This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft File: 2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json) Hash identifier: 4Y5MrvdDdi188n6SRs5FULbp7QpX0NCSL4wCV6l1Cik= Subject key identifier: 56:F5:EA:1C:8D:9A:29:50:45:31:F0:8F:EE:E4:DA:36:31:D5:19:67 Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61 Certificate issuer: /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61 Certificate serial: 019B4392F74AC3882FCC85315386620E747F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft Manifest number: 1257 Signing time: Mon 22 Dec 2025 01:01:03 +0000 Manifest this update: Mon 22 Dec 2025 01:01:03 +0000 Manifest next update: Tue 23 Dec 2025 01:01:03 +0000 Files and hashes: 1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: 6HicJjV3x3OLnni363Z50DMWNg3HeaczXxschfPMk+s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 01:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:f7:4a:c3:88:2f:cc:85:31:53:86:62:0e:74:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61 Validity Not Before: Dec 22 01:01:03 2025 GMT Not After : Dec 23 01:01:03 2025 GMT Subject: CN=56f5ea1c8d9a29504531f08feee4da3631d51967 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9c:7f:0b:a1:cf:97:2f:e5:b7:12:1c:94:40: a5:f9:30:14:f6:bb:ca:87:02:74:d9:7e:70:e5:86: 35:7a:ec:08:5f:ed:f3:e0:75:da:2b:1e:59:96:37: d1:10:84:11:38:9d:3a:32:a2:cf:0e:dc:af:f9:c6: f0:73:ef:3c:86:39:a2:18:26:88:6f:c8:77:8f:32: 3a:53:d2:d7:93:b9:f0:3e:17:7c:16:70:fe:53:2f: fe:d3:7a:6d:92:fc:1c:76:8d:8a:02:ad:6e:9a:a2: e4:f1:f6:28:fc:d8:4b:93:e7:bf:03:a5:8b:ab:7f: 14:d1:d0:e3:7f:a3:3e:b5:c1:42:8a:47:7c:4f:dd: 1f:a4:1a:25:ae:36:c2:83:e9:0d:0b:45:09:82:71: b2:2b:33:c2:1c:7e:0b:81:af:9c:4b:73:47:79:ee: 67:af:b7:f5:6f:bd:f9:44:e2:fc:94:f4:ab:2d:1b: 6b:64:33:27:74:2a:cc:e1:66:40:37:26:17:75:cf: ad:f2:5e:74:5a:df:d8:f6:f2:c2:41:9e:f7:33:de: 3b:8a:5c:34:0d:a2:38:30:9b:fa:0b:79:30:c4:95: 5f:b6:59:38:56:2b:d3:06:ce:41:04:b8:e3:23:cb: 04:f7:68:e2:91:81:73:22:13:9d:53:c2:d1:39:f9: b3:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:F5:EA:1C:8D:9A:29:50:45:31:F0:8F:EE:E4:DA:36:31:D5:19:67 X509v3 Authority Key Identifier: keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:af:3b:12:88:4f:b6:df:35:86:c7:f7:2a:4c:e1:97:3a:14: f4:78:de:37:18:1b:55:7a:e8:81:7c:e0:50:89:74:5a:0e:f0: 69:6a:ec:6d:04:57:04:fd:b2:73:f6:e6:c0:b2:89:cb:f2:b7: 1c:31:79:b3:64:83:e0:60:d3:bb:65:9c:37:fe:6d:08:e5:66: fc:a2:07:2d:29:eb:a4:20:78:5f:17:66:91:ae:3a:e9:f9:29: ef:77:60:d0:f8:50:94:9c:b3:7a:f9:16:68:d8:de:78:a9:84: 34:2b:ca:97:9f:75:56:d1:b3:82:69:80:b5:71:d7:a6:19:32: 23:f5:38:2b:2a:70:53:2a:88:eb:d2:91:d0:71:8d:b2:be:6d: 79:65:68:aa:4a:6b:1b:48:ff:cb:a1:68:6c:dc:c2:2c:9a:5a: 10:66:8f:89:75:b9:b8:b9:68:c7:e6:72:45:eb:52:89:2e:6d: 75:4f:0d:02:7a:69:fa:a4:c6:9b:6f:c1:1b:08:0b:ae:5b:f2: 85:67:f6:b5:72:1f:35:40:7f:f0:af:75:56:34:c4:70:6a:a8: 36:d5:1f:bd:ed:a4:d2:cc:04:c4:2a:49:cd:ad:91:4a:0c:71: 56:74:06:ae:3b:67:8a:8b:44:d7:1d:b1:38:52:34:4a:ea:32: bc:87:26:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkvdKw4gvzIUxU4ZiDnR/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl ZjFjNjEwHhcNMjUxMjIyMDEwMTAzWhcNMjUxMjIzMDEwMTAzWjAzMTEwLwYDVQQD Eyg1NmY1ZWExYzhkOWEyOTUwNDUzMWYwOGZlZWU0ZGEzNjMxZDUxOTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZx/C6HPly/ltxIclECl+TAU9rvK hwJ02X5w5YY1euwIX+3z4HXaKx5ZljfREIQROJ06MqLPDtyv+cbwc+88hjmiGCaI b8h3jzI6U9LXk7nwPhd8FnD+Uy/+03ptkvwcdo2KAq1umqLk8fYo/NhLk+e/A6WL q38U0dDjf6M+tcFCikd8T90fpBolrjbCg+kNC0UJgnGyKzPCHH4Lga+cS3NHee5n r7f1b735ROL8lPSrLRtrZDMndCrM4WZANyYXdc+t8l50Wt/Y9vLCQZ73M947ilw0 DaI4MJv6C3kwxJVftlk4VivTBs5BBLjjI8sE92jikYFzIhOdU8LROfmz2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFb16hyNmilQRTHwj+7k2jYx1RlnMB8GA1UdIwQY MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHK87EohP tt81hsf3KkzhlzoU9HjeNxgbVXrogXzgUIl0Wg7waWrsbQRXBP2yc/bmwLKJy/K3 HDF5s2SD4GDTu2WcN/5tCOVm/KIHLSnrpCB4Xxdmka466fkp73dg0PhQlJyzevkW aNjeeKmENCvKl591VtGzgmmAtXHXphkyI/U4KypwUyqI69KR0HGNsr5teWVoqkpr G0j/y6FobNzCLJpaEGaPiXW5uLlox+ZyRetSiS5tdU8NAnpp+qTGm2/BGwgLrlvy hWf2tXIfNUB/8K91VjTEcGqoNtUfve2k0swExCpJza2RSgxxVnQGrjtniotE1x2x OFI0SuoyvIcmtA== -----END CERTIFICATE-----Generated at Mon Dec 22 09:44:25 2025 by rpki-client