This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft File: 2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json) Hash identifier: 6tw5MzQVcft5bO/On0WIgWj9ZZtq9nNLikjNpajH5xA= Subject key identifier: A5:E8:92:0B:F1:1F:92:26:01:84:B6:9A:71:99:49:58:E2:4C:A7:4F Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C Certificate issuer: /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c Certificate serial: 019B62B047B64F06E091B5D27AE5059F41E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft Manifest number: 0422 Signing time: Sun 28 Dec 2025 02:01:18 +0000 Manifest this update: Sun 28 Dec 2025 02:01:18 +0000 Manifest next update: Mon 29 Dec 2025 02:01:18 +0000 Files and hashes: 1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: mrVw79FL0mVksgXkaJDIlIJ0FDQ9qAwu+AwsEvUh1dQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:b0:47:b6:4f:06:e0:91:b5:d2:7a:e5:05:9f:41:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c Validity Not Before: Dec 28 02:01:18 2025 GMT Not After : Dec 29 02:01:18 2025 GMT Subject: CN=a5e8920bf11f92260184b69a71994958e24ca74f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:66:72:04:7e:32:91:a7:9f:f2:ed:13:d7:92: c1:43:b2:29:47:e3:39:c7:e1:9d:bd:a6:32:c2:bd: 33:07:98:57:6c:83:5f:b2:d4:d4:9f:03:f8:be:1f: f4:a5:87:4c:63:4e:81:0d:09:7d:d7:65:4d:63:85: 59:1a:da:87:56:ba:86:24:3e:57:99:bb:30:49:76: e2:12:f6:00:13:fe:6b:36:84:15:ab:a6:a3:88:16: c9:e7:ea:d4:13:50:3a:e7:22:16:a2:06:35:48:81: f8:ad:f5:30:84:a3:2b:d0:04:37:bf:65:87:59:5c: 03:43:69:40:c9:a6:4e:23:6a:d5:15:19:b0:f7:5c: d2:72:33:ae:b5:59:2c:63:3f:f9:4b:da:5b:49:b0: 83:b0:71:6d:30:25:7e:da:65:4d:bb:79:44:5a:27: 22:62:24:4d:47:4a:80:0e:7d:ea:26:3b:68:1d:81: a9:46:06:70:4b:90:f9:14:03:d6:07:eb:8a:46:2f: b5:a7:0e:96:f1:51:38:c3:e4:12:76:62:0a:82:aa: bb:7b:8f:b8:13:ff:83:2f:61:b6:af:db:c6:8c:f6: 39:46:2b:eb:72:ce:8b:07:58:b0:65:33:28:da:3e: a1:d4:1d:a7:eb:66:85:85:49:78:61:c6:b9:1a:ce: 33:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:E8:92:0B:F1:1F:92:26:01:84:B6:9A:71:99:49:58:E2:4C:A7:4F X509v3 Authority Key Identifier: keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:15:a0:d0:0d:9c:ba:1a:6e:77:30:0f:47:5e:16:8a:53:11: c6:e8:e4:81:ad:cb:57:02:bd:8b:eb:51:0b:70:3f:6e:41:cc: 1f:a7:24:a8:1f:38:b9:08:21:1b:1a:76:ab:c2:d0:ff:72:48: 74:b3:1b:58:83:17:d3:fc:54:94:39:9f:3f:d7:b0:67:72:50: a4:99:bc:21:69:ef:17:d4:31:0d:fc:08:be:43:8f:e2:ef:ff: 9d:77:c1:40:36:fe:7f:be:02:a4:3d:e9:8c:3a:5f:8a:dc:56: 73:5f:70:73:0b:b2:c7:98:83:6a:71:75:4d:c2:3f:fb:be:27: 56:4e:f1:a1:b8:18:81:f7:d7:63:0d:78:c0:e9:ac:a3:37:e3: 01:6a:97:58:de:f6:d3:77:07:f2:68:97:02:d9:ca:c5:7f:76: 21:59:8a:54:28:9a:f5:43:70:f2:54:83:6d:b6:39:20:ef:9d: ff:e7:96:ae:93:f1:7c:b2:a8:d4:f3:61:fe:c7:21:44:ce:5b: 2d:75:1e:f9:68:8c:b0:76:49:d7:be:f1:4a:d2:c3:4d:45:22: cf:35:b6:d1:01:d9:d6:83:67:18:2b:cf:13:6a:68:ba:8c:aa: d3:cb:8f:7e:4d:6a:a4:96:0d:ee:63:16:d7:02:ec:98:28:09: b4:6e:4f:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtisEe2TwbgkbXSeuUFn0HhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi ZmY3NGMwHhcNMjUxMjI4MDIwMTE4WhcNMjUxMjI5MDIwMTE4WjAzMTEwLwYDVQQD EyhhNWU4OTIwYmYxMWY5MjI2MDE4NGI2OWE3MTk5NDk1OGUyNGNhNzRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWZyBH4ykaef8u0T15LBQ7IpR+M5 x+GdvaYywr0zB5hXbINfstTUnwP4vh/0pYdMY06BDQl912VNY4VZGtqHVrqGJD5X mbswSXbiEvYAE/5rNoQVq6ajiBbJ5+rUE1A65yIWogY1SIH4rfUwhKMr0AQ3v2WH WVwDQ2lAyaZOI2rVFRmw91zScjOutVksYz/5S9pbSbCDsHFtMCV+2mVNu3lEWici YiRNR0qADn3qJjtoHYGpRgZwS5D5FAPWB+uKRi+1pw6W8VE4w+QSdmIKgqq7e4+4 E/+DL2G2r9vGjPY5Rivrcs6LB1iwZTMo2j6h1B2n62aFhUl4Yca5Gs4zWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKXokgvxH5ImAYS2mnGZSVjiTKdPMB8GA1UdIwQY MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1 LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghWg0A2c uhpudzAPR14WilMRxujkga3LVwK9i+tRC3A/bkHMH6ckqB84uQghGxp2q8LQ/3JI dLMbWIMX0/xUlDmfP9ewZ3JQpJm8IWnvF9QxDfwIvkOP4u//nXfBQDb+f74CpD3p jDpfitxWc19wcwuyx5iDanF1TcI/+74nVk7xobgYgffXYw14wOmsozfjAWqXWN72 03cH8miXAtnKxX92IVmKVCia9UNw8lSDbbY5IO+d/+eWrpPxfLKo1PNh/schRM5b LXUe+WiMsHZJ177xStLDTUUizzW20QHZ1oNnGCvPE2pouoyq08uPfk1qpJYN7mMW 1wLsmCgJtG5Plw== -----END CERTIFICATE-----Generated at Sun Dec 28 06:25:49 2025 by rpki-client