This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft File: 2EPxqgSY2E95UyPB_2uuOvQCBtE.mft (raw, json) Hash identifier: If9dkHQIqVbrswWLhxqD1RVbe7GwTj79eqrMGgRxYqg= Subject key identifier: 0D:19:06:ED:C6:A6:42:9E:20:B2:D6:EA:47:C0:22:73:91:E0:FB:61 Authority key identifier: D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 Certificate issuer: /CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Certificate serial: 019B6957B532770D0E95D0847DBDFBF119B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft Manifest number: 17A0 Signing time: Mon 29 Dec 2025 09:01:54 +0000 Manifest this update: Mon 29 Dec 2025 09:01:54 +0000 Manifest next update: Tue 30 Dec 2025 09:01:54 +0000 Files and hashes: 1: 2EPxqgSY2E95UyPB_2uuOvQCBtE.crl (hash: cjj5DvFFs779Xgcp2y64d4HKnlN+bZjFgc6MlqUyH6M=) 2: Lr1Je63vs8PyvkKI1_N9un3D4qE.roa (hash: hbRmpQBdQ4b6GdZPWppZ6a4wJHdosMiH1PY+13rdPiE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 09:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:57:b5:32:77:0d:0e:95:d0:84:7d:bd:fb:f1:19:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Validity Not Before: Dec 29 09:01:54 2025 GMT Not After : Dec 30 09:01:54 2025 GMT Subject: CN=0d1906edc6a6429e20b2d6ea47c0227391e0fb61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:27:02:84:1d:b4:9f:77:2a:d3:15:4c:56:b6: f5:4d:e8:22:91:c0:a4:0e:71:d8:bc:87:a9:0b:07: b1:70:80:80:d1:24:ae:a4:f8:ef:5b:37:7e:9d:ce: 38:3d:36:7f:88:65:2a:25:52:5b:2c:03:88:11:15: 33:4e:8f:0e:78:21:15:16:3e:10:c6:a2:ad:b3:45: 7b:f5:4e:c1:f2:49:8e:d0:7f:c0:af:3c:2b:10:8c: 56:c2:dd:0e:89:71:97:d1:49:21:c1:c3:85:84:74: f0:ba:3a:35:2b:62:c6:84:e9:94:1a:a0:82:36:a0: d3:6a:1a:75:f8:22:f9:36:3c:60:0c:0f:70:91:f1: 68:eb:0b:38:27:5a:d7:92:0c:ba:1c:b8:54:ff:6c: f9:d8:02:fb:b2:20:69:38:f8:65:50:18:5d:c9:c5: 7b:cf:7f:4d:92:2e:fa:bc:db:2a:71:d9:34:82:1d: 8f:21:1d:47:6f:dd:89:3b:69:c9:69:6d:12:04:40: 1c:33:53:ab:c8:9a:34:19:45:a5:c1:82:ac:0b:fd: 36:e0:4a:89:ce:2b:ed:8b:64:99:ab:bb:1f:85:64: 49:6d:36:59:26:b0:80:aa:77:09:ee:0d:a4:8c:0c: a2:30:5b:48:63:df:48:ad:f5:97:ba:20:60:2c:82: 4f:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:19:06:ED:C6:A6:42:9E:20:B2:D6:EA:47:C0:22:73:91:E0:FB:61 X509v3 Authority Key Identifier: keyid:D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:d1:2a:e1:04:4c:fc:fd:df:0a:c3:53:a7:c1:a7:d0:e7:04: e9:6a:28:44:6e:af:82:ab:14:af:24:0a:92:62:3d:6e:19:c1: 36:37:d5:b5:af:87:0a:3e:f0:5a:bb:dd:a4:33:8b:e4:30:d6: 2f:ab:4d:06:09:05:bc:9b:46:77:a7:32:6e:f3:4b:e3:7a:8c: 1d:0c:e2:33:57:01:76:11:cf:9b:b9:a8:66:55:71:bd:ea:e9: 94:16:63:65:2b:26:3d:3b:0f:a4:34:88:31:c2:57:ce:92:78: cd:17:c5:64:22:ad:16:dd:68:e0:19:13:b4:e3:04:13:d8:69: 0c:a7:7e:6a:fd:a0:20:a4:12:92:45:5e:1e:65:4d:59:d9:f0: 1c:b8:50:56:bd:39:d3:a7:87:d8:23:b2:7d:3b:e1:73:c4:84: 58:84:43:5c:18:ec:ff:89:c2:30:50:1e:8f:2c:22:34:cb:60: 97:01:77:4e:5a:06:29:21:57:0d:3f:b1:40:f7:ef:43:b4:38: 85:32:79:da:c9:c5:b9:02:87:d3:6a:f5:ec:ca:7f:ea:70:e0: be:a7:b6:8a:9b:7d:11:38:9e:0a:9b:f8:a1:ca:10:db:06:ed: 09:c2:da:0e:e5:36:cc:d6:f3:07:85:dc:e2:a8:37:4e:ab:89: e3:bc:cb:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtpV7Uydw0OldCEfb378RmxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NDNmMWFhMDQ5OGQ4NGY3OTUzMjNjMWZmNmJhZTNhZjQw MjA2ZDEwHhcNMjUxMjI5MDkwMTU0WhcNMjUxMjMwMDkwMTU0WjAzMTEwLwYDVQQD EygwZDE5MDZlZGM2YTY0MjllMjBiMmQ2ZWE0N2MwMjI3MzkxZTBmYjYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnycChB20n3cq0xVMVrb1TegikcCk DnHYvIepCwexcICA0SSupPjvWzd+nc44PTZ/iGUqJVJbLAOIERUzTo8OeCEVFj4Q xqKts0V79U7B8kmO0H/ArzwrEIxWwt0OiXGX0UkhwcOFhHTwujo1K2LGhOmUGqCC NqDTahp1+CL5NjxgDA9wkfFo6ws4J1rXkgy6HLhU/2z52AL7siBpOPhlUBhdycV7 z39Nki76vNsqcdk0gh2PIR1Hb92JO2nJaW0SBEAcM1OryJo0GUWlwYKsC/024EqJ zivti2SZq7sfhWRJbTZZJrCAqncJ7g2kjAyiMFtIY99IrfWXuiBgLIJP/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0ZBu3GpkKeILLW6kfAInOR4PthMB8GA1UdIwQY MBaAFNhD8aoEmNhPeVMjwf9rrjr0AgbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEt NzZhMTk0NTU0YjA1LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEtNzZhMTk0NTU0YjA1 LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmtEq4QRM /P3fCsNTp8Gn0OcE6WooRG6vgqsUryQKkmI9bhnBNjfVta+HCj7wWrvdpDOL5DDW L6tNBgkFvJtGd6cybvNL43qMHQziM1cBdhHPm7moZlVxverplBZjZSsmPTsPpDSI McJXzpJ4zRfFZCKtFt1o4BkTtOMEE9hpDKd+av2gIKQSkkVeHmVNWdnwHLhQVr05 06eH2COyfTvhc8SEWIRDXBjs/4nCMFAejywiNMtglwF3TloGKSFXDT+xQPfvQ7Q4 hTJ52snFuQKH02r17Mp/6nDgvqe2ipt9ETieCpv4ocoQ2wbtCcLaDuU2zNbzB4Xc 4qg3TquJ47zL+Q== -----END CERTIFICATE-----Generated at Mon Dec 29 14:41:41 2025 by rpki-client