This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft File: 2PuW6jr1HFMtfo_oyUN29R4epAI.mft (raw, json) Hash identifier: Ciw/6FR4Ctt6io/T/Tn6vr/ir9LFdKR98xNw6p/pihU= Subject key identifier: 1F:D3:F6:1E:22:3F:49:38:43:7F:FF:18:BE:BD:12:5D:74:0D:1E:D3 Authority key identifier: D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02 Certificate issuer: /CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402 Certificate serial: 019B71EC4E3551C76B3A5FF134480A6072B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft Manifest number: 15C8 Signing time: Wed 31 Dec 2025 01:01:10 +0000 Manifest this update: Wed 31 Dec 2025 01:01:10 +0000 Manifest next update: Thu 01 Jan 2026 01:01:10 +0000 Files and hashes: 1: 2PuW6jr1HFMtfo_oyUN29R4epAI.crl (hash: P9pk1g0LGHKWwdUuh7prWTzNrgluvrAXxktHjwmpM4U=) 2: qvV18edZ4nG1g9Z6XFGjfB91HGk.roa (hash: xA0FHg4k3qhHIOcw440t6o/vgKfLrTtDa1pgd5bBDMs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:ec:4e:35:51:c7:6b:3a:5f:f1:34:48:0a:60:72:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402 Validity Not Before: Dec 31 01:01:10 2025 GMT Not After : Jan 1 01:01:10 2026 GMT Subject: CN=1fd3f61e223f4938437fff18bebd125d740d1ed3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:33:b9:96:f1:8a:2f:e7:69:6a:10:22:3d:02: 68:76:77:cc:cc:a8:b9:02:d4:de:30:03:60:b7:6b: d0:c9:4a:15:52:c0:a5:20:67:c2:f5:d4:c3:69:81: 30:84:ea:84:33:57:20:b1:5d:2c:3a:21:8f:1a:f3: 7e:14:ba:f8:9c:fa:16:af:4e:c2:45:d0:05:45:1e: 59:98:00:be:bc:64:98:b4:74:78:11:77:64:0a:79: 54:2c:e2:69:ee:53:4e:60:97:12:04:79:27:65:aa: d7:15:38:05:49:1d:9e:77:f3:e8:47:9a:d1:d1:25: 04:fc:2d:44:e6:ba:b4:7e:2b:05:27:45:fe:4d:bd: 3e:73:27:80:fb:48:f9:6b:df:00:e4:c8:ca:95:56: 6c:46:56:72:d9:67:95:2d:0a:20:dc:4c:8e:7a:09: bf:3d:59:8c:5c:3e:81:95:5d:c0:e8:4a:7c:28:e7: 4f:35:7c:d2:0a:11:6a:4f:4a:e3:ca:25:15:1f:65: 93:5c:58:a7:49:87:66:2d:d0:61:1c:74:8a:85:46: 60:79:60:74:0a:8c:ba:67:0b:f0:0e:31:c4:58:26: 9a:8e:b0:54:2c:db:c3:ef:33:22:62:19:a6:f3:95: 26:02:b1:1e:84:d2:71:65:8a:a2:05:fe:7f:f6:89: 5e:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:D3:F6:1E:22:3F:49:38:43:7F:FF:18:BE:BD:12:5D:74:0D:1E:D3 X509v3 Authority Key Identifier: keyid:D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:9f:ac:4c:1d:08:18:a0:9f:82:88:2a:4a:80:50:a1:dc:d9: 4d:ba:81:98:49:4b:a4:d0:c0:a3:b8:60:8d:18:b1:7e:91:1f: 9e:fe:18:3e:54:8d:ba:84:02:3b:1d:78:30:ef:f5:26:cc:09: 78:7c:fe:8a:52:12:d1:17:29:6e:dc:e7:69:59:0b:9c:06:93: ce:1e:8a:53:48:9e:4b:35:d6:83:17:da:4e:25:b7:10:c2:7f: 94:4b:c1:ab:f6:d5:82:c0:3b:5e:6c:f2:13:42:30:06:2b:34: c4:c0:78:a1:52:61:c1:73:e0:7b:d1:33:14:ae:5d:68:c6:a6: 2f:d8:2c:d9:5a:25:5b:11:01:57:5a:40:61:35:a7:fa:6b:47: 67:94:96:8b:1e:03:94:74:81:f9:76:2e:81:66:87:d6:bb:bc: d2:66:99:94:cd:7d:b3:fa:a1:11:14:0c:87:44:fd:c0:ac:e5: 49:3d:4a:97:1b:11:79:96:17:59:71:c9:c5:a3:13:47:ad:38: d3:14:f4:4b:14:35:25:bb:33:3c:43:80:31:81:27:56:e1:f3: f6:4a:2e:c2:30:70:25:49:a2:aa:57:5e:ec:59:b5:9f:06:86: b1:ca:f8:ae:bf:00:dd:4b:2e:11:a5:99:31:34:79:6d:58:78: f5:5c:66:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtx7E41UcdrOl/xNEgKYHK4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZmI5NmVhM2FmNTFjNTMyZDdlOGZlOGM5NDM3NmY1MWUx ZWE0MDIwHhcNMjUxMjMxMDEwMTEwWhcNMjYwMTAxMDEwMTEwWjAzMTEwLwYDVQQD EygxZmQzZjYxZTIyM2Y0OTM4NDM3ZmZmMThiZWJkMTI1ZDc0MGQxZWQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDO5lvGKL+dpahAiPQJodnfMzKi5 AtTeMANgt2vQyUoVUsClIGfC9dTDaYEwhOqEM1cgsV0sOiGPGvN+FLr4nPoWr07C RdAFRR5ZmAC+vGSYtHR4EXdkCnlULOJp7lNOYJcSBHknZarXFTgFSR2ed/PoR5rR 0SUE/C1E5rq0fisFJ0X+Tb0+cyeA+0j5a98A5MjKlVZsRlZy2WeVLQog3EyOegm/ PVmMXD6BlV3A6Ep8KOdPNXzSChFqT0rjyiUVH2WTXFinSYdmLdBhHHSKhUZgeWB0 Coy6ZwvwDjHEWCaajrBULNvD7zMiYhmm85UmArEehNJxZYqiBf5/9oleQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB/T9h4iP0k4Q3//GL69El10DR7TMB8GA1UdIwQY MBaAFNj7luo69RxTLX6P6MlDdvUeHqQCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzIt OGViODVlMzI4M2UyLzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzItOGViODVlMzI4M2Uy LzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc5+sTB0I GKCfgogqSoBQodzZTbqBmElLpNDAo7hgjRixfpEfnv4YPlSNuoQCOx14MO/1JswJ eHz+ilIS0RcpbtznaVkLnAaTzh6KU0ieSzXWgxfaTiW3EMJ/lEvBq/bVgsA7Xmzy E0IwBis0xMB4oVJhwXPge9EzFK5daMamL9gs2VolWxEBV1pAYTWn+mtHZ5SWix4D lHSB+XYugWaH1ru80maZlM19s/qhERQMh0T9wKzlST1KlxsReZYXWXHJxaMTR604 0xT0SxQ1JbszPEOAMYEnVuHz9kouwjBwJUmiqlde7Fm1nwaGscr4rr8A3UsuEaWZ MTR5bVh49VxmUw== -----END CERTIFICATE-----Generated at Wed Dec 31 09:10:46 2025 by rpki-client