This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft File: 2EPxqgSY2E95UyPB_2uuOvQCBtE.mft (raw, json) Hash identifier: h/QVqa20Rs1F0fdG/8TNG92yumh/2SRmbRLGXIxT96g= Subject key identifier: 60:2F:5A:11:2F:C0:D5:BA:0F:7D:B6:43:7A:8E:E7:A0:FD:52:4C:5F Authority key identifier: D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 Certificate issuer: /CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Certificate serial: 019B4A711A5FADBAE023D619A89C0497A915 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft Manifest number: 1790 Signing time: Tue 23 Dec 2025 09:01:24 +0000 Manifest this update: Tue 23 Dec 2025 09:01:24 +0000 Manifest next update: Wed 24 Dec 2025 09:01:24 +0000 Files and hashes: 1: 2EPxqgSY2E95UyPB_2uuOvQCBtE.crl (hash: UbXNP4//HRwsttKmeTvk4C9MPJmDZLDCXtSVkoE5Nzg=) 2: Lr1Je63vs8PyvkKI1_N9un3D4qE.roa (hash: hbRmpQBdQ4b6GdZPWppZ6a4wJHdosMiH1PY+13rdPiE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:71:1a:5f:ad:ba:e0:23:d6:19:a8:9c:04:97:a9:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Validity Not Before: Dec 23 09:01:24 2025 GMT Not After : Dec 24 09:01:24 2025 GMT Subject: CN=602f5a112fc0d5ba0f7db6437a8ee7a0fd524c5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:70:a9:dc:db:fd:84:fc:d1:2a:d5:23:ca:b6: 3b:b6:4b:65:30:d8:2a:d5:dc:f0:22:80:c2:36:19: 9e:ef:84:6d:5d:71:37:77:ec:b7:0b:c6:51:6c:89: f0:b9:ad:ce:d4:cb:46:50:b8:4b:f1:e4:db:25:58: 89:2d:d9:fc:6b:6a:e4:c8:51:7d:e8:9d:c6:00:4b: a5:91:b3:ac:9a:10:0e:56:f1:4a:72:1b:bc:29:cc: 5a:ac:2f:f7:aa:c3:19:0b:ac:d0:ab:fe:ed:a3:44: 35:3f:67:f9:f1:e8:93:a0:7d:b4:02:c5:4c:08:27: 0a:27:8c:c0:30:7d:45:4f:64:3b:51:ff:2d:73:69: a3:3c:07:fd:af:88:63:8c:76:a2:86:ac:c5:ec:0b: 13:af:13:b7:5d:62:72:03:c5:7f:04:98:5d:21:d9: ef:24:01:a6:c9:f6:80:4b:9c:e7:48:15:c2:61:7c: cb:85:60:d8:0f:1b:55:8c:bd:84:92:3d:87:32:0e: 33:ee:09:72:84:3d:4e:44:24:db:8c:02:bf:c1:d8: a2:d7:6b:c0:77:5a:c1:dd:c2:22:31:f1:91:4f:93: 44:51:15:78:d8:f3:88:53:d4:e2:94:dc:47:7d:01: ea:d9:be:57:41:0a:23:db:4c:98:7f:76:6a:32:7c: d9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:2F:5A:11:2F:C0:D5:BA:0F:7D:B6:43:7A:8E:E7:A0:FD:52:4C:5F X509v3 Authority Key Identifier: keyid:D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:24:30:85:47:0e:a8:e3:e6:8f:83:a6:3b:d0:d5:6c:27:fe: ce:2e:73:3a:98:0d:7b:40:09:ac:8c:68:95:f8:c4:55:63:43: 17:46:ab:ec:e6:c6:9b:44:5b:03:21:b3:b7:b6:ef:e3:a8:b7: ef:d1:fe:e0:6f:dd:d6:5a:cb:cd:9f:83:7a:b9:c5:b9:18:27: 71:04:c6:6e:88:5e:71:1f:97:3a:4b:0f:02:77:09:24:2e:ed: 89:f0:ee:89:56:ec:58:36:81:a9:a1:d2:8f:ea:f5:f2:fd:7b: 5c:60:88:d4:88:76:53:69:3d:8d:ed:c1:45:57:18:1d:fd:2d: 8c:4a:b1:4e:b6:ee:a3:57:0a:69:49:f2:5b:4f:af:83:2e:af: 3d:00:db:70:fc:76:6a:bf:4a:96:0d:0c:6b:ce:db:c4:90:8d: eb:70:00:92:db:91:30:84:a9:a8:02:fa:ee:d9:5f:d1:ff:6c: d3:58:60:03:1d:43:77:7b:58:c7:c8:ac:18:50:6f:6a:64:25: 87:62:de:a7:97:2b:57:a2:6c:d7:c3:15:8a:db:db:63:53:21: 3d:7f:65:e4:69:07:44:09:10:99:35:24:43:b9:a9:ca:77:ee: 28:7e:a1:77:a0:7f:0e:81:a8:46:bd:51:19:15:cb:01:62:d6: 68:fd:50:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKcRpfrbrgI9YZqJwEl6kVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NDNmMWFhMDQ5OGQ4NGY3OTUzMjNjMWZmNmJhZTNhZjQw MjA2ZDEwHhcNMjUxMjIzMDkwMTI0WhcNMjUxMjI0MDkwMTI0WjAzMTEwLwYDVQQD Eyg2MDJmNWExMTJmYzBkNWJhMGY3ZGI2NDM3YThlZTdhMGZkNTI0YzVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnCp3Nv9hPzRKtUjyrY7tktlMNgq 1dzwIoDCNhme74RtXXE3d+y3C8ZRbInwua3O1MtGULhL8eTbJViJLdn8a2rkyFF9 6J3GAEulkbOsmhAOVvFKchu8KcxarC/3qsMZC6zQq/7to0Q1P2f58eiToH20AsVM CCcKJ4zAMH1FT2Q7Uf8tc2mjPAf9r4hjjHaihqzF7AsTrxO3XWJyA8V/BJhdIdnv JAGmyfaAS5znSBXCYXzLhWDYDxtVjL2Ekj2HMg4z7glyhD1ORCTbjAK/wdii12vA d1rB3cIiMfGRT5NEURV42POIU9TilNxHfQHq2b5XQQoj20yYf3ZqMnzZdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGAvWhEvwNW6D322Q3qO56D9UkxfMB8GA1UdIwQY MBaAFNhD8aoEmNhPeVMjwf9rrjr0AgbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEt NzZhMTk0NTU0YjA1LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEtNzZhMTk0NTU0YjA1 LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSQwhUcO qOPmj4OmO9DVbCf+zi5zOpgNe0AJrIxolfjEVWNDF0ar7ObGm0RbAyGzt7bv46i3 79H+4G/d1lrLzZ+DernFuRgncQTGbohecR+XOksPAncJJC7tifDuiVbsWDaBqaHS j+r18v17XGCI1Ih2U2k9je3BRVcYHf0tjEqxTrbuo1cKaUnyW0+vgy6vPQDbcPx2 ar9Klg0Ma87bxJCN63AAktuRMISpqAL67tlf0f9s01hgAx1Dd3tYx8isGFBvamQl h2Lep5crV6Js18MVitvbY1MhPX9l5GkHRAkQmTUkQ7mpynfuKH6hd6B/DoGoRr1R GRXLAWLWaP1Q0Q== -----END CERTIFICATE-----Generated at Tue Dec 23 12:39:45 2025 by rpki-client