This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json) Hash identifier: 8jQ4jCoVCvWgWK9GZw1MndoG9fOKctfsJy337BUZHy0= Subject key identifier: A9:B2:E5:93:7A:7C:DB:2A:3A:6F:25:F2:B7:E3:25:0A:1A:09:3D:4E Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05 Certificate serial: 019B3343D7179B6F9AD53120DAA040D10873 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft Manifest number: 0F37 Signing time: Thu 18 Dec 2025 21:00:42 +0000 Manifest this update: Thu 18 Dec 2025 21:00:42 +0000 Manifest next update: Fri 19 Dec 2025 21:00:42 +0000 Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: isV1JeCnDrWm3vZzNpxaGD5Z9wo00RBNaG0FGPPNJMk=) 2: anoG2QxpBajiR81r5Nnqj0baENo.roa (hash: KO9yPbtejqfpWJpsarLnmq3okmJ48dSkW7G2+vLUOFY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:43:d7:17:9b:6f:9a:d5:31:20:da:a0:40:d1:08:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05 Validity Not Before: Dec 18 21:00:42 2025 GMT Not After : Dec 19 21:00:42 2025 GMT Subject: CN=a9b2e5937a7cdb2a3a6f25f2b7e3250a1a093d4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c3:7d:1c:6f:a4:df:f8:2f:3f:da:23:c9:77: 2e:08:a8:0a:b4:58:af:1f:91:e9:da:df:4c:a8:28: e0:86:50:15:82:6e:50:35:fc:31:08:88:da:f2:2b: 61:5c:0f:2d:74:56:c8:e6:cc:e0:ca:ce:a0:1d:22: 80:a5:18:45:f3:c2:75:72:c6:9e:bf:33:42:ce:e0: 9b:af:ec:17:32:74:05:08:cc:66:bf:0e:85:f9:87: 18:51:5f:a2:46:14:5b:ee:b3:df:f5:17:41:12:2d: 96:5c:ec:b7:b1:a5:81:53:6d:8a:ba:62:29:02:6b: 35:7a:81:a2:3e:77:80:30:72:56:00:fb:68:36:c5: b3:d4:59:18:03:6b:94:28:b1:4f:57:4e:f1:2f:8f: c2:00:1d:78:30:ca:71:85:b2:7d:25:63:78:24:3d: 9c:16:c4:9b:55:33:c8:a0:69:1f:31:fa:0d:45:49: 2a:ab:d5:c3:79:0f:28:00:84:04:39:d6:b3:92:33: e5:31:3f:0e:6b:6a:44:e0:a7:07:89:53:f4:6d:39: 6e:a0:12:41:31:57:24:21:0c:4d:93:68:16:e0:dd: a3:99:1b:45:1c:f6:e2:83:be:a0:12:a9:ea:da:37: 86:11:ae:4c:4d:f1:82:73:1f:c4:49:94:19:ce:90: e4:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:B2:E5:93:7A:7C:DB:2A:3A:6F:25:F2:B7:E3:25:0A:1A:09:3D:4E X509v3 Authority Key Identifier: keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:c1:5c:b8:31:81:f2:7a:27:3b:9d:18:99:17:93:0c:e0:9f: aa:21:dd:df:b9:57:8b:58:be:05:64:7a:e9:71:01:2f:e6:a4: 53:7e:3d:5d:71:50:60:c1:48:35:2c:9d:87:59:a6:27:81:f3: 12:94:f3:c8:b2:3c:5e:b3:d1:79:fe:70:52:b2:ca:94:60:0b: 58:4b:bd:fd:85:0d:91:c8:ed:2e:b0:43:84:38:6f:d1:59:0f: d4:2b:37:9a:a0:3b:ff:0f:22:10:1a:a6:47:d4:4b:db:75:b3: 7f:1b:88:26:2a:b5:6e:bc:97:54:a4:ce:24:0f:b3:84:31:f9: 77:c9:4e:0a:4e:87:ce:2e:76:ac:9f:3c:3e:78:a2:7b:49:c2: 3b:af:34:f2:b1:69:50:0d:10:32:61:ab:eb:55:b3:87:29:4f: 0a:01:66:c0:47:6c:d2:6c:41:6d:c6:b2:f6:12:91:32:85:f9: 3a:e8:70:c6:ad:79:86:0a:31:c2:30:f1:f2:19:0c:4f:fb:d3: 0c:b3:f7:a1:02:93:97:22:cb:d4:5e:35:5b:b7:dc:d3:85:12: a0:f5:f6:e2:9d:81:8c:71:ba:7b:6c:56:1f:38:af:63:78:ed: 6d:73:2f:83:6e:4e:d5:1b:44:54:84:7a:57:2d:80:97:79:23: f8:bc:a4:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszQ9cXm2+a1TEg2qBA0QhzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz MzNhMDUwHhcNMjUxMjE4MjEwMDQyWhcNMjUxMjE5MjEwMDQyWjAzMTEwLwYDVQQD EyhhOWIyZTU5MzdhN2NkYjJhM2E2ZjI1ZjJiN2UzMjUwYTFhMDkzZDRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusN9HG+k3/gvP9ojyXcuCKgKtFiv H5Hp2t9MqCjghlAVgm5QNfwxCIja8ithXA8tdFbI5szgys6gHSKApRhF88J1csae vzNCzuCbr+wXMnQFCMxmvw6F+YcYUV+iRhRb7rPf9RdBEi2WXOy3saWBU22KumIp Ams1eoGiPneAMHJWAPtoNsWz1FkYA2uUKLFPV07xL4/CAB14MMpxhbJ9JWN4JD2c FsSbVTPIoGkfMfoNRUkqq9XDeQ8oAIQEOdazkjPlMT8Oa2pE4KcHiVP0bTluoBJB MVckIQxNk2gW4N2jmRtFHPbig76gEqnq2jeGEa5MTfGCcx/ESZQZzpDklwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmy5ZN6fNsqOm8l8rfjJQoaCT1OMB8GA1UdIwQY MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwMFcuDGB 8nonO50YmReTDOCfqiHd37lXi1i+BWR66XEBL+akU349XXFQYMFINSydh1mmJ4Hz EpTzyLI8XrPRef5wUrLKlGALWEu9/YUNkcjtLrBDhDhv0VkP1Cs3mqA7/w8iEBqm R9RL23WzfxuIJiq1bryXVKTOJA+zhDH5d8lOCk6Hzi52rJ88Pniie0nCO6808rFp UA0QMmGr61WzhylPCgFmwEds0mxBbcay9hKRMoX5Ouhwxq15hgoxwjDx8hkMT/vT DLP3oQKTlyLL1F41W7fc04USoPX24p2BjHG6e2xWHzivY3jtbXMvg25O1RtEVIR6 Vy2Al3kj+Lykbg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:52:51 2025 by rpki-client