This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft File: 2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json) Hash identifier: muCuTIMPUzf0QRyHX7wUc9Ve3UduNNu0bLnNIZ/0cCw= Subject key identifier: C4:EC:7F:44:32:7F:59:5F:76:90:F1:A1:DB:22:5D:DE:EC:02:F3:1F Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB Certificate issuer: /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb Certificate serial: 019B2B1E79585C402B2C3F229BCE62E3716D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft Manifest number: 1084 Signing time: Wed 17 Dec 2025 07:02:55 +0000 Manifest this update: Wed 17 Dec 2025 07:02:55 +0000 Manifest next update: Thu 18 Dec 2025 07:02:55 +0000 Files and hashes: 1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: M14y/hAXuw34SygYdid86lYNusFjRzNlVOQIZCwcuSY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1e:79:58:5c:40:2b:2c:3f:22:9b:ce:62:e3:71:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb Validity Not Before: Dec 17 07:02:55 2025 GMT Not After : Dec 18 07:02:55 2025 GMT Subject: CN=c4ec7f44327f595f7690f1a1db225ddeec02f31f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ae:b9:b4:67:63:9f:80:01:18:d5:4f:69:42: ba:fe:f1:5c:e4:6c:e4:9d:39:aa:3f:49:38:ae:53: 53:87:26:48:68:21:83:34:2c:91:7f:30:3c:c8:0b: 3f:84:c5:10:61:4f:a9:ce:f0:11:2e:f8:cf:3e:fa: 23:f6:3f:b9:6b:19:2f:d3:e5:3b:22:02:0b:3f:ce: ad:00:d2:56:63:81:b3:62:8e:02:bd:f1:d3:93:6d: aa:a0:06:5e:a5:44:1c:80:d7:b2:84:53:60:59:57: cd:8f:02:c2:72:45:da:1e:b3:83:63:3a:f6:c8:55: 53:b7:d8:51:28:2b:33:52:27:7b:29:f4:8a:30:a7: cd:d9:b1:9a:b6:bd:9e:d1:34:ae:e5:f0:e0:7b:4f: 79:84:15:6c:87:4c:5e:c0:16:43:b2:78:d7:26:6f: cf:65:2b:3f:86:06:c0:16:37:4e:3f:c9:85:15:17: f1:4d:0b:98:cd:2e:95:da:c3:3b:47:fb:a9:98:cd: be:b1:48:9d:8b:64:c0:e0:ea:1a:26:21:07:60:d7: 87:a7:34:8a:99:55:ad:60:46:ff:b7:6a:d1:b4:c4: 41:2b:d1:47:13:cb:ca:18:8b:59:e5:7a:df:7b:ba: f5:fa:10:5e:69:45:c6:f7:83:29:cb:2e:f0:7e:c1: 4d:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:EC:7F:44:32:7F:59:5F:76:90:F1:A1:DB:22:5D:DE:EC:02:F3:1F X509v3 Authority Key Identifier: keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:64:a0:a5:ce:1d:af:02:c1:0d:5d:fc:4e:40:58:95:2e:49: a8:d7:f7:e3:67:c6:6a:e1:29:18:1f:7a:4f:46:ea:83:78:87: 08:96:15:25:60:2e:44:74:6b:8f:b2:1a:97:36:0a:98:00:88: 6b:c9:07:e3:e4:99:51:91:d5:20:d7:f4:b6:d8:03:fe:9b:5a: c4:4d:18:77:ef:22:fe:fc:82:34:78:38:f5:ae:0c:51:7d:08: 33:b1:ca:5c:0f:26:39:38:87:b6:f7:51:90:a2:c6:0a:5f:5c: 01:17:08:97:e2:3e:c5:ed:a0:85:ed:a0:49:9f:8c:d5:70:cc: 67:0f:97:04:ec:28:60:98:26:c6:4f:ad:2b:69:c0:d0:1d:00: 74:69:a4:60:fa:a5:e3:ad:bb:fa:bb:e2:3b:46:3a:f5:a2:b3: 02:de:fd:87:f1:7d:b5:92:22:df:c6:b5:74:5f:32:86:2a:b7: 64:35:d2:19:d1:24:d8:d6:fb:f6:bc:56:f1:14:8a:94:db:9b: 88:a0:b5:e2:17:14:18:3f:60:61:49:a6:9e:6f:b8:ee:80:e9: 74:02:9b:9d:cb:fd:d6:b9:e3:69:16:48:e3:1c:65:7f:0c:d4: c1:71:78:0c:0b:66:3a:71:bc:75:ab:24:73:dc:90:c2:f2:cc: 29:c6:bb:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHnlYXEArLD8im85i43FtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz M2RjY2IwHhcNMjUxMjE3MDcwMjU1WhcNMjUxMjE4MDcwMjU1WjAzMTEwLwYDVQQD EyhjNGVjN2Y0NDMyN2Y1OTVmNzY5MGYxYTFkYjIyNWRkZWVjMDJmMzFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv665tGdjn4ABGNVPaUK6/vFc5Gzk nTmqP0k4rlNThyZIaCGDNCyRfzA8yAs/hMUQYU+pzvARLvjPPvoj9j+5axkv0+U7 IgILP86tANJWY4GzYo4CvfHTk22qoAZepUQcgNeyhFNgWVfNjwLCckXaHrODYzr2 yFVTt9hRKCszUid7KfSKMKfN2bGatr2e0TSu5fDge095hBVsh0xewBZDsnjXJm/P ZSs/hgbAFjdOP8mFFRfxTQuYzS6V2sM7R/upmM2+sUidi2TA4OoaJiEHYNeHpzSK mVWtYEb/t2rRtMRBK9FHE8vKGItZ5Xrfe7r1+hBeaUXG94Mpyy7wfsFNwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMTsf0Qyf1lfdpDxodsiXd7sAvMfMB8GA1UdIwQY MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3 LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWSgpc4d rwLBDV38TkBYlS5JqNf342fGauEpGB96T0bqg3iHCJYVJWAuRHRrj7IalzYKmACI a8kH4+SZUZHVINf0ttgD/ptaxE0Yd+8i/vyCNHg49a4MUX0IM7HKXA8mOTiHtvdR kKLGCl9cARcIl+I+xe2ghe2gSZ+M1XDMZw+XBOwoYJgmxk+tK2nA0B0AdGmkYPql 4627+rviO0Y69aKzAt79h/F9tZIi38a1dF8yhiq3ZDXSGdEk2Nb79rxW8RSKlNub iKC14hcUGD9gYUmmnm+47oDpdAKbncv91rnjaRZI4xxlfwzUwXF4DAtmOnG8dask c9yQwvLMKca7lw== -----END CERTIFICATE-----Generated at Wed Dec 17 16:52:08 2025 by rpki-client