This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json) Hash identifier: doAba/sglF8VJdZbc5tXzw5gC71xizc7XCTDDFQ5OLg= Subject key identifier: 59:52:DB:53:4E:00:8F:0C:94:7D:46:0F:37:F9:E6:48:E2:55:F2:0B Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df Certificate serial: 019B522A870F4019C621CA8B47D7459345BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft Manifest number: 0441 Signing time: Wed 24 Dec 2025 21:01:17 +0000 Manifest this update: Wed 24 Dec 2025 21:01:17 +0000 Manifest next update: Thu 25 Dec 2025 21:01:17 +0000 Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: 0n6D05n2yIy3uf5xSzSKyErGwTNtDhwFkhk1s8s0EZY=) 2: S9_pIBHq75Wq7oGW-jAli5gxMaE.roa (hash: cpq5fUvjVAhKKLO06wh9HRGgk0x/xpun3Cli9g36l8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:87:0f:40:19:c6:21:ca:8b:47:d7:45:93:45:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df Validity Not Before: Dec 24 21:01:17 2025 GMT Not After : Dec 25 21:01:17 2025 GMT Subject: CN=5952db534e008f0c947d460f37f9e648e255f20b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:81:e0:24:5b:00:6a:6e:16:88:d6:f5:3f:94: f9:86:ee:aa:21:58:f7:06:9d:06:81:1c:be:79:bf: 14:5c:da:81:fe:62:ff:33:51:74:3c:59:de:27:f2: c5:d2:6a:81:de:9b:93:70:4d:3e:78:8f:21:3d:ca: 24:2d:06:fc:1d:f0:90:a5:d0:40:69:77:dd:b5:d6: a9:13:ac:60:a9:c4:e1:07:5e:a1:9c:8c:aa:8a:3f: 22:b2:87:dd:d6:56:00:5d:67:8b:15:56:87:17:8b: 84:ec:3e:21:71:78:3d:84:74:7f:0c:20:2d:56:47: 3c:bb:4e:1c:55:fc:24:9b:b8:4f:25:a7:90:96:79: ca:93:dd:bf:14:de:00:c9:7a:9d:d5:92:3e:1b:db: 47:01:0b:07:b2:93:c6:49:e5:7d:83:66:a1:a4:88: 31:4c:e0:16:f2:5c:1d:4a:62:8f:02:3f:71:5f:22: f2:52:09:0a:56:e1:dc:23:37:be:a6:69:67:39:f4: e1:6e:f8:f9:98:45:95:cb:a7:a7:a2:2f:8e:10:bc: 12:db:01:d2:b4:2f:02:2c:62:fb:44:1f:fb:d2:dc: 78:c8:70:4a:fc:97:87:c6:4a:ae:18:52:04:fc:c8: b1:a5:60:84:45:93:4c:aa:cc:ed:11:1f:73:07:52: be:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:52:DB:53:4E:00:8F:0C:94:7D:46:0F:37:F9:E6:48:E2:55:F2:0B X509v3 Authority Key Identifier: keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:47:a8:79:63:e9:60:7d:b6:13:71:3e:69:bb:76:f9:9b:08: 7a:30:6a:30:ff:c7:2c:c7:64:11:d5:65:04:ce:7f:bd:32:ff: 57:85:b2:d9:93:a0:f0:31:83:c5:ee:eb:4f:d8:f6:d7:46:0c: 18:b6:83:f7:5f:c3:d4:81:d5:0e:14:93:1e:bf:d6:ec:6d:29: 49:c9:43:19:21:77:c5:76:54:6a:6f:23:e2:6f:c0:88:58:5f: 52:1a:1a:c3:58:32:c7:09:89:49:63:ff:24:1d:2c:84:9a:91: 1c:97:82:ff:21:5b:be:0f:d0:f6:7e:cc:03:8a:37:48:a9:73: dc:ea:49:28:78:91:3d:44:6c:2c:77:61:22:b4:49:39:46:f5: 28:bb:ca:04:26:6d:f2:43:db:ee:ab:d2:35:21:64:9d:39:dd: 77:d8:2c:e2:b2:61:b6:f6:73:ab:3a:b6:60:b5:55:57:08:9c: e8:5a:a6:83:1c:bf:ea:78:9a:59:d7:ce:91:26:f4:4b:39:8d: 3f:39:f9:4c:82:45:e0:90:c9:8a:a4:25:17:83:7f:fd:0b:63: aa:15:54:7c:b6:76:53:65:34:7e:94:e1:8f:1d:22:1f:9d:4a: f7:61:6f:b8:a6:14:33:fb:6a:7c:f2:ef:7a:e3:fe:8c:72:9c: 36:84:6b:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKocPQBnGIcqLR9dFk0W8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz OTI3ZGYwHhcNMjUxMjI0MjEwMTE3WhcNMjUxMjI1MjEwMTE3WjAzMTEwLwYDVQQD Eyg1OTUyZGI1MzRlMDA4ZjBjOTQ3ZDQ2MGYzN2Y5ZTY0OGUyNTVmMjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYHgJFsAam4WiNb1P5T5hu6qIVj3 Bp0GgRy+eb8UXNqB/mL/M1F0PFneJ/LF0mqB3puTcE0+eI8hPcokLQb8HfCQpdBA aXfdtdapE6xgqcThB16hnIyqij8isofd1lYAXWeLFVaHF4uE7D4hcXg9hHR/DCAt Vkc8u04cVfwkm7hPJaeQlnnKk92/FN4AyXqd1ZI+G9tHAQsHspPGSeV9g2ahpIgx TOAW8lwdSmKPAj9xXyLyUgkKVuHcIze+pmlnOfThbvj5mEWVy6enoi+OELwS2wHS tC8CLGL7RB/70tx4yHBK/JeHxkquGFIE/MixpWCERZNMqsztER9zB1K+VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFlS21NOAI8MlH1GDzf55kjiVfILMB8GA1UdIwQY MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASkeoeWPp YH22E3E+abt2+ZsIejBqMP/HLMdkEdVlBM5/vTL/V4Wy2ZOg8DGDxe7rT9j210YM GLaD91/D1IHVDhSTHr/W7G0pSclDGSF3xXZUam8j4m/AiFhfUhoaw1gyxwmJSWP/ JB0shJqRHJeC/yFbvg/Q9n7MA4o3SKlz3OpJKHiRPURsLHdhIrRJOUb1KLvKBCZt 8kPb7qvSNSFknTndd9gs4rJhtvZzqzq2YLVVVwic6Fqmgxy/6niaWdfOkSb0SzmN Pzn5TIJF4JDJiqQlF4N//QtjqhVUfLZ2U2U0fpThjx0iH51K92FvuKYUM/tqfPLv euP+jHKcNoRr8w== -----END CERTIFICATE-----Generated at Thu Dec 25 01:22:15 2025 by rpki-client