This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json) Hash identifier: a02lVnP6FeDbEprQsSfMlbKyNN5FNsPhvk6y40oPrNo= Subject key identifier: 8A:0F:BC:C4:5B:97:33:5B:EC:E3:84:9D:18:FC:57:6F:DE:98:10:5B Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05 Certificate serial: 019AF765F29758656EDB0CE31688A363C642 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft Manifest number: 0F18 Signing time: Sun 07 Dec 2025 06:00:44 +0000 Manifest this update: Sun 07 Dec 2025 06:00:44 +0000 Manifest next update: Mon 08 Dec 2025 06:00:44 +0000 Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: vk76i+DlsqurTxGMnYSXCQZ/w2aRP1g7xgQ5KH+U1DQ=) 2: anoG2QxpBajiR81r5Nnqj0baENo.roa (hash: KO9yPbtejqfpWJpsarLnmq3okmJ48dSkW7G2+vLUOFY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f7:65:f2:97:58:65:6e:db:0c:e3:16:88:a3:63:c6:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05 Validity Not Before: Dec 7 06:00:44 2025 GMT Not After : Dec 8 06:00:44 2025 GMT Subject: CN=8a0fbcc45b97335bece3849d18fc576fde98105b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a7:de:5a:60:f7:14:60:77:51:96:f4:c0:5a: c8:9a:1e:92:49:0f:c3:59:3b:44:7e:0c:b2:48:bc: a9:38:71:19:d8:c1:63:25:5a:08:e5:62:07:05:a4: 5f:ee:3c:c0:7b:5a:2b:be:e0:f7:0d:3e:61:a3:09: 74:3c:7d:f6:63:f8:2a:f4:d8:f1:be:9d:c1:24:ba: 63:aa:8e:7f:61:38:5d:e6:a4:d4:de:18:30:48:53: 6a:1d:0f:61:9b:6d:aa:34:d7:e3:88:5e:6c:ef:70: c9:4d:ce:8b:6c:5e:ae:a7:ea:2e:70:61:71:81:d7: 28:16:e4:8a:40:f6:ec:d3:cd:fc:a6:8e:0f:a6:33: 7f:ea:53:f4:d1:b8:14:10:64:55:14:4f:0d:f3:b8: d2:21:6a:22:56:cd:6d:7d:9d:3c:e1:01:df:95:60: 05:f0:a5:9b:7e:51:0e:29:2a:af:81:03:1d:05:72: 32:05:a4:aa:f4:f8:18:75:f6:67:c8:94:8e:90:5b: 2f:33:8c:c2:7e:d0:07:15:98:86:44:1d:ac:69:c8: 10:81:53:3b:8c:b8:66:dd:2e:20:27:c0:91:cb:a8: 4f:83:6d:b1:a5:93:43:62:e8:20:dc:df:30:05:3c: 9d:96:77:82:29:45:c2:67:0a:51:71:89:28:06:5a: 3e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:0F:BC:C4:5B:97:33:5B:EC:E3:84:9D:18:FC:57:6F:DE:98:10:5B X509v3 Authority Key Identifier: keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:40:69:58:d5:f5:4e:ac:3f:62:8e:43:1d:dc:72:f1:c2:18: 23:b7:c7:66:af:21:0d:3e:95:9c:ee:d5:47:ff:d0:11:6a:9c: 5f:ea:18:5c:76:a6:33:49:ef:1f:d8:7c:f9:c3:fa:95:26:8f: 89:6d:d3:34:ec:69:49:96:9a:28:06:fa:9c:ec:00:52:5d:bb: a5:62:63:81:0d:23:d2:49:e2:c2:a8:db:f5:61:4c:5d:3b:ac: 7a:35:73:be:d5:34:4f:f1:f9:93:23:4c:0a:5e:e7:25:27:35: 63:3f:f2:1f:38:20:fb:63:e6:ce:28:6b:dc:b9:bb:39:63:70: 02:33:6c:54:f9:e8:b0:18:17:0f:f0:71:dd:26:91:98:c9:d1: 72:11:72:4b:70:1b:c6:bd:c4:69:da:04:8c:d1:5d:60:38:6f: 7c:0b:30:0e:f3:c8:e8:a8:0c:f7:f8:1c:ba:bb:bc:f0:55:df: c7:26:1a:99:41:4e:c2:14:4f:0d:3f:ed:47:38:28:b5:d9:a6: 00:cb:0f:94:d1:17:75:b3:71:f8:8a:7a:cf:ac:bf:7c:db:77: cf:fd:6e:f9:16:4e:01:a7:54:9b:a1:2e:14:81:57:32:60:96: a1:62:d2:e0:dc:ab:8e:d2:2a:03:b6:cc:86:3f:1d:3f:6b:06: ec:58:9e:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr3ZfKXWGVu2wzjFoijY8ZCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz MzNhMDUwHhcNMjUxMjA3MDYwMDQ0WhcNMjUxMjA4MDYwMDQ0WjAzMTEwLwYDVQQD Eyg4YTBmYmNjNDViOTczMzViZWNlMzg0OWQxOGZjNTc2ZmRlOTgxMDViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qfeWmD3FGB3UZb0wFrImh6SSQ/D WTtEfgyySLypOHEZ2MFjJVoI5WIHBaRf7jzAe1orvuD3DT5howl0PH32Y/gq9Njx vp3BJLpjqo5/YThd5qTU3hgwSFNqHQ9hm22qNNfjiF5s73DJTc6LbF6up+oucGFx gdcoFuSKQPbs0838po4PpjN/6lP00bgUEGRVFE8N87jSIWoiVs1tfZ084QHflWAF 8KWbflEOKSqvgQMdBXIyBaSq9PgYdfZnyJSOkFsvM4zCftAHFZiGRB2sacgQgVM7 jLhm3S4gJ8CRy6hPg22xpZNDYugg3N8wBTydlneCKUXCZwpRcYkoBlo+owIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIoPvMRblzNb7OOEnRj8V2/emBBbMB8GA1UdIwQY MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoEBpWNX1 Tqw/Yo5DHdxy8cIYI7fHZq8hDT6VnO7VR//QEWqcX+oYXHamM0nvH9h8+cP6lSaP iW3TNOxpSZaaKAb6nOwAUl27pWJjgQ0j0kniwqjb9WFMXTusejVzvtU0T/H5kyNM Cl7nJSc1Yz/yHzgg+2Pmzihr3Lm7OWNwAjNsVPnosBgXD/Bx3SaRmMnRchFyS3Ab xr3EadoEjNFdYDhvfAswDvPI6KgM9/gcuru88FXfxyYamUFOwhRPDT/tRzgotdmm AMsPlNEXdbNx+Ip6z6y/fNt3z/1u+RZOAadUm6EuFIFXMmCWoWLS4NyrjtIqA7bM hj8dP2sG7Fie0Q== -----END CERTIFICATE-----Generated at Sun Dec 7 10:50:13 2025 by rpki-client