This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft File: 2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json) Hash identifier: 7fiIY6aa4qqy0fmLtNoXxtmPuCSYBXW/mw8rfbYHKCI= Subject key identifier: 7B:F8:67:48:C1:BB:09:1E:81:F6:66:AE:F5:77:C9:AA:E7:74:35:F5 Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 Certificate issuer: /CN=da1bf00824b628bf6263bb74de774addf9990fc9 Certificate serial: 019B3BD91455A7B6D37263F461DA4FEBBD83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft Manifest number: 150B Signing time: Sat 20 Dec 2025 13:00:40 +0000 Manifest this update: Sat 20 Dec 2025 13:00:40 +0000 Manifest next update: Sun 21 Dec 2025 13:00:40 +0000 Files and hashes: 1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: 5UVF7gNSt+VTE5xnKU0Zum9Zj1vs4hihLWh1/rK2Mhs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:14:55:a7:b6:d3:72:63:f4:61:da:4f:eb:bd:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9 Validity Not Before: Dec 20 13:00:40 2025 GMT Not After : Dec 21 13:00:40 2025 GMT Subject: CN=7bf86748c1bb091e81f666aef577c9aae77435f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d4:9d:0b:0a:6c:2b:05:a3:4f:5a:82:28:00: 89:7c:13:72:4a:d5:d1:b0:ad:2b:5b:d3:be:a9:81: 12:6a:1f:f7:fd:9a:51:d7:0b:af:50:f8:8b:9a:d5: 27:b2:0b:a3:5a:32:31:db:e7:d6:37:b0:8a:9d:09: 9d:06:36:f2:12:97:91:55:8f:16:85:47:48:5a:6f: ed:e7:af:0b:6b:25:38:ca:8f:91:c0:2e:a1:2f:0a: d8:93:cd:ff:b1:60:f8:77:7b:9f:cb:da:9d:03:e7: fc:b2:90:25:2b:56:e4:b0:03:58:45:77:df:be:c9: 0b:f8:06:d5:55:8c:10:43:c3:59:ff:00:d1:4b:8c: 9d:aa:6e:71:4f:e8:21:36:4e:64:fe:9b:5c:7b:38: 28:91:01:7d:f2:03:da:40:c2:6e:69:48:46:72:82: 64:6c:d1:97:b2:36:9e:e7:df:1d:b5:dc:88:e4:fb: a2:50:e5:da:e1:eb:67:a8:ba:f5:4d:5b:a9:42:48: 80:1e:45:1d:19:74:c5:46:ea:65:0b:7e:35:36:a8: f5:7c:ab:aa:21:e9:3e:b6:6b:86:24:a5:d1:37:32: 04:02:d5:af:59:63:c1:2f:e4:a5:f9:1e:b7:4b:e7: 79:2b:c9:88:bc:01:1a:73:15:8e:a9:c8:bb:65:8f: cd:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:F8:67:48:C1:BB:09:1E:81:F6:66:AE:F5:77:C9:AA:E7:74:35:F5 X509v3 Authority Key Identifier: keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:24:47:e3:4f:0a:cc:e0:3e:a3:d5:9b:eb:28:74:f2:0e:94: ef:85:7f:27:9d:46:9b:87:2c:a9:fa:9b:fa:a9:25:ff:46:4c: 33:88:bf:bf:ef:2b:a2:11:f7:68:89:fe:f2:f3:63:40:ef:fb: 1e:69:bc:c0:cf:55:33:e2:a7:33:81:9b:e2:41:88:f6:16:15: 7d:7f:45:14:5f:4b:0b:c6:17:ca:b0:c4:af:fe:2b:ce:ef:2e: de:ad:c3:b0:f0:95:ed:5c:bd:91:54:93:1d:da:4a:4c:95:d2: 19:9e:b4:fe:a7:1e:8d:9e:5d:66:19:79:84:ac:cc:5b:c8:c1: 51:05:2b:e8:91:5b:d2:2e:a3:db:da:e9:2b:2d:39:5a:ee:c9: 16:a6:98:d5:fd:3f:20:0f:61:7b:67:d3:2a:b7:1d:07:16:e9: 53:68:3b:be:27:fa:9a:bf:a9:4d:78:05:57:5d:ff:cb:4a:26: 7b:fb:4e:8c:09:d8:e0:6a:ea:bd:63:28:ae:b5:4f:51:6d:e9: 07:fd:61:da:c2:d7:fe:40:77:01:43:83:ab:be:5b:c1:a4:f1: 00:73:73:91:8e:5a:0f:26:4a:50:78:6f:3d:35:76:5b:01:9e: 9b:d3:51:7f:d3:6c:65:90:04:1a:e5:21:d0:25:3e:8e:48:cf: 85:4e:e7:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72RRVp7bTcmP0YdpP672DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5 OTBmYzkwHhcNMjUxMjIwMTMwMDQwWhcNMjUxMjIxMTMwMDQwWjAzMTEwLwYDVQQD Eyg3YmY4Njc0OGMxYmIwOTFlODFmNjY2YWVmNTc3YzlhYWU3NzQzNWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtSdCwpsKwWjT1qCKACJfBNyStXR sK0rW9O+qYESah/3/ZpR1wuvUPiLmtUnsgujWjIx2+fWN7CKnQmdBjbyEpeRVY8W hUdIWm/t568LayU4yo+RwC6hLwrYk83/sWD4d3ufy9qdA+f8spAlK1bksANYRXff vskL+AbVVYwQQ8NZ/wDRS4ydqm5xT+ghNk5k/ptcezgokQF98gPaQMJuaUhGcoJk bNGXsjae598dtdyI5PuiUOXa4etnqLr1TVupQkiAHkUdGXTFRuplC341Nqj1fKuq Iek+tmuGJKXRNzIEAtWvWWPBL+Sl+R63S+d5K8mIvAEacxWOqci7ZY/NswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHv4Z0jBuwkegfZmrvV3yarndDX1MB8GA1UdIwQY MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCRH408K zOA+o9Wb6yh08g6U74V/J51Gm4csqfqb+qkl/0ZMM4i/v+8rohH3aIn+8vNjQO/7 Hmm8wM9VM+KnM4Gb4kGI9hYVfX9FFF9LC8YXyrDEr/4rzu8u3q3DsPCV7Vy9kVST HdpKTJXSGZ60/qcejZ5dZhl5hKzMW8jBUQUr6JFb0i6j29rpKy05Wu7JFqaY1f0/ IA9he2fTKrcdBxbpU2g7vif6mr+pTXgFV13/y0ome/tOjAnY4GrqvWMorrVPUW3p B/1h2sLX/kB3AUODq75bwaTxAHNzkY5aDyZKUHhvPTV2WwGem9NRf9NsZZAEGuUh 0CU+jkjPhU7ngQ== -----END CERTIFICATE-----Generated at Sat Dec 20 21:49:59 2025 by rpki-client