This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json) Hash identifier: vqW/Q8edIbQefNFXdoJa0VxgljhW3aSL/TQHvIlxsig= Subject key identifier: 0F:AC:AD:72:F6:A4:EE:BC:9F:DE:7E:78:F3:81:CB:28:F9:A8:E7:95 Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Certificate serial: 019B3F1192FA82FA9D44AF670A1D39C984E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft Manifest number: 016B Signing time: Sun 21 Dec 2025 04:01:14 +0000 Manifest this update: Sun 21 Dec 2025 04:01:14 +0000 Manifest next update: Mon 22 Dec 2025 04:01:14 +0000 Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: Hci++irGim+W8rVzrdyRiy0Y8amkjRO1YGVnipZKUhE=) 2: G9oTd4bBpmlm3pZMn3YyyXAVIyI.roa (hash: XC2pyO3ZNZCKadVf4J0EDWPKrfSqScmOhmM8oMNNkCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:92:fa:82:fa:9d:44:af:67:0a:1d:39:c9:84:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Validity Not Before: Dec 21 04:01:14 2025 GMT Not After : Dec 22 04:01:14 2025 GMT Subject: CN=0facad72f6a4eebc9fde7e78f381cb28f9a8e795 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ce:56:ad:f6:92:2d:db:b0:81:f9:f1:a3:56: 8e:72:ec:5a:3b:e6:2a:2d:09:c8:04:92:69:a3:a5: d0:5a:65:ff:a0:7c:b7:54:8e:7c:1b:28:34:f4:66: 08:4c:4d:bf:98:ec:6c:fd:b5:b6:d6:37:d3:da:5e: 01:c7:38:09:51:38:d0:7f:99:48:79:24:a3:4c:a7: 0b:a2:79:fa:8e:8e:16:02:24:0f:bf:1b:35:14:bb: d8:92:81:d7:13:98:8f:70:98:55:6f:62:9d:09:21: 5f:f6:d5:e2:9a:3e:fe:72:9b:59:53:10:42:5b:be: 89:4a:d2:33:8e:96:b9:3c:bb:b7:dc:a6:57:b5:04: 97:52:f9:3f:1c:6b:02:af:56:69:b6:ed:3b:f7:48: 7b:35:c8:76:f5:37:56:b3:7c:02:af:3e:56:7d:02: 84:b6:07:49:15:c9:14:0f:50:d7:15:d9:4d:e6:5b: da:d0:29:09:56:5f:8d:7b:c6:13:ba:b3:ef:4b:95: 9f:90:54:31:e9:3a:97:ac:99:0b:84:24:f5:b3:f3: b9:45:ce:c3:83:e3:cc:8e:66:73:1e:7d:72:02:d8: 15:05:07:b8:3d:e3:8a:a5:49:90:be:61:7a:6e:af: 0d:c3:0b:41:40:52:03:92:ea:41:1c:f9:f7:ef:c5: 05:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:AC:AD:72:F6:A4:EE:BC:9F:DE:7E:78:F3:81:CB:28:F9:A8:E7:95 X509v3 Authority Key Identifier: keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:40:f6:05:18:61:cf:58:d8:cc:6a:f5:37:97:e9:d7:f6:81: e3:7c:eb:ad:54:4b:5c:c8:e2:32:42:cf:ff:b9:13:1f:fa:1a: 77:65:40:81:6f:8c:8d:ef:4f:12:6c:e4:56:a4:2c:e3:3f:5d: f5:ae:83:1e:3e:5e:cc:60:c9:70:b8:05:80:72:aa:93:39:23: 17:4d:16:60:d2:24:e5:c8:a2:24:5c:7d:90:49:4d:98:63:2a: f7:74:ee:0c:39:87:68:ab:b1:03:22:a8:ec:0f:19:b8:dd:64: 62:fd:30:2d:f1:02:4f:b6:8c:9a:b2:34:6c:3d:50:05:8f:5f: fd:1b:3d:db:7c:5b:6c:d5:c9:3b:37:87:76:2d:4f:b9:c0:5a: a1:a0:64:fe:9b:ad:0b:6c:c9:07:f7:e1:2d:39:89:9b:bb:97: 8c:01:d0:8b:09:04:6b:e1:2b:d0:62:29:ff:78:8e:2c:4a:38: 24:cb:0c:e4:36:15:3b:f3:72:88:c8:8c:0f:f6:ed:1d:54:b6: e6:6d:18:95:99:32:8b:bb:d2:3e:02:56:2c:56:ef:40:cd:b5: 5e:d1:2d:f5:73:25:b5:71:29:87:75:8a:67:60:c8:28:4e:38: 16:60:22:94:fb:4d:c4:85:54:3b:55:2a:13:29:e5:63:78:d5: a5:8c:ea:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/EZL6gvqdRK9nCh05yYTmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm ZTUyYjkwHhcNMjUxMjIxMDQwMTE0WhcNMjUxMjIyMDQwMTE0WjAzMTEwLwYDVQQD EygwZmFjYWQ3MmY2YTRlZWJjOWZkZTdlNzhmMzgxY2IyOGY5YThlNzk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2s5WrfaSLduwgfnxo1aOcuxaO+Yq LQnIBJJpo6XQWmX/oHy3VI58Gyg09GYITE2/mOxs/bW21jfT2l4BxzgJUTjQf5lI eSSjTKcLonn6jo4WAiQPvxs1FLvYkoHXE5iPcJhVb2KdCSFf9tXimj7+cptZUxBC W76JStIzjpa5PLu33KZXtQSXUvk/HGsCr1Zptu0790h7Nch29TdWs3wCrz5WfQKE tgdJFckUD1DXFdlN5lva0CkJVl+Ne8YTurPvS5WfkFQx6TqXrJkLhCT1s/O5Rc7D g+PMjmZzHn1yAtgVBQe4PeOKpUmQvmF6bq8NwwtBQFIDkupBHPn378UFNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA+srXL2pO68n95+ePOByyj5qOeVMB8GA1UdIwQY MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0 LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUD2BRhh z1jYzGr1N5fp1/aB43zrrVRLXMjiMkLP/7kTH/oad2VAgW+Mje9PEmzkVqQs4z9d 9a6DHj5ezGDJcLgFgHKqkzkjF00WYNIk5ciiJFx9kElNmGMq93TuDDmHaKuxAyKo 7A8ZuN1kYv0wLfECT7aMmrI0bD1QBY9f/Rs923xbbNXJOzeHdi1PucBaoaBk/put C2zJB/fhLTmJm7uXjAHQiwkEa+Er0GIp/3iOLEo4JMsM5DYVO/NyiMiMD/btHVS2 5m0YlZkyi7vSPgJWLFbvQM21XtEt9XMltXEph3WKZ2DIKE44FmAilPtNxIVUO1Uq EynlY3jVpYzqxw== -----END CERTIFICATE-----Generated at Sun Dec 21 10:46:56 2025 by rpki-client