This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft File: 2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json) Hash identifier: fd+X6i+0vkFwyfXIjOzKT6npTcBSGzukXExlRxGuCBg= Subject key identifier: 24:D5:4C:9C:4D:FF:99:78:7D:11:79:A7:E5:27:7F:67:1C:0C:F8:7C Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a Certificate serial: 019B43C9DD499C4C7649F82B4FA58A0F43CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft Manifest number: 1359 Signing time: Mon 22 Dec 2025 02:01:01 +0000 Manifest this update: Mon 22 Dec 2025 02:01:01 +0000 Manifest next update: Tue 23 Dec 2025 02:01:01 +0000 Files and hashes: 1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: sV1oLwJrMci3fP/NLzylHx5e06Bay0qEpvi45dxnLFA=) 2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 02:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:c9:dd:49:9c:4c:76:49:f8:2b:4f:a5:8a:0f:43:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a Validity Not Before: Dec 22 02:01:01 2025 GMT Not After : Dec 23 02:01:01 2025 GMT Subject: CN=24d54c9c4dff99787d1179a7e5277f671c0cf87c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:6d:d6:fb:f4:6b:c7:4c:8f:75:84:fa:55:73: 25:56:40:70:0f:9b:fb:97:16:36:20:94:4d:f6:b9: fa:4c:d4:f6:2b:95:1c:d4:6d:98:5f:62:f4:f2:82: 78:fe:a6:7b:f1:e4:31:c5:c9:f7:10:b2:76:d6:57: e0:8e:aa:ba:c7:98:a5:97:a4:c0:4c:0b:fb:bb:dc: 2a:7a:75:2a:a7:ae:18:a4:2f:77:b4:18:24:5d:94: 05:b8:50:e1:b7:de:2e:57:36:e2:d5:6b:a7:f4:80: dc:fc:b8:97:72:ea:ad:a2:ad:e0:d6:be:ae:b4:53: d5:85:de:6f:d9:ee:a4:cf:6c:5f:13:e4:21:23:cf: 39:cd:a6:7c:84:e0:bc:17:a0:02:a6:9c:6d:b2:6a: e8:4e:43:cf:13:a8:47:72:19:6a:d2:55:ae:40:29: df:24:7f:db:14:e0:a4:19:45:91:00:5a:89:63:09: 22:d6:d0:ba:05:9a:87:82:c8:2b:ac:d2:e2:f3:18: b8:fb:da:8f:a3:60:4c:d3:85:5e:29:e3:06:1f:5e: a7:29:dd:63:04:12:aa:4b:0a:7f:68:93:66:16:99: db:90:0d:75:5d:e2:dc:a7:e0:46:3f:47:04:28:05: 6e:72:bf:99:28:f0:61:fb:48:4c:b0:42:ae:dd:e3: 8f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:D5:4C:9C:4D:FF:99:78:7D:11:79:A7:E5:27:7F:67:1C:0C:F8:7C X509v3 Authority Key Identifier: keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:73:79:0c:8c:3e:f4:79:c6:90:5e:88:5d:55:1e:b8:b7:c6: 28:ad:f6:41:c1:5c:5c:c3:b6:cf:b6:b7:11:bb:9c:6b:6b:ee: f7:e0:81:47:fe:4c:e6:e7:18:a8:5b:6b:c2:51:11:f8:e4:c9: 58:d0:bb:8b:19:89:00:69:34:48:9e:9d:9f:3d:59:1e:ef:db: 60:e5:8f:50:a9:70:c3:b9:04:53:e9:7d:18:04:a3:b8:9a:1a: 8e:e8:b7:df:24:64:a0:e9:f9:68:0f:52:02:24:a0:ed:f4:9a: 5a:df:6b:26:90:9b:a5:43:e4:b1:40:cb:d9:65:a6:ff:f5:fb: a6:80:46:92:b9:29:7b:70:ea:f7:40:ae:7b:62:0a:78:ba:50: 20:8a:07:18:50:32:04:7e:a6:3c:3f:d0:32:fb:e1:b6:58:0e: 98:ed:25:13:f4:49:8a:82:3d:74:97:1d:f5:51:42:74:0b:3e: fe:3d:b0:af:2e:5d:d2:86:54:ed:19:c5:aa:7c:a2:0c:21:b5: 35:5b:b4:35:4e:df:26:1b:b7:88:c6:74:11:cd:ba:fe:fd:76: bd:0a:07:db:9d:31:79:4e:5b:0b:6f:f6:b2:06:e8:bd:66:99: 3c:d1:fd:bd:0d:3f:27:bd:13:a4:9d:66:05:1b:ab:9f:ce:91: 40:44:c5:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDyd1JnEx2SfgrT6WKD0PLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0 ZTEzNWEwHhcNMjUxMjIyMDIwMTAxWhcNMjUxMjIzMDIwMTAxWjAzMTEwLwYDVQQD EygyNGQ1NGM5YzRkZmY5OTc4N2QxMTc5YTdlNTI3N2Y2NzFjMGNmODdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW3W+/Rrx0yPdYT6VXMlVkBwD5v7 lxY2IJRN9rn6TNT2K5Uc1G2YX2L08oJ4/qZ78eQxxcn3ELJ21lfgjqq6x5ill6TA TAv7u9wqenUqp64YpC93tBgkXZQFuFDht94uVzbi1Wun9IDc/LiXcuqtoq3g1r6u tFPVhd5v2e6kz2xfE+QhI885zaZ8hOC8F6ACppxtsmroTkPPE6hHchlq0lWuQCnf JH/bFOCkGUWRAFqJYwki1tC6BZqHgsgrrNLi8xi4+9qPo2BM04VeKeMGH16nKd1j BBKqSwp/aJNmFpnbkA11XeLcp+BGP0cEKAVucr+ZKPBh+0hMsEKu3eOPZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCTVTJxN/5l4fRF5p+Unf2ccDPh8MB8GA1UdIwQY MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG3N5DIw+ 9HnGkF6IXVUeuLfGKK32QcFcXMO2z7a3Ebuca2vu9+CBR/5M5ucYqFtrwlER+OTJ WNC7ixmJAGk0SJ6dnz1ZHu/bYOWPUKlww7kEU+l9GASjuJoajui33yRkoOn5aA9S AiSg7fSaWt9rJpCbpUPksUDL2WWm//X7poBGkrkpe3Dq90Cue2IKeLpQIIoHGFAy BH6mPD/QMvvhtlgOmO0lE/RJioI9dJcd9VFCdAs+/j2wry5d0oZU7RnFqnyiDCG1 NVu0NU7fJhu3iMZ0Ec26/v12vQoH250xeU5bC2/2sgbovWaZPNH9vQ0/J70TpJ1m BRurn86RQETFAA== -----END CERTIFICATE-----Generated at Mon Dec 22 10:05:45 2025 by rpki-client