This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft File: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json) Hash identifier: RnIOf7rQLRT+gJgZ73Iwr6mozsm+xKmK5hzuFLvXivM= Subject key identifier: 78:0A:8E:F7:5C:3B:67:59:F3:E6:65:21:B1:9B:31:49:74:F9:80:48 Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4 Certificate issuer: /CN=d9a23485fed8c850745232e3dc51ccead47254a4 Certificate serial: 019B4BF2151632E11E8EA6BC18A385456FEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft Manifest number: 0B9E Signing time: Tue 23 Dec 2025 16:01:54 +0000 Manifest this update: Tue 23 Dec 2025 16:01:54 +0000 Manifest next update: Wed 24 Dec 2025 16:01:54 +0000 Files and hashes: 1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: mH6+taobDjE41xVI17XkaZpJkKUaQDLMYJ7EIYCh/cY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:f2:15:16:32:e1:1e:8e:a6:bc:18:a3:85:45:6f:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4 Validity Not Before: Dec 23 16:01:54 2025 GMT Not After : Dec 24 16:01:54 2025 GMT Subject: CN=780a8ef75c3b6759f3e66521b19b314974f98048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f1:99:e2:5b:a3:73:ad:48:9e:f4:2f:d7:06: e0:bb:0e:80:17:da:9c:a9:00:9b:49:d0:7a:10:2b: 99:dc:1f:ee:c8:2c:8b:b5:1d:77:a7:25:57:a4:aa: 3e:29:da:60:21:9f:5d:d1:8a:80:d8:58:fd:25:05: a2:b0:e1:04:73:c8:0c:56:8b:0c:38:28:a5:a1:5f: 84:af:34:94:08:81:e0:b1:3b:b3:73:50:52:3e:15: f2:9c:b4:f2:19:16:47:f6:62:c6:4b:16:9f:e7:34: 40:c1:16:67:52:0d:0e:65:79:32:f4:d5:00:6d:dd: 09:2f:1b:66:62:ba:23:91:ed:f0:06:06:68:3b:08: 93:04:c8:1e:6b:d5:cc:31:30:fc:3b:b1:17:5f:d2: d1:56:4d:50:34:d2:48:4f:03:1d:88:5c:8e:47:20: 19:ff:6a:54:90:57:16:63:01:e5:3f:38:ef:a8:29: 99:53:0c:0e:40:c7:b4:ae:ae:b2:4d:2e:81:49:12: ca:e9:9b:24:c5:3c:3a:bf:95:da:8e:fb:f4:f0:64: 53:56:7d:40:a5:13:c6:58:2e:47:bc:d9:e4:d1:f7: bd:57:35:a9:69:53:ed:13:99:d7:3d:0d:c4:a0:64: 4a:48:be:8a:3a:1e:b8:98:14:a9:35:0b:73:00:da: 76:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:0A:8E:F7:5C:3B:67:59:F3:E6:65:21:B1:9B:31:49:74:F9:80:48 X509v3 Authority Key Identifier: keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:a7:fd:2c:34:34:1a:f6:9f:03:5e:10:e1:4b:9f:dd:82:80: d5:41:05:bb:9c:25:4f:f6:56:4d:6f:27:61:e0:e9:a8:9d:9b: 96:21:14:c1:a1:9d:d6:61:c5:1e:2f:01:22:04:5f:14:48:58: 7c:42:a2:a5:0b:ab:51:50:df:9d:98:09:81:59:89:fb:3f:84: c6:be:94:7b:1f:84:39:d9:44:a0:ed:84:a8:a0:94:ed:01:4c: ac:75:be:22:48:5a:65:b5:4d:2d:d3:a2:66:cd:7e:93:6f:88: 73:c4:97:1e:94:2d:a9:56:01:56:d0:7f:32:70:c5:30:64:59: f5:1e:77:b8:cb:7f:72:3c:5f:4e:ea:16:68:f4:dc:da:20:0d: 62:c0:7b:03:17:bd:99:c9:d6:b1:a3:b0:95:5d:0b:53:2b:d1: ec:ec:24:51:49:e9:7b:98:04:b3:5c:b5:32:9b:e6:64:d3:a5: fa:df:e5:2a:90:27:76:25:6b:88:27:d3:30:3a:5c:fd:60:32: 93:95:d3:45:32:47:e9:3f:02:10:8b:6b:3e:fc:30:63:d5:4f: e7:57:88:b4:5b:1f:2b:c3:4e:ca:b3:ca:94:eb:67:86:03:5b: 5e:e5:87:63:a6:84:79:fc:fd:55:4d:83:66:bc:e9:63:d1:22: 9c:ea:3b:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtL8hUWMuEejqa8GKOFRW/rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3 MjU0YTQwHhcNMjUxMjIzMTYwMTU0WhcNMjUxMjI0MTYwMTU0WjAzMTEwLwYDVQQD Eyg3ODBhOGVmNzVjM2I2NzU5ZjNlNjY1MjFiMTliMzE0OTc0Zjk4MDQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovGZ4lujc61InvQv1wbguw6AF9qc qQCbSdB6ECuZ3B/uyCyLtR13pyVXpKo+KdpgIZ9d0YqA2Fj9JQWisOEEc8gMVosM OCiloV+ErzSUCIHgsTuzc1BSPhXynLTyGRZH9mLGSxaf5zRAwRZnUg0OZXky9NUA bd0JLxtmYrojke3wBgZoOwiTBMgea9XMMTD8O7EXX9LRVk1QNNJITwMdiFyORyAZ /2pUkFcWYwHlPzjvqCmZUwwOQMe0rq6yTS6BSRLK6ZskxTw6v5Xajvv08GRTVn1A pRPGWC5HvNnk0fe9VzWpaVPtE5nXPQ3EoGRKSL6KOh64mBSpNQtzANp2nwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHgKjvdcO2dZ8+ZlIbGbMUl0+YBIMB8GA1UdIwQY MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0 LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuaf9LDQ0 GvafA14Q4Uuf3YKA1UEFu5wlT/ZWTW8nYeDpqJ2bliEUwaGd1mHFHi8BIgRfFEhY fEKipQurUVDfnZgJgVmJ+z+Exr6Uex+EOdlEoO2EqKCU7QFMrHW+IkhaZbVNLdOi Zs1+k2+Ic8SXHpQtqVYBVtB/MnDFMGRZ9R53uMt/cjxfTuoWaPTc2iANYsB7Axe9 mcnWsaOwlV0LUyvR7OwkUUnpe5gEs1y1MpvmZNOl+t/lKpAndiVriCfTMDpc/WAy k5XTRTJH6T8CEItrPvwwY9VP51eItFsfK8NOyrPKlOtnhgNbXuWHY6aEefz9VU2D ZrzpY9EinOo7Xg== -----END CERTIFICATE-----Generated at Tue Dec 23 18:31:12 2025 by rpki-client