Not Before: Dec 26 11:00:35 2025 GMT Not After : Dec 27 11:00:35 2025 GMT Subject: CN=505ce2039e6e0e255748989ecdd3444d13cfbb1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:63:0c:b9:b8:f0:f8:03:f0:c5:3f:ee:cf:20: e6:d9:89:c8:7f:95:d8:a9:ae:d8:6a:8d:63:af:c8: e6:89:71:79:89:08:e2:00:00:ff:3e:55:97:d6:d2: 79:71:53:95:14:a7:80:00:34:c0:85:35:09:4b:2d: dc:fd:b2:3f:11:d9:fe:86:63:de:cc:2e:6f:4b:71: 07:a6:7d:43:7b:46:1e:3d:b5:fe:fd:37:69:9b:51: 55:b6:7d:3e:39:5c:3c:78:df:f0:1a:9a:52:8e:0e: cc:ca:16:b4:09:f3:d2:fe:5a:10:5f:2d:fd:fb:80: 0e:87:aa:92:a6:dd:d2:eb:e8:d0:f5:47:ef:3d:d7: 88:02:22:58:75:c7:2e:21:60:1f:14:f0:e9:e9:68: 3e:ba:2d:6f:ed:31:de:14:d2:14:9c:0d:eb:dd:ac: 7f:fb:84:82:a1:07:51:33:4d:ae:20:63:ba:6b:c0: 77:6f:54:33:50:b6:2d:28:e7:fb:57:e9:08:e2:24: 25:5e:17:3e:c1:94:97:1a:f2:dd:b3:67:7e:a0:43: b3:b0:bf:90:5d:34:e1:ff:f6:88:a9:9c:48:5a:5c: 33:6f:21:a4:52:69:09:1d:46:00:b1:24:df:23:a6: e3:b2:21:76:50:3e:8c:08:5f:e4:5d:31:6c:d2:42: 1d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:5C:E2:03:9E:6E:0E:25:57:48:98:9E:CD:D3:44:4D:13:CF:BB:1A X509v3 Authority Key Identifier: keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:97:d9:c9:83:1f:82:0f:7e:45:80:05:79:ec:7c:a8:c6:33: 05:6e:eb:69:51:20:c8:87:08:0a:6b:a0:d1:50:45:21:16:53: f3:af:4b:35:d2:b7:a1:b7:c3:60:6c:2c:ef:bb:87:b5:40:86: 00:5e:5f:93:46:fa:3f:74:dc:9b:87:f8:eb:c6:3a:a4:c0:8d: 1d:2b:26:27:2f:7f:81:6c:8b:7d:9f:36:38:dd:e1:c5:92:be: a2:12:4e:ab:7d:f8:ed:f4:a6:29:a0:9d:4d:6a:d2:8c:90:c4: 8b:05:c6:fd:55:f7:cc:cb:61:72:d6:b7:99:fa:cf:d0:49:19: dc:71:52:94:da:bb:00:2b:83:ca:54:73:c6:60:f0:fa:16:1d: b6:0b:ac:69:b8:30:bc:49:0f:ea:d3:74:b7:b9:fd:18:71:0f: 57:26:ca:7b:eb:2b:fd:1d:f6:1b:6a:4a:b7:81:47:9c:5f:91: a3:66:fd:1b:d0:a7:66:3a:f6:f1:9f:93:34:a8:a4:f7:5c:ad: d4:85:80:cf:e7:30:43:e7:91:1d:a9:33:ac:be:c5:a6:b7:e2: b5:69:97:2c:9d:d4:f1:72:29:cb:60:b1:ad:bd:40:84:e0:48: 12:1e:b1:c9:ce:e3:d8:b2:08:a3:ab:8a:fb:bc:10:f0:4d:9e: 98:68:a0:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUUjrPCgZ6xUqpd9vAGsCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0 ZDk3NTMwHhcNMjUxMjI2MTEwMDM1WhcNMjUxMjI3MTEwMDM1WjAzMTEwLwYDVQQD Eyg1MDVjZTIwMzllNmUwZTI1NTc0ODk4OWVjZGQzNDQ0ZDEzY2ZiYjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2MMubjw+APwxT/uzyDm2YnIf5XY qa7Yao1jr8jmiXF5iQjiAAD/PlWX1tJ5cVOVFKeAADTAhTUJSy3c/bI/Edn+hmPe zC5vS3EHpn1De0YePbX+/Tdpm1FVtn0+OVw8eN/wGppSjg7Myha0CfPS/loQXy39 +4AOh6qSpt3S6+jQ9UfvPdeIAiJYdccuIWAfFPDp6Wg+ui1v7THeFNIUnA3r3ax/ +4SCoQdRM02uIGO6a8B3b1QzULYtKOf7V+kI4iQlXhc+wZSXGvLds2d+oEOzsL+Q XTTh//aIqZxIWlwzbyGkUmkJHUYAsSTfI6bjsiF2UD6MCF/kXTFs0kIdcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBc4gOebg4lV0iYns3TRE0Tz7saMB8GA1UdIwQY MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpfZyYMf gg9+RYAFeex8qMYzBW7raVEgyIcICmug0VBFIRZT869LNdK3obfDYGws77uHtUCG AF5fk0b6P3Tcm4f468Y6pMCNHSsmJy9/gWyLfZ82ON3hxZK+ohJOq3347fSmKaCd TWrSjJDEiwXG/VX3zMthcta3mfrP0EkZ3HFSlNq7ACuDylRzxmDw+hYdtgusabgw vEkP6tN0t7n9GHEPVybKe+sr/R32G2pKt4FHnF+Ro2b9G9CnZjr28Z+TNKik91yt 1IWAz+cwQ+eRHakzrL7FprfitWmXLJ3U8XIpy2Cxrb1AhOBIEh6xyc7j2LIIo6uK +7wQ8E2emGignQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:16 2025 by rpki-client