This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft File: 2zdeFqGTZ96ZuySsEV0lmioEgaw.mft (raw, json) Hash identifier: HBfxINPNckwhxQaPpMlTAqjmu7HAGAVnlXeSRUDlYJs= Subject key identifier: E0:76:A5:1C:16:A0:16:D6:9C:2A:88:2F:3E:82:A7:84:0A:E4:FA:A2 Authority key identifier: DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC Certificate issuer: /CN=db375e16a19367de99bb24ac115d259a2a0481ac Certificate serial: 019B3E6D984B755968A21F7EFEB23618AFF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft Manifest number: 0D22 Signing time: Sun 21 Dec 2025 01:02:08 +0000 Manifest this update: Sun 21 Dec 2025 01:02:08 +0000 Manifest next update: Mon 22 Dec 2025 01:02:08 +0000 Files and hashes: 1: 2zdeFqGTZ96ZuySsEV0lmioEgaw.crl (hash: SgLAC4c09iOli9jwgCD4Tiq4jE679CWMdlhThAYXbIU=) 2: x6hLDer_XW1q_iEu4GXkzkZyC4s.roa (hash: WqVvea5/LNqbNIIZsdml33Mg9/QcNbUM12u8YdmaIWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:98:4b:75:59:68:a2:1f:7e:fe:b2:36:18:af:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db375e16a19367de99bb24ac115d259a2a0481ac Validity Not Before: Dec 21 01:02:08 2025 GMT Not After : Dec 22 01:02:08 2025 GMT Subject: CN=e076a51c16a016d69c2a882f3e82a7840ae4faa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:97:d2:c6:4e:20:49:e7:e8:69:fa:9b:f6:49: 78:d9:d8:b7:5a:85:03:41:ce:bb:d9:f2:31:5e:2a: 55:1d:10:17:5b:e1:50:ac:11:7c:42:8d:a0:f1:09: 5c:8a:dd:43:0e:3f:28:e4:83:5c:b7:44:05:eb:98: 5f:c3:a5:ae:f7:53:0b:bd:e1:15:b4:57:f9:d0:1a: f2:bf:ef:10:cc:ab:4b:54:b1:d2:62:a1:ef:6d:ea: dc:87:2a:54:5e:32:00:a9:8f:cc:7b:c3:04:f8:23: ef:38:61:89:80:67:ab:2f:3f:7b:81:dd:20:0a:b7: 60:6b:3a:36:1c:55:81:b3:f8:15:b2:16:95:e9:14: 4a:f1:69:5c:67:b7:b2:54:62:43:79:ab:e5:5f:ed: 22:9b:af:f7:5b:59:21:b7:0f:79:af:d6:27:6a:04: 6c:e3:7d:42:8b:83:89:40:f1:2c:fb:38:9a:2c:5c: 06:e8:8d:d5:98:b4:d0:09:b8:6d:0c:53:1e:2b:78: f1:67:f7:3b:9f:71:ca:4a:f4:04:f4:57:91:b5:64: 67:eb:34:fc:0e:ab:5a:12:14:46:56:9d:3c:91:f3: 90:11:f2:fd:69:a5:f1:b1:b6:db:da:18:1e:c2:ab: 47:7f:ee:f6:b8:e4:80:c0:2f:72:1c:8c:db:91:29: 0f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:76:A5:1C:16:A0:16:D6:9C:2A:88:2F:3E:82:A7:84:0A:E4:FA:A2 X509v3 Authority Key Identifier: keyid:DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:f8:a3:3d:24:b7:a0:5e:ea:2e:c3:28:35:66:7d:92:85:53: 64:2b:4f:45:69:50:dc:a2:86:f9:47:8a:88:4c:46:e4:73:e2: f5:14:99:49:fd:8f:5f:34:9e:50:86:c8:cb:e6:22:ab:d9:55: de:9d:14:d8:98:bc:37:6e:09:16:93:fe:dd:cc:93:5a:6a:ed: 54:7b:3f:48:cc:ff:cf:76:d7:5b:e7:67:2c:eb:e3:df:29:11: ca:80:48:cd:b3:36:0a:88:a2:ea:b7:ac:1d:47:47:9a:b9:a5: e5:96:41:a9:f5:05:a6:89:29:ea:f3:52:05:03:c3:be:5c:90: 82:21:1a:c8:ef:e8:8a:ef:f3:c2:e0:56:6e:b6:18:5e:7c:f8: 13:76:9b:09:22:7c:34:46:ed:fc:11:b0:af:ab:8a:53:ad:a8: d6:51:71:65:a1:64:eb:24:e3:3f:c0:0d:8e:aa:9a:26:64:1b: fa:f4:0d:a0:ea:ae:b8:5c:2e:49:68:32:d4:17:61:ef:c6:c7: 5d:d0:28:bc:ba:94:b3:46:f0:d8:c2:fe:e7:67:7f:c0:56:5a: ee:5b:2c:ec:65:ac:d8:a5:3d:b9:84:3b:d3:ae:c9:fc:9c:c0: 60:c6:9b:ce:f5:a9:b7:6c:1c:c9:91:16:4f:d9:63:c9:fa:56: 66:00:11:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bZhLdVlooh9+/rI2GK/yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMzc1ZTE2YTE5MzY3ZGU5OWJiMjRhYzExNWQyNTlhMmEw NDgxYWMwHhcNMjUxMjIxMDEwMjA4WhcNMjUxMjIyMDEwMjA4WjAzMTEwLwYDVQQD EyhlMDc2YTUxYzE2YTAxNmQ2OWMyYTg4MmYzZTgyYTc4NDBhZTRmYWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJfSxk4gSefoafqb9kl42di3WoUD Qc672fIxXipVHRAXW+FQrBF8Qo2g8Qlcit1DDj8o5INct0QF65hfw6Wu91MLveEV tFf50Bryv+8QzKtLVLHSYqHvberchypUXjIAqY/Me8ME+CPvOGGJgGerLz97gd0g Crdgazo2HFWBs/gVshaV6RRK8WlcZ7eyVGJDeavlX+0im6/3W1khtw95r9YnagRs 431Ci4OJQPEs+ziaLFwG6I3VmLTQCbhtDFMeK3jxZ/c7n3HKSvQE9FeRtWRn6zT8 DqtaEhRGVp08kfOQEfL9aaXxsbbb2hgewqtHf+72uOSAwC9yHIzbkSkPIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOB2pRwWoBbWnCqILz6Cp4QK5PqiMB8GA1UdIwQY MBaAFNs3Xhahk2fembskrBFdJZoqBIGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2Ut NWI4NmJhNTg1OTIyLzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2UtNWI4NmJhNTg1OTIy LzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVvijPSS3 oF7qLsMoNWZ9koVTZCtPRWlQ3KKG+UeKiExG5HPi9RSZSf2PXzSeUIbIy+Yiq9lV 3p0U2Ji8N24JFpP+3cyTWmrtVHs/SMz/z3bXW+dnLOvj3ykRyoBIzbM2Coii6res HUdHmrml5ZZBqfUFpokp6vNSBQPDvlyQgiEayO/oiu/zwuBWbrYYXnz4E3abCSJ8 NEbt/BGwr6uKU62o1lFxZaFk6yTjP8ANjqqaJmQb+vQNoOquuFwuSWgy1Bdh78bH XdAovLqUs0bw2ML+52d/wFZa7lss7GWs2KU9uYQ7067J/JzAYMabzvWpt2wcyZEW T9ljyfpWZgAR7Q== -----END CERTIFICATE-----Generated at Sun Dec 21 07:09:39 2025 by rpki-client