This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.mft File: 2JFWCWVvCPeijSS3xLqbY5ygsAk.mft (raw, json) Hash identifier: S2Id9woIZSsUnSfexhRV2bcl3EBBQ86ySmKfHhF7IqY= Subject key identifier: B3:3B:31:35:81:46:EF:C6:96:2E:CE:83:CF:E6:88:BF:4B:66:02:6F Authority key identifier: D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09 Certificate issuer: /CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009 Certificate serial: 019B4A3A1EA0ED0EB623E53369C1B5EDDB9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.mft Manifest number: 11F4 Signing time: Tue 23 Dec 2025 08:01:21 +0000 Manifest this update: Tue 23 Dec 2025 08:01:21 +0000 Manifest next update: Wed 24 Dec 2025 08:01:21 +0000 Files and hashes: 1: 2JFWCWVvCPeijSS3xLqbY5ygsAk.crl (hash: LgdAk63Diq5gEd2iTIDWer5tr8coUWHgDR5Byj5O7EM=) 2: Wi60RxjWIlDPb3_szVmN-Gl0qoE.roa (hash: IAjzw2r7E4lx4vW0Aq4BO6OsCC7MgvRuI1axCmQxfb0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.crl rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.mft rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 08:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:3a:1e:a0:ed:0e:b6:23:e5:33:69:c1:b5:ed:db:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009 Validity Not Before: Dec 23 08:01:21 2025 GMT Not After : Dec 24 08:01:21 2025 GMT Subject: CN=b33b31358146efc6962ece83cfe688bf4b66026f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ec:cf:00:42:72:9a:28:71:60:80:2d:c1:7a: e0:68:ef:73:3b:a4:4d:93:1a:f9:0e:0a:69:15:4d: b6:b1:d9:04:9c:4a:20:1c:0d:57:fc:b7:5d:c8:f1: 32:7e:81:dd:cc:67:27:fd:6a:c2:9b:ba:9b:b0:65: 30:4c:2b:cd:ad:1d:f8:78:ec:d1:a2:df:fd:2d:70: 3c:1a:d3:ae:88:98:b7:96:ab:6f:ef:a7:d4:ea:94: 92:58:e2:54:e0:42:a3:4a:ee:d9:18:77:10:e6:b6: 67:75:97:d5:1a:69:ea:2d:92:ec:f7:6c:1d:e6:ba: cb:3e:c3:70:62:10:92:e7:15:12:41:48:69:05:e9: 3e:06:b6:89:ef:07:86:a2:42:35:98:b1:c6:64:42: ac:34:df:71:61:f8:73:97:02:b7:7e:e2:51:23:88: 45:1a:1e:54:a7:c2:97:36:75:bf:77:97:b4:7f:e9: df:aa:03:ef:4e:22:07:94:6d:f1:4e:fe:86:00:37: 06:19:3a:bf:79:f5:a0:de:73:b4:d8:3c:75:ce:af: aa:63:03:b2:31:c3:b8:01:4a:45:fb:bd:3d:d7:16: 1a:28:60:d5:56:2d:02:4b:be:ae:ef:06:cf:e5:0a: 27:fa:1e:eb:59:36:20:d9:ab:fd:ad:a3:60:21:c3: f3:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:3B:31:35:81:46:EF:C6:96:2E:CE:83:CF:E6:88:BF:4B:66:02:6F X509v3 Authority Key Identifier: keyid:D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:38:18:85:d9:28:e5:e4:22:57:80:6a:87:6c:10:af:fb:75: 73:8b:f3:be:a1:57:37:c1:2a:26:2e:4c:0d:c7:3e:c4:70:23: ef:f5:11:03:11:eb:16:1c:ba:8a:6e:9c:29:c3:e3:0d:ea:d4: d9:4e:1b:50:df:56:6e:20:c5:ba:66:36:31:23:1f:52:67:ce: 09:70:bb:d1:b2:8b:3b:f5:75:cf:e0:8e:42:a1:9b:0e:a9:1e: 62:84:09:92:58:d8:cf:b5:3e:b4:2e:ec:8a:64:32:46:a8:5c: 78:bc:bf:bd:91:9d:4d:17:8e:98:e3:6a:dd:b3:99:91:e3:6b: bb:45:cd:9e:83:56:3c:5f:f2:d8:76:3a:75:36:68:ea:e2:ff: 8b:0d:8c:08:17:cd:89:b2:1e:c0:c3:fc:20:ab:1e:2c:01:16: 4f:ab:92:97:95:19:22:3c:c8:96:3b:37:e3:3c:ab:c4:49:91: b7:ae:c3:72:16:2f:b1:7e:cb:3a:d9:c8:89:7f:e7:6e:45:4a: 6d:b5:f4:d1:25:36:92:7b:4d:4c:68:48:52:00:19:bf:77:e7: 44:be:cb:88:b3:af:6e:f9:78:f2:f1:f2:63:7b:60:12:20:d0: bf:be:26:2a:58:36:ff:dd:83:df:aa:33:1f:ca:d9:38:39:e1: 0f:95:69:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKOh6g7Q62I+UzacG17dudMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OTE1NjA5NjU2ZjA4ZjdhMjhkMjRiN2M0YmE5YjYzOWNh MGIwMDkwHhcNMjUxMjIzMDgwMTIxWhcNMjUxMjI0MDgwMTIxWjAzMTEwLwYDVQQD EyhiMzNiMzEzNTgxNDZlZmM2OTYyZWNlODNjZmU2ODhiZjRiNjYwMjZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+zPAEJymihxYIAtwXrgaO9zO6RN kxr5DgppFU22sdkEnEogHA1X/LddyPEyfoHdzGcn/WrCm7qbsGUwTCvNrR34eOzR ot/9LXA8GtOuiJi3lqtv76fU6pSSWOJU4EKjSu7ZGHcQ5rZndZfVGmnqLZLs92wd 5rrLPsNwYhCS5xUSQUhpBek+BraJ7weGokI1mLHGZEKsNN9xYfhzlwK3fuJRI4hF Gh5Up8KXNnW/d5e0f+nfqgPvTiIHlG3xTv6GADcGGTq/efWg3nO02Dx1zq+qYwOy McO4AUpF+7091xYaKGDVVi0CS76u7wbP5Qon+h7rWTYg2av9raNgIcPzrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLM7MTWBRu/Gli7Og8/miL9LZgJvMB8GA1UdIwQY MBaAFNiRVgllbwj3oo0kt8S6m2OcoLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMt ZmU0YjVlMzQ2ODQwLzEvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMtZmU0YjVlMzQ2ODQw LzEvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWTgYhdko 5eQiV4Bqh2wQr/t1c4vzvqFXN8EqJi5MDcc+xHAj7/URAxHrFhy6im6cKcPjDerU 2U4bUN9WbiDFumY2MSMfUmfOCXC70bKLO/V1z+COQqGbDqkeYoQJkljYz7U+tC7s imQyRqhceLy/vZGdTReOmONq3bOZkeNru0XNnoNWPF/y2HY6dTZo6uL/iw2MCBfN ibIewMP8IKseLAEWT6uSl5UZIjzIljs34zyrxEmRt67DchYvsX7LOtnIiX/nbkVK bbX00SU2kntNTGhIUgAZv3fnRL7LiLOvbvl48vHyY3tgEiDQv74mKlg2/92D36oz H8rZODnhD5VpZw== -----END CERTIFICATE-----Generated at Tue Dec 23 12:38:50 2025 by rpki-client