This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft File: _2szYaGioA284xkBmCf-u3Fb0EQ.mft (raw, json) Hash identifier: DrItvAZ0k/GDcEizTbzzVhdSL8orFxH4LCOKcAsbqoU= Subject key identifier: 86:28:25:52:20:05:D1:35:48:DA:43:58:03:77:25:39:C5:E9:23:73 Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044 Certificate serial: 019B3F117910FFFD71A68C445BC002F61C0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft Manifest number: 16EC Signing time: Sun 21 Dec 2025 04:01:08 +0000 Manifest this update: Sun 21 Dec 2025 04:01:08 +0000 Manifest next update: Mon 22 Dec 2025 04:01:08 +0000 Files and hashes: 1: WWNEma98vqvt3aWub4KvZrisRPY.roa (hash: 8ej/FxtmoHvT2+4JYPncO9OF+5JwUWMEm2sRynTw/0U=) 2: _2szYaGioA284xkBmCf-u3Fb0EQ.crl (hash: uX87cSfUebgA90ikVH2qBnlujlPNYEWmuaxfRn93Fs0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:79:10:ff:fd:71:a6:8c:44:5b:c0:02:f6:1c:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044 Validity Not Before: Dec 21 04:01:08 2025 GMT Not After : Dec 22 04:01:08 2025 GMT Subject: CN=862825522005d13548da435803772539c5e92373 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b6:b4:77:b8:6b:0e:02:18:28:ed:88:aa:4a: 6e:be:0c:dc:dc:59:6f:19:75:57:b2:fc:37:e7:b9: 5a:db:2c:8d:37:98:a1:87:fa:19:a9:87:6b:8a:c2: 04:0a:8e:39:09:03:c3:72:8c:c4:d8:d7:84:4e:1e: 35:d7:ba:53:1d:0c:1a:9f:dd:41:74:5b:7e:36:9d: 2f:d9:79:51:df:33:7c:dd:44:e8:5f:b5:d8:9e:be: 4b:d8:aa:9b:0d:52:12:61:32:fb:2c:0c:06:e5:cc: db:5d:bc:a4:b4:ef:4d:c8:8b:f9:02:c0:72:1b:3e: 97:af:a9:2c:6d:5c:4a:65:33:84:99:7c:78:d2:93: e4:75:b6:eb:15:87:75:4b:79:74:09:6d:a1:af:94: b3:e2:2e:3d:df:58:11:1c:db:ab:57:4d:18:91:06: a2:77:35:e2:1b:08:0a:fa:77:4a:90:97:69:29:55: 85:06:dc:1e:53:cb:a2:98:94:55:e3:f4:7c:e2:b5: 35:8f:b4:5f:76:6b:3e:06:f4:41:cd:5d:f3:a9:e3: 44:d3:f7:0a:95:86:90:0d:b0:5f:8f:0e:cb:76:68: a7:a6:24:5e:f5:df:74:88:02:b3:5a:4c:70:db:f0: 1c:74:ae:a1:12:ed:05:3f:b0:25:42:41:81:54:fb: a2:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:28:25:52:20:05:D1:35:48:DA:43:58:03:77:25:39:C5:E9:23:73 X509v3 Authority Key Identifier: keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:17:5d:94:62:84:7f:e5:ea:e3:ce:eb:a5:63:5e:08:b8:89: ef:61:b0:5b:61:75:3d:6b:64:61:37:3b:80:fc:a5:c9:8c:04: a9:7a:1b:e1:56:f6:59:30:40:58:c7:df:e4:13:bb:1d:e5:26: 40:77:61:43:28:97:87:d6:ff:55:66:af:e8:ea:cc:89:e0:b6: b2:ef:f4:a0:a6:3f:35:ed:7a:1f:90:22:d3:73:f9:87:ae:ee: be:fb:79:e0:1d:f1:20:95:03:31:98:2f:d1:3d:7e:da:0a:b4: e7:c7:6a:db:ff:e3:ae:8c:50:63:fe:4f:f3:44:79:99:45:1a: b5:5e:ff:84:4b:5e:57:dc:d5:a9:09:7c:de:76:49:2b:b9:e2: 00:3a:c1:32:2b:43:ea:da:0a:85:f1:1e:8e:52:e9:2f:89:ab: 00:25:55:9d:15:39:35:1f:cd:42:c9:fc:09:26:13:eb:55:64: 44:cc:5e:0d:86:18:6d:15:ee:3d:39:96:ee:7d:a5:a0:c3:1f: 7d:64:cb:29:cf:71:29:35:ba:13:42:1c:ee:08:e8:29:2a:0f: f8:ec:e0:f9:57:2a:ad:e1:0e:1e:b3:ee:87:fa:90:43:fa:6f: f9:2a:9e:9a:62:53:38:f3:5e:d1:05:f4:c0:e3:70:09:c6:f7: f2:06:15:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/EXkQ//1xpoxEW8AC9hwPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1 YmQwNDQwHhcNMjUxMjIxMDQwMTA4WhcNMjUxMjIyMDQwMTA4WjAzMTEwLwYDVQQD Eyg4NjI4MjU1MjIwMDVkMTM1NDhkYTQzNTgwMzc3MjUzOWM1ZTkyMzczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsba0d7hrDgIYKO2Iqkpuvgzc3Flv GXVXsvw357la2yyNN5ihh/oZqYdrisIECo45CQPDcozE2NeETh4117pTHQwan91B dFt+Np0v2XlR3zN83UToX7XYnr5L2KqbDVISYTL7LAwG5czbXbyktO9NyIv5AsBy Gz6Xr6ksbVxKZTOEmXx40pPkdbbrFYd1S3l0CW2hr5Sz4i4931gRHNurV00YkQai dzXiGwgK+ndKkJdpKVWFBtweU8uimJRV4/R84rU1j7Rfdms+BvRBzV3zqeNE0/cK lYaQDbBfjw7LdminpiRe9d90iAKzWkxw2/AcdK6hEu0FP7AlQkGBVPuizQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIYoJVIgBdE1SNpDWAN3JTnF6SNzMB8GA1UdIwQY MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt ZjYyMzIwOTUxYTM2LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2 LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANBddlGKE f+Xq487rpWNeCLiJ72GwW2F1PWtkYTc7gPylyYwEqXob4Vb2WTBAWMff5BO7HeUm QHdhQyiXh9b/VWav6OrMieC2su/0oKY/Ne16H5Ai03P5h67uvvt54B3xIJUDMZgv 0T1+2gq058dq2//jroxQY/5P80R5mUUatV7/hEteV9zVqQl83nZJK7niADrBMitD 6toKhfEejlLpL4mrACVVnRU5NR/NQsn8CSYT61VkRMxeDYYYbRXuPTmW7n2loMMf fWTLKc9xKTW6E0Ic7gjoKSoP+Ozg+VcqreEOHrPuh/qQQ/pv+SqemmJTOPNe0QX0 wONwCcb38gYVAQ== -----END CERTIFICATE-----Generated at Sun Dec 21 13:03:45 2025 by rpki-client