This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft File: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json) Hash identifier: jso437yN/F0BWoyk9YSmw65adZFLIIx2uZ2lVh43TP8= Subject key identifier: 93:23:C5:AB:23:90:D9:22:34:BB:66:5E:E0:0C:6B:21:F5:0F:49:CA Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 Certificate issuer: /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Certificate serial: 019B74807F54532F54936EA9C0681023E0D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft Manifest number: 0E86 Signing time: Wed 31 Dec 2025 13:02:16 +0000 Manifest this update: Wed 31 Dec 2025 13:02:16 +0000 Manifest next update: Thu 01 Jan 2026 13:02:16 +0000 Files and hashes: 1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: EvZqkUe5dNUzrmqIVXlotX9ZYeb1mpbYkXNylBffN/Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 13:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:74:80:7f:54:53:2f:54:93:6e:a9:c0:68:10:23:e0:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Validity Not Before: Dec 31 13:02:16 2025 GMT Not After : Jan 1 13:02:16 2026 GMT Subject: CN=9323c5ab2390d92234bb665ee00c6b21f50f49ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:77:2d:bc:ec:34:77:62:eb:68:00:e2:13:de: 91:18:16:35:e7:da:a6:35:d9:dd:fa:b4:27:a6:7c: 91:4b:58:9e:2f:64:89:f0:72:02:af:5b:4c:a2:90: 41:1b:4a:6d:2c:f0:fa:43:64:d8:01:30:70:59:4e: 8d:67:bf:57:13:05:67:8f:06:03:e7:92:1a:3c:c0: 7d:27:e0:32:84:f4:7c:f2:ab:4f:b6:6a:f2:d0:6a: f7:0e:5b:66:15:e0:d1:a8:1f:55:ee:ab:06:34:d5: ef:4e:15:de:cd:6f:85:2c:22:28:5b:d6:d7:b6:f6: d3:45:71:0c:27:40:09:50:c6:30:14:90:3a:27:6c: 38:28:56:03:d0:61:43:53:d2:15:8a:0e:7d:38:15: c8:ec:38:b4:9b:1f:08:86:7c:03:82:40:16:d4:88: f0:ab:63:bf:5b:57:03:51:37:12:75:39:96:25:9a: b2:ca:10:a0:00:c1:3e:d3:4a:a2:12:a7:08:5a:83: 5e:9a:18:5d:01:52:67:c7:08:c5:c5:12:36:53:8f: 3a:cf:58:01:8d:81:d5:1e:ed:26:53:9b:da:84:9b: 0f:36:6d:30:dd:e6:fc:98:68:77:80:20:b2:48:f4: 17:a0:4d:b9:88:5b:ac:53:62:69:07:98:e3:00:5d: cf:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:23:C5:AB:23:90:D9:22:34:BB:66:5E:E0:0C:6B:21:F5:0F:49:CA X509v3 Authority Key Identifier: keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:7e:67:00:31:9b:ba:fd:c6:41:34:93:20:0b:00:5a:96:f8: 8c:82:a9:10:e8:1a:83:fa:43:b3:7a:7b:d2:d1:04:3d:ce:26: c6:1e:fe:98:a0:e7:58:b1:8b:38:f4:da:ea:37:bd:f8:99:c7: a9:39:4a:a5:fa:4b:61:d9:7e:8a:c4:32:92:11:26:f9:6f:10: ba:14:8d:f6:8d:0f:49:d6:f8:5a:a6:0f:65:91:08:2b:0e:5b: 60:59:ec:50:62:1c:55:a3:fd:de:7e:1f:5e:a2:13:cd:cd:b0: 17:48:43:e0:ba:3a:d6:6c:79:28:08:f0:66:d7:0c:34:10:56: f8:10:57:05:b2:0d:69:26:de:53:75:ef:cd:03:2f:cf:af:82: 90:02:e7:3d:97:1c:00:91:10:93:58:63:2a:fb:5d:42:6b:dd: 9b:78:76:ee:d9:8a:6d:4e:2b:35:f4:62:63:6b:f7:d3:eb:9c: 2f:0d:b8:d5:da:89:7f:7c:22:45:35:e6:58:ef:39:0c:05:03: aa:3f:9f:15:4f:96:5c:54:48:e0:1c:03:8f:ef:e7:cb:50:87: 2a:a3:68:08:6b:53:e9:dc:97:63:f1:02:38:1c:62:28:ba:44: 19:80:2f:78:89:ea:58:ad:75:49:e6:80:f1:25:31:98:9b:0e: cb:72:8a:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt0gH9UUy9Uk26pwGgQI+DYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2 ZWNkZDcwHhcNMjUxMjMxMTMwMjE2WhcNMjYwMTAxMTMwMjE2WjAzMTEwLwYDVQQD Eyg5MzIzYzVhYjIzOTBkOTIyMzRiYjY2NWVlMDBjNmIyMWY1MGY0OWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHctvOw0d2LraADiE96RGBY159qm Ndnd+rQnpnyRS1ieL2SJ8HICr1tMopBBG0ptLPD6Q2TYATBwWU6NZ79XEwVnjwYD 55IaPMB9J+AyhPR88qtPtmry0Gr3DltmFeDRqB9V7qsGNNXvThXezW+FLCIoW9bX tvbTRXEMJ0AJUMYwFJA6J2w4KFYD0GFDU9IVig59OBXI7Di0mx8IhnwDgkAW1Ijw q2O/W1cDUTcSdTmWJZqyyhCgAME+00qiEqcIWoNemhhdAVJnxwjFxRI2U486z1gB jYHVHu0mU5vahJsPNm0w3eb8mGh3gCCySPQXoE25iFusU2JpB5jjAF3PHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJMjxasjkNkiNLtmXuAMayH1D0nKMB8GA1UdIwQY MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0 LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ35nADGb uv3GQTSTIAsAWpb4jIKpEOgag/pDs3p70tEEPc4mxh7+mKDnWLGLOPTa6je9+JnH qTlKpfpLYdl+isQykhEm+W8QuhSN9o0PSdb4WqYPZZEIKw5bYFnsUGIcVaP93n4f XqITzc2wF0hD4Lo61mx5KAjwZtcMNBBW+BBXBbINaSbeU3XvzQMvz6+CkALnPZcc AJEQk1hjKvtdQmvdm3h27tmKbU4rNfRiY2v30+ucLw241dqJf3wiRTXmWO85DAUD qj+fFU+WXFRI4BwDj+/ny1CHKqNoCGtT6dyXY/ECOBxiKLpEGYAveInqWK11SeaA 8SUxmJsOy3KK6w== -----END CERTIFICATE-----Generated at Wed Dec 31 21:06:53 2025 by rpki-client