This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft File: 2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json) Hash identifier: V+5ekTl2SrCH50r8E7FWyr6Fqu3wcVMOTAm04M4O/to= Subject key identifier: 42:2E:ED:97:A2:48:C1:9A:65:3D:B8:0D:5C:CD:97:27:32:37:6F:B5 Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC Certificate issuer: /CN=d885055d70398cf0c72cceac5e581ad40f203efc Certificate serial: 019B48F0588E671FDC204DCB44DC7ACDA9B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft Manifest number: 0F58 Signing time: Tue 23 Dec 2025 02:01:09 +0000 Manifest this update: Tue 23 Dec 2025 02:01:09 +0000 Manifest next update: Wed 24 Dec 2025 02:01:09 +0000 Files and hashes: 1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: BIpV9B53f1FeLAo0B2O5S5e6rjLf3KLLxTOnXDU0i/E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 02:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:f0:58:8e:67:1f:dc:20:4d:cb:44:dc:7a:cd:a9:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc Validity Not Before: Dec 23 02:01:09 2025 GMT Not After : Dec 24 02:01:09 2025 GMT Subject: CN=422eed97a248c19a653db80d5ccd972732376fb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e4:b0:28:3c:56:86:33:e0:c9:fe:98:4c:25: de:1f:65:a2:84:2b:40:0c:0a:be:57:65:eb:97:8b: 53:a6:0c:74:4e:fc:7d:c2:6e:2f:76:ab:78:d1:6b: 19:27:70:17:40:8d:45:94:83:de:7e:0c:57:3b:35: ce:dd:41:23:1c:b6:7b:8f:73:3a:cd:50:41:e2:8b: 9c:0f:f9:31:36:09:c5:4a:78:ef:2e:17:8e:21:e5: be:d4:96:46:6c:a7:bc:a5:8f:79:dc:42:f9:cc:26: 87:7f:8c:9e:a7:67:b1:8b:26:09:0a:cf:8a:0d:d8: e6:77:f7:bc:21:e9:75:77:2e:8a:d2:36:5d:4b:bb: 3b:8c:69:94:92:a9:9e:21:80:78:29:51:e3:b6:5a: 86:cb:42:e4:13:14:98:2c:53:58:e7:11:60:f7:23: f6:6b:2b:8e:27:ae:48:d9:00:2a:2e:74:1e:db:7b: a9:f8:72:5f:a2:05:26:d6:c2:ba:d8:4c:3e:f6:3f: 01:42:c9:c1:b1:a2:29:18:7e:0f:20:ac:da:b9:43: f3:f2:a8:cf:16:09:e3:7c:ef:9d:49:0b:63:da:1e: c6:2f:7c:99:7b:70:d4:28:9f:18:ea:f9:54:57:ee: 72:bb:19:6d:da:c1:88:5f:26:c7:4d:b3:49:d1:e3: 6b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:2E:ED:97:A2:48:C1:9A:65:3D:B8:0D:5C:CD:97:27:32:37:6F:B5 X509v3 Authority Key Identifier: keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:f1:d5:72:30:c0:ae:1b:db:7c:a5:b9:29:74:1a:2b:04:c7: 3b:78:b0:f8:7e:ae:e1:75:d9:97:b0:fd:a5:eb:26:4e:45:ed: 57:38:25:7f:ff:32:ad:09:df:26:e6:e5:8a:83:af:62:c4:b3: a7:0a:ad:c2:8f:4f:0f:85:70:9f:9f:31:10:6a:4b:e5:a6:c1: 32:e0:11:76:c1:92:85:e9:fb:fd:27:d8:f5:a6:a2:a3:ca:a6: 04:5b:d9:aa:25:71:1d:30:41:d8:51:94:97:43:4a:fb:82:0d: 95:e8:88:35:0d:c7:a1:0c:19:84:81:9e:72:bb:3f:b9:03:8c: 12:ca:6e:38:67:01:77:6a:49:4f:6c:0c:6c:08:04:4c:fd:58: 3d:1a:01:0d:a4:b3:20:b0:2c:91:57:88:c4:ba:61:97:dc:59: ff:65:15:05:64:65:ee:d5:0c:20:d7:46:38:64:86:ef:e1:7e: 3e:a3:76:b3:64:18:1c:d2:d7:b8:e5:d6:9c:61:91:ca:5e:cf: 4c:80:fe:eb:2c:7a:e1:c1:19:f9:df:b1:fa:af:10:f9:5f:55: 3f:40:22:05:24:7b:71:8f:53:41:ca:17:b8:9f:3e:17:88:e7: 97:58:37:ac:79:4f:28:59:bb:1b:97:9a:25:d7:31:30:21:8f: 7b:f3:09:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtI8FiOZx/cIE3LRNx6zam5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy MDNlZmMwHhcNMjUxMjIzMDIwMTA5WhcNMjUxMjI0MDIwMTA5WjAzMTEwLwYDVQQD Eyg0MjJlZWQ5N2EyNDhjMTlhNjUzZGI4MGQ1Y2NkOTcyNzMyMzc2ZmI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOSwKDxWhjPgyf6YTCXeH2WihCtA DAq+V2Xrl4tTpgx0Tvx9wm4vdqt40WsZJ3AXQI1FlIPefgxXOzXO3UEjHLZ7j3M6 zVBB4oucD/kxNgnFSnjvLheOIeW+1JZGbKe8pY953EL5zCaHf4yep2exiyYJCs+K Ddjmd/e8Iel1dy6K0jZdS7s7jGmUkqmeIYB4KVHjtlqGy0LkExSYLFNY5xFg9yP2 ayuOJ65I2QAqLnQe23up+HJfogUm1sK62Ew+9j8BQsnBsaIpGH4PIKzauUPz8qjP FgnjfO+dSQtj2h7GL3yZe3DUKJ8Y6vlUV+5yuxlt2sGIXybHTbNJ0eNr3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEIu7ZeiSMGaZT24DVzNlycyN2+1MB8GA1UdIwQY MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2 LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfHVcjDA rhvbfKW5KXQaKwTHO3iw+H6u4XXZl7D9pesmTkXtVzglf/8yrQnfJublioOvYsSz pwqtwo9PD4Vwn58xEGpL5abBMuARdsGShen7/SfY9aaio8qmBFvZqiVxHTBB2FGU l0NK+4INleiINQ3HoQwZhIGecrs/uQOMEspuOGcBd2pJT2wMbAgETP1YPRoBDaSz ILAskVeIxLphl9xZ/2UVBWRl7tUMINdGOGSG7+F+PqN2s2QYHNLXuOXWnGGRyl7P TID+6yx64cEZ+d+x+q8Q+V9VP0AiBSR7cY9TQcoXuJ8+F4jnl1g3rHlPKFm7G5ea JdcxMCGPe/MJ7A== -----END CERTIFICATE-----Generated at Tue Dec 23 11:05:03 2025 by rpki-client