This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft File: 2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json) Hash identifier: m+b6Y/FooTQYpo4cdcY4mX0C16ie9h7g96MdVi38KIc= Subject key identifier: 04:D1:E7:4D:23:0D:D2:A1:5C:9A:E4:5B:A5:B5:FF:53:AD:85:04:C6 Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D Certificate issuer: /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Certificate serial: 019B65E80E54BC1ACDB316B24968748F9DBA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft Manifest number: 0BAA Signing time: Sun 28 Dec 2025 17:01:05 +0000 Manifest this update: Sun 28 Dec 2025 17:01:05 +0000 Manifest next update: Mon 29 Dec 2025 17:01:05 +0000 Files and hashes: 1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: s7Z9rxcI2cYSsfwFgcVtMI9Rkjt7ubkXcSu7AnK/WJs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:e8:0e:54:bc:1a:cd:b3:16:b2:49:68:74:8f:9d:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Validity Not Before: Dec 28 17:01:05 2025 GMT Not After : Dec 29 17:01:05 2025 GMT Subject: CN=04d1e74d230dd2a15c9ae45ba5b5ff53ad8504c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:5b:55:ac:5b:60:f2:cf:85:aa:24:84:bf:2e: 3e:60:a0:a0:26:01:ec:4a:77:0a:6a:10:12:6c:7f: 6d:27:6c:84:2e:9c:96:28:17:ca:49:ba:56:ca:ab: 1c:a5:4d:a6:40:be:54:b6:78:be:fd:52:50:a3:99: 51:6d:1d:0a:a9:21:e1:34:41:75:79:62:d6:03:16: 00:00:91:98:eb:ce:20:49:3f:ba:80:e5:5f:7e:90: 34:36:e2:2c:69:8f:d1:26:24:ce:c6:2b:64:09:36: fc:42:33:cf:dc:f2:ca:03:44:81:17:f0:57:6f:02: 0c:4f:ee:c0:05:17:ba:61:e8:db:cb:dd:78:5d:98: 86:c1:3a:ed:9d:64:c8:61:13:e1:8e:51:25:46:ff: 7b:98:4a:51:fb:27:40:ba:26:e4:90:e9:56:64:f4: dc:46:2e:11:43:92:e6:68:a0:ec:a2:63:b8:14:bd: 6a:58:45:c7:6f:dc:52:b3:b9:00:cd:3d:35:97:49: 67:25:43:cf:9f:ed:c5:78:d4:8a:1f:bd:cf:c9:5b: 73:3e:3b:d2:71:3e:d0:7e:a7:3c:c0:1a:3e:5f:cc: a7:81:c7:ae:b9:63:f3:a6:9f:7d:be:ea:3d:d2:07: de:03:99:1c:b7:c6:d0:21:de:d6:54:9c:57:e4:eb: 8c:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D1:E7:4D:23:0D:D2:A1:5C:9A:E4:5B:A5:B5:FF:53:AD:85:04:C6 X509v3 Authority Key Identifier: keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:05:3e:16:99:bb:6b:18:69:2b:e4:cc:61:cf:f8:72:b7:68: a1:dc:69:20:f4:8f:3a:51:9b:b7:e8:61:3c:a4:73:83:11:b9: 02:43:3e:4d:4d:87:54:3f:45:2e:ad:14:8a:44:ae:db:b7:16: 0e:fa:0d:08:04:5d:16:36:f9:7b:d3:9d:a8:d7:e7:7a:41:05: 14:b6:fa:b2:6e:45:55:85:4f:af:e6:34:4e:52:13:49:e4:23: 41:02:b2:49:f8:01:0f:40:9e:df:c7:8f:aa:dc:84:80:80:eb: 2f:fc:15:f5:f0:01:a5:71:1c:e0:11:b0:1f:79:5c:11:78:a6: 05:5a:35:d5:30:d7:8b:4b:90:fb:da:f4:16:e7:d5:16:6e:cb: c0:61:07:db:dc:cb:04:90:98:31:49:ed:13:1a:8b:ac:86:8e: 07:0d:c5:80:55:51:f8:2c:e4:7f:20:c7:33:c4:43:3a:1f:0d: 31:8b:a2:d9:af:3b:1a:bf:1d:6e:4d:1d:96:e6:e9:70:78:a7: 3d:bb:b5:a8:8b:d8:0a:b7:91:39:5e:30:84:d8:94:10:96:84: 49:3e:0c:d0:90:f1:50:4a:87:67:b0:ed:0f:d9:b2:ba:72:d1: c6:62:aa:3f:52:2e:03:a3:de:e3:84:fd:28:ed:98:54:9c:86: 7b:da:0a:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtl6A5UvBrNsxaySWh0j526MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx MjZkMGQwHhcNMjUxMjI4MTcwMTA1WhcNMjUxMjI5MTcwMTA1WjAzMTEwLwYDVQQD EygwNGQxZTc0ZDIzMGRkMmExNWM5YWU0NWJhNWI1ZmY1M2FkODUwNGM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1tVrFtg8s+FqiSEvy4+YKCgJgHs SncKahASbH9tJ2yELpyWKBfKSbpWyqscpU2mQL5Utni+/VJQo5lRbR0KqSHhNEF1 eWLWAxYAAJGY684gST+6gOVffpA0NuIsaY/RJiTOxitkCTb8QjPP3PLKA0SBF/BX bwIMT+7ABRe6Yejby914XZiGwTrtnWTIYRPhjlElRv97mEpR+ydAuibkkOlWZPTc Ri4RQ5LmaKDsomO4FL1qWEXHb9xSs7kAzT01l0lnJUPPn+3FeNSKH73PyVtzPjvS cT7Qfqc8wBo+X8yngceuuWPzpp99vuo90gfeA5kct8bQId7WVJxX5OuMvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFATR500jDdKhXJrkW6W1/1OthQTGMB8GA1UdIwQY MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUgU+Fpm7 axhpK+TMYc/4crdoodxpIPSPOlGbt+hhPKRzgxG5AkM+TU2HVD9FLq0UikSu27cW DvoNCARdFjb5e9OdqNfnekEFFLb6sm5FVYVPr+Y0TlITSeQjQQKySfgBD0Ce38eP qtyEgIDrL/wV9fABpXEc4BGwH3lcEXimBVo11TDXi0uQ+9r0FufVFm7LwGEH29zL BJCYMUntExqLrIaOBw3FgFVR+CzkfyDHM8RDOh8NMYui2a87Gr8dbk0dlubpcHin Pbu1qIvYCreROV4whNiUEJaEST4M0JDxUEqHZ7DtD9myunLRxmKqP1IuA6Pe44T9 KO2YVJyGe9oK5w== -----END CERTIFICATE-----Generated at Sun Dec 28 18:55:32 2025 by rpki-client