This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft File: 2xTnpr6Xzsb1vBpninbqbRYZwwY.mft (raw, json) Hash identifier: 4yHoJXGWO6IDHaa5ZrQsbmqt3loDaR4Pz9HRuT4Bd60= Subject key identifier: 3F:54:CE:B0:CB:03:07:D3:D0:DF:30:76:B6:EA:74:AB:BE:11:39:16 Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06 Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306 Certificate serial: 019B3D90C6F10307F8B9A515DFBC075DDFE3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft Manifest number: 154C Signing time: Sat 20 Dec 2025 21:00:56 +0000 Manifest this update: Sat 20 Dec 2025 21:00:56 +0000 Manifest next update: Sun 21 Dec 2025 21:00:56 +0000 Files and hashes: 1: 2xTnpr6Xzsb1vBpninbqbRYZwwY.crl (hash: EuTQENPJIh/63ssLDWYfBXSpcJFjSXnF6VxWc0k62JY=) 2: FjL5MqcK0dv0phSETNIP5t1SBWg.roa (hash: HghvVzu9hsO9wX3NaFq2EgUKtQhDl/MHwAlkrJlofBE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:c6:f1:03:07:f8:b9:a5:15:df:bc:07:5d:df:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306 Validity Not Before: Dec 20 21:00:56 2025 GMT Not After : Dec 21 21:00:56 2025 GMT Subject: CN=3f54ceb0cb0307d3d0df3076b6ea74abbe113916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:58:4e:ca:23:f8:3d:ea:b4:83:8f:0f:7e:8b: 4d:9c:86:e8:bc:27:42:9c:80:c3:78:4c:4b:94:75: f6:9e:e4:12:07:66:20:2f:f4:f3:81:2e:5e:3e:36: 1d:f3:e2:27:4d:62:f4:0f:df:54:0e:97:04:f8:54: 8a:91:9a:00:80:3a:dc:34:29:75:36:aa:6a:ec:a3: fc:f0:3d:fc:95:64:e1:5b:3c:32:4d:d6:b7:61:65: a2:9f:2a:4b:c3:5e:f8:f1:ae:84:bd:f3:2e:ab:f7: 14:5d:21:80:37:fa:0a:82:a0:a0:b4:e3:81:de:67: 6b:69:9f:68:13:9b:2d:d2:0c:1c:c8:9a:95:82:71: df:a3:12:21:fa:18:f6:d0:bf:a2:4a:c8:9a:7e:b4: 8b:56:5b:06:ce:af:d2:ea:54:12:d5:1d:ae:dd:2f: fe:8b:2b:ef:07:30:1d:a5:1c:f7:2c:d3:10:92:71: 04:9b:a9:ce:3b:32:33:5a:23:18:07:b2:ec:a7:a3: 2e:62:20:38:59:f7:93:cb:af:c2:80:45:17:a2:b8: 9c:22:c8:d4:69:ca:e4:0f:bc:b8:83:b5:29:15:1f: 41:ce:cb:b4:d1:37:eb:56:e9:49:47:04:50:f0:51: 9f:5a:ae:4f:56:16:10:f3:97:6e:52:75:07:03:8b: 7f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:54:CE:B0:CB:03:07:D3:D0:DF:30:76:B6:EA:74:AB:BE:11:39:16 X509v3 Authority Key Identifier: keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:1b:c2:e9:99:3b:0e:20:ea:f7:e0:b8:7a:19:71:05:ce:1a: 84:0c:60:9e:a1:5e:c9:6a:7d:99:cc:52:92:f3:d0:ff:cd:55: da:3e:c2:d8:37:fc:08:99:67:48:9f:ef:6d:3e:25:38:ad:88: 7c:36:ec:58:51:f5:73:67:58:97:73:8e:1e:b7:d8:25:d1:48: bb:d3:06:12:68:ee:d3:32:12:8f:c1:08:d8:9e:41:f9:70:91: 96:93:65:73:37:9b:0e:c8:e7:5f:df:a6:63:32:54:83:36:66: 83:1a:47:bc:b7:8a:38:db:b1:5d:18:07:01:aa:4d:b1:76:a4: 02:05:89:8f:3a:2c:d9:b1:b0:48:52:7a:21:a4:f8:9e:55:81: 0c:fd:e2:90:c1:42:fc:78:62:dc:06:ac:01:89:b0:b3:cb:28: 90:de:f7:b4:ee:df:16:8c:e4:7a:61:39:f1:ec:c2:29:11:9f: ca:8e:24:25:61:82:8e:42:c5:90:f5:36:b3:c9:27:75:94:e5: 16:70:0c:ed:4c:58:1f:50:77:fb:03:49:61:1e:aa:78:13:58: cc:1f:ee:5c:b5:7d:22:ed:bf:82:65:be:f8:6e:73:c5:8b:ad: 51:b2:6d:2e:47:08:ad:ad:b2:a9:b8:63:f3:30:09:a2:68:fb: 6b:4a:70:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kMbxAwf4uaUV37wHXd/jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx OWMzMDYwHhcNMjUxMjIwMjEwMDU2WhcNMjUxMjIxMjEwMDU2WjAzMTEwLwYDVQQD EygzZjU0Y2ViMGNiMDMwN2QzZDBkZjMwNzZiNmVhNzRhYmJlMTEzOTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlhOyiP4Peq0g48PfotNnIbovCdC nIDDeExLlHX2nuQSB2YgL/TzgS5ePjYd8+InTWL0D99UDpcE+FSKkZoAgDrcNCl1 Nqpq7KP88D38lWThWzwyTda3YWWinypLw1748a6EvfMuq/cUXSGAN/oKgqCgtOOB 3mdraZ9oE5st0gwcyJqVgnHfoxIh+hj20L+iSsiafrSLVlsGzq/S6lQS1R2u3S/+ iyvvBzAdpRz3LNMQknEEm6nOOzIzWiMYB7Lsp6MuYiA4WfeTy6/CgEUXoricIsjU acrkD7y4g7UpFR9Bzsu00TfrVulJRwRQ8FGfWq5PVhYQ85duUnUHA4t/AwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD9UzrDLAwfT0N8wdrbqdKu+ETkWMB8GA1UdIwQY MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt MTFmOTFkMDczOWM5LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5 LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBvC6Zk7 DiDq9+C4ehlxBc4ahAxgnqFeyWp9mcxSkvPQ/81V2j7C2Df8CJlnSJ/vbT4lOK2I fDbsWFH1c2dYl3OOHrfYJdFIu9MGEmju0zISj8EI2J5B+XCRlpNlczebDsjnX9+m YzJUgzZmgxpHvLeKONuxXRgHAapNsXakAgWJjzos2bGwSFJ6IaT4nlWBDP3ikMFC /Hhi3AasAYmws8sokN73tO7fFozkemE58ezCKRGfyo4kJWGCjkLFkPU2s8kndZTl FnAM7UxYH1B3+wNJYR6qeBNYzB/uXLV9Iu2/gmW++G5zxYutUbJtLkcIra2yqbhj 8zAJomj7a0pwwQ== -----END CERTIFICATE-----Generated at Sun Dec 21 02:27:34 2025 by rpki-client