This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json) Hash identifier: fJrLkhjmry1S6U8SqwxcjkQGFTwr/JgsT+YJ29dyA0E= Subject key identifier: 2E:3D:FC:D5:22:AF:27:5C:90:48:B8:7A:7C:C4:11:EA:95:3B:E0:F7 Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Certificate serial: 019B481570DB2C41357D0C2FDF46127AD31B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft Manifest number: 0CE6 Signing time: Mon 22 Dec 2025 22:02:03 +0000 Manifest this update: Mon 22 Dec 2025 22:02:03 +0000 Manifest next update: Tue 23 Dec 2025 22:02:03 +0000 Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: eGthdTO1ReVc0Pc+SCuYF4rfidta+v1apnh8tffboEQ=) 2: YfAgsC_cdxTTdTc3lRuKLUA9Ek4.roa (hash: 6JxCw6QKy553BkYrq5SFqTFyUQePShSh+1QhYyHxmes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:70:db:2c:41:35:7d:0c:2f:df:46:12:7a:d3:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Validity Not Before: Dec 22 22:02:03 2025 GMT Not After : Dec 23 22:02:03 2025 GMT Subject: CN=2e3dfcd522af275c9048b87a7cc411ea953be0f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:a0:10:4d:53:6c:9e:47:44:14:24:c7:26:2a: f8:ed:ef:a2:95:c1:16:da:c6:f8:79:a6:01:2e:76: 1e:b8:66:c3:56:dc:c8:81:eb:1d:7e:58:69:7c:87: c7:3e:f1:0a:c8:8c:59:a7:35:cf:5a:43:52:f9:1e: a8:88:26:3b:8c:93:d8:63:39:44:3b:a1:00:ae:3b: 86:0c:61:83:6b:31:bb:78:bf:f8:dc:80:1f:9d:6b: 04:3e:21:dc:c0:cd:99:ed:a9:f6:c9:ab:f9:36:dd: 7c:e2:9a:43:84:fd:83:81:26:ed:2d:26:a2:4f:c5: ec:94:81:7a:18:80:88:c5:5a:dd:32:e2:c3:4d:85: a6:c1:4a:96:6a:bb:64:18:76:9a:78:17:96:db:87: cb:34:ac:bc:85:c7:eb:9d:e7:5b:38:2b:66:a8:c1: ea:c1:e7:fc:5b:44:b0:9e:39:a2:4a:8a:58:d5:80: 68:31:01:b5:08:12:81:1a:fe:c8:85:60:42:fa:94: a3:62:56:d0:7e:5f:86:37:a8:59:cb:7c:49:82:1d: 1a:5e:bc:c6:6c:8b:35:30:9a:b7:26:37:7a:54:19: f6:f5:9b:a5:fc:d4:d2:87:25:37:73:9b:7b:6b:2c: ce:d2:75:7a:4b:ca:48:44:36:30:b2:b4:a7:30:4a: c3:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:3D:FC:D5:22:AF:27:5C:90:48:B8:7A:7C:C4:11:EA:95:3B:E0:F7 X509v3 Authority Key Identifier: keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:e0:82:c4:8e:4b:96:36:13:92:dd:7e:1e:6d:dc:68:42:33: a3:73:6d:e5:31:85:18:f9:76:9c:02:0b:e6:fe:0d:a4:f9:25: 54:c7:77:15:24:c1:b3:5e:85:cb:92:e6:ca:a5:06:0f:4c:c3: e6:1d:c6:dd:0f:40:80:bf:1e:9b:95:9b:e4:47:a7:c8:1a:cc: 2c:76:d2:db:fd:8a:8a:a7:53:3a:f0:16:b8:cc:cb:4e:b4:8b: 2e:35:a9:82:6b:18:e4:e7:d1:7e:b5:fd:1b:ee:6b:7a:81:f3: dd:9d:66:bd:3c:47:21:30:df:ae:5f:05:0c:8a:18:c6:5f:dc: 7a:d9:32:8f:58:ba:14:53:e1:55:56:f1:07:96:50:6a:12:4c: 1f:47:77:df:a0:4e:6b:e7:49:84:45:46:2c:62:21:62:26:c7: 5f:a3:e5:06:97:31:27:25:40:f1:03:19:b8:18:ab:dc:c9:1c: 1e:e6:21:6c:01:58:78:90:88:d9:e7:fd:d1:e0:66:ab:50:ea: eb:e6:e2:8f:8e:d5:8f:85:b9:67:de:72:bf:96:84:10:82:73: 1f:4c:f3:4a:27:25:59:f0:a4:76:c4:b6:d6:cc:8c:91:9d:33: 6e:2c:dc:aa:68:58:e4:66:dc:6c:12:10:37:c0:45:01:4b:7e: 92:6f:56:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFXDbLEE1fQwv30YSetMbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3 NWU5NTUwHhcNMjUxMjIyMjIwMjAzWhcNMjUxMjIzMjIwMjAzWjAzMTEwLwYDVQQD EygyZTNkZmNkNTIyYWYyNzVjOTA0OGI4N2E3Y2M0MTFlYTk1M2JlMGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aAQTVNsnkdEFCTHJir47e+ilcEW 2sb4eaYBLnYeuGbDVtzIgesdflhpfIfHPvEKyIxZpzXPWkNS+R6oiCY7jJPYYzlE O6EArjuGDGGDazG7eL/43IAfnWsEPiHcwM2Z7an2yav5Nt184ppDhP2DgSbtLSai T8XslIF6GICIxVrdMuLDTYWmwUqWartkGHaaeBeW24fLNKy8hcfrnedbOCtmqMHq wef8W0SwnjmiSopY1YBoMQG1CBKBGv7IhWBC+pSjYlbQfl+GN6hZy3xJgh0aXrzG bIs1MJq3Jjd6VBn29Zul/NTShyU3c5t7ayzO0nV6S8pIRDYwsrSnMErDSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC49/NUirydckEi4enzEEeqVO+D3MB8GA1UdIwQY MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5 LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa+CCxI5L ljYTkt1+Hm3caEIzo3Nt5TGFGPl2nAIL5v4NpPklVMd3FSTBs16Fy5LmyqUGD0zD 5h3G3Q9AgL8em5Wb5EenyBrMLHbS2/2KiqdTOvAWuMzLTrSLLjWpgmsY5OfRfrX9 G+5reoHz3Z1mvTxHITDfrl8FDIoYxl/cetkyj1i6FFPhVVbxB5ZQahJMH0d336BO a+dJhEVGLGIhYibHX6PlBpcxJyVA8QMZuBir3MkcHuYhbAFYeJCI2ef90eBmq1Dq 6+bij47Vj4W5Z95yv5aEEIJzH0zzSiclWfCkdsS21syMkZ0zbizcqmhY5GbcbBIQ N8BFAUt+km9W2w== -----END CERTIFICATE-----Generated at Tue Dec 23 04:08:18 2025 by rpki-client