This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.mft File: 2gszzdt5m3vPXT3OAE_bqMPoZP8.mft (raw, json) Hash identifier: GQBx1UAtuEv86FqEftoPf+KltbVpM/g4YgzszvHUVi8= Subject key identifier: 77:01:E4:89:A6:59:2F:32:42:A7:0D:1A:31:5D:F6:C9:27:A3:AF:15 Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff Certificate serial: 019B4136CF94B2C8127D6450D80D54E48FDE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.mft Manifest number: 0DF4 Signing time: Sun 21 Dec 2025 14:01:09 +0000 Manifest this update: Sun 21 Dec 2025 14:01:09 +0000 Manifest next update: Mon 22 Dec 2025 14:01:09 +0000 Files and hashes: 1: 17FLk26rZWNpnvEJucbEAG-7zqY.roa (hash: qMmpcRGKwOqOR5+GsVwNkgRbdBAdNorVpaMiale+nXI=) 2: 2gszzdt5m3vPXT3OAE_bqMPoZP8.crl (hash: 3flUtlP16lS2JkTzTmGETCfceRx14axMe6AP9vQWSWo=) 3: bBGzNd5qGUUIPYH3-5zWMnwwyJg.roa (hash: 290Z2J6Jo9xanYpdqpciKr53wSmtU/PW4k3Qs+NnOTs=) 4: k29cbE30TGhu-1q8rRu7-jpqTg4.roa (hash: 9mQL8HUgIQzEZ7MXmoS/sUavd/K/UaaalJ5/ztoLSTk=) 5: s7mUu7WrVHVPJEBCCdi0H3bHpis.roa (hash: ExGJpFM76OJZURK1GFJNiBKKffY4pIrBrUBBm9tcC8g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.mft rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:cf:94:b2:c8:12:7d:64:50:d8:0d:54:e4:8f:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff Validity Not Before: Dec 21 14:01:09 2025 GMT Not After : Dec 22 14:01:09 2025 GMT Subject: CN=7701e489a6592f3242a70d1a315df6c927a3af15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:79:a1:a1:01:91:c9:d1:eb:3d:26:c4:a7:e4: 85:d1:c7:d7:e6:a4:66:fd:5e:3b:cf:9e:74:b8:93: 3e:6c:36:52:ca:cb:0c:b4:dd:8f:5a:12:cf:f5:3a: fa:6a:0f:ff:27:6a:db:c8:3a:eb:71:43:11:e4:d6: 43:77:fe:de:9d:7a:e6:75:31:82:b2:7b:9d:75:eb: aa:7b:78:97:84:be:fa:64:7f:4e:94:9d:20:1b:a8: 67:74:9b:3e:b8:51:34:b5:88:29:7d:1e:f2:59:35: 6c:06:5c:c4:ee:56:b4:86:5f:83:e2:96:f2:41:da: b6:9b:8a:23:20:83:c8:e0:29:eb:5d:ad:b6:39:20: 06:8c:8a:a4:f5:89:00:ca:d6:6c:0c:58:73:9e:50: 15:f2:2d:39:52:fc:4c:83:e8:16:49:84:8b:f3:b0: 5c:16:89:32:e6:93:a4:1b:62:f8:d7:15:84:76:f1: b6:57:aa:b4:72:16:f6:2d:08:6f:bc:0d:18:86:4e: 93:1d:fd:28:f1:9f:73:4c:b3:c1:52:21:47:96:be: 10:6a:42:82:ae:66:33:2a:05:01:e4:18:c1:be:f1: 7b:8e:ef:15:c3:27:1d:9d:7e:12:8c:e3:f1:1c:51: 70:f2:b4:e9:b9:4f:87:8d:3b:eb:b2:b3:32:d3:60: 6e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:01:E4:89:A6:59:2F:32:42:A7:0D:1A:31:5D:F6:C9:27:A3:AF:15 X509v3 Authority Key Identifier: keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:83:56:bf:56:4d:95:cb:0f:26:b4:53:ee:4e:c8:1b:dd:27: 5a:58:f1:dd:9f:d8:1f:5a:b9:0d:0b:0e:a8:e0:51:a9:d5:65: 5d:e8:e8:ee:e6:81:52:5b:78:2f:2d:9a:b8:2d:b5:74:53:25: 0c:1b:41:7f:3d:77:ba:59:2a:35:f5:5e:88:1a:01:42:16:ca: dc:a9:1b:f3:99:69:bf:53:bf:03:58:cf:93:bf:97:09:68:11: c8:be:29:89:4b:eb:d4:b6:60:16:65:65:35:2d:0f:d2:8f:79: a2:4c:6d:b2:9a:f0:4b:5b:6d:51:cc:c1:a3:21:de:35:f5:09: 02:17:9e:7b:66:b0:2f:35:83:bd:79:38:04:31:be:e5:fb:c4: 6f:2b:80:c0:c4:a3:a9:5c:60:eb:3e:7e:c5:15:8f:80:67:54: 0d:10:a9:52:87:7d:5b:1e:3d:9d:cf:c3:41:56:26:22:f1:1b: 58:75:2e:96:dd:97:7c:78:5e:d0:19:ec:b3:e1:43:69:05:73: a9:c1:44:56:00:a0:b5:8e:e2:ca:2b:58:ef:02:cb:ad:88:a1: de:0d:77:5d:de:4f:75:f4:b2:cb:ee:d3:01:f2:34:a6:04:f0: 55:76:75:1a:65:ea:36:87:c6:ac:c8:d8:53:05:33:09:f3:c1: 0d:45:b2:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNs+UssgSfWRQ2A1U5I/eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl ODY0ZmYwHhcNMjUxMjIxMTQwMTA5WhcNMjUxMjIyMTQwMTA5WjAzMTEwLwYDVQQD Eyg3NzAxZTQ4OWE2NTkyZjMyNDJhNzBkMWEzMTVkZjZjOTI3YTNhZjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnmhoQGRydHrPSbEp+SF0cfX5qRm /V47z550uJM+bDZSyssMtN2PWhLP9Tr6ag//J2rbyDrrcUMR5NZDd/7enXrmdTGC snuddeuqe3iXhL76ZH9OlJ0gG6hndJs+uFE0tYgpfR7yWTVsBlzE7la0hl+D4pby Qdq2m4ojIIPI4CnrXa22OSAGjIqk9YkAytZsDFhznlAV8i05UvxMg+gWSYSL87Bc Foky5pOkG2L41xWEdvG2V6q0chb2LQhvvA0Yhk6THf0o8Z9zTLPBUiFHlr4QakKC rmYzKgUB5BjBvvF7ju8VwycdnX4SjOPxHFFw8rTpuU+HjTvrsrMy02BuYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHcB5ImmWS8yQqcNGjFd9skno68VMB8GA1UdIwQY MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt NzczM2JkODg4ZTI4LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4 LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhINWv1ZN lcsPJrRT7k7IG90nWljx3Z/YH1q5DQsOqOBRqdVlXejo7uaBUlt4Ly2auC21dFMl DBtBfz13ulkqNfVeiBoBQhbK3Kkb85lpv1O/A1jPk7+XCWgRyL4piUvr1LZgFmVl NS0P0o95okxtsprwS1ttUczBoyHeNfUJAheee2awLzWDvXk4BDG+5fvEbyuAwMSj qVxg6z5+xRWPgGdUDRCpUod9Wx49nc/DQVYmIvEbWHUult2XfHhe0Bnss+FDaQVz qcFEVgCgtY7iyitY7wLLrYih3g13Xd5PdfSyy+7TAfI0pgTwVXZ1GmXqNofGrMjY UwUzCfPBDUWyNA== -----END CERTIFICATE-----Generated at Sun Dec 21 15:38:29 2025 by rpki-client