This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft File: 2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json) Hash identifier: jOBpkKuCNhRfCZz2eTkwtuiWgWcxaQ+HAQ4CIX1EFOg= Subject key identifier: 39:8E:B9:90:37:9E:F1:7E:69:CE:DA:62:94:6F:D4:C8:96:61:40:72 Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD Certificate issuer: /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Certificate serial: 019B668D0EDE4A35CB5FC50A5D20152B570D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft Manifest number: 0503 Signing time: Sun 28 Dec 2025 20:01:18 +0000 Manifest this update: Sun 28 Dec 2025 20:01:18 +0000 Manifest next update: Mon 29 Dec 2025 20:01:18 +0000 Files and hashes: 1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: wXN68XoLuU8PIXwQSqFnzHMTMRjo8kwej/u9GYUGNVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:8d:0e:de:4a:35:cb:5f:c5:0a:5d:20:15:2b:57:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Validity Not Before: Dec 28 20:01:18 2025 GMT Not After : Dec 29 20:01:18 2025 GMT Subject: CN=398eb990379ef17e69ceda62946fd4c896614072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5c:f5:c9:29:c1:ac:8a:8b:b1:39:e7:f1:23: fc:e1:be:be:b8:fd:89:4b:07:c7:91:6f:cd:a1:fd: 93:87:9d:1a:3e:77:8b:47:29:ce:19:0b:98:26:60: be:d9:11:06:5c:0d:b9:3f:9f:49:d1:8b:a7:13:21: 71:6f:7a:ed:67:64:20:72:d5:42:25:ef:21:88:31: c9:0c:dc:aa:63:c2:c0:46:ab:ef:0c:9c:cc:ac:0a: b2:d1:56:2d:29:58:a8:ca:ac:0c:57:c4:bf:cf:74: ee:91:04:0a:48:9b:58:89:a5:20:82:e6:0a:ff:22: ca:b0:cc:cd:b8:b2:d9:f9:a8:c9:90:45:18:af:6a: c2:d1:e1:b2:64:d0:f8:7a:2b:d1:36:af:66:8b:a1: fe:58:5a:ac:bd:b4:c4:dd:e3:dc:66:61:87:07:b4: cf:12:27:93:59:ca:98:41:85:32:18:d4:ed:c0:76: b8:08:a9:9f:50:36:3b:a9:aa:67:21:de:b6:b1:85: dd:93:64:5e:fe:01:9b:ef:29:b9:d0:38:c3:cb:bf: b9:de:df:72:a0:98:71:d6:7d:ed:b7:aa:b5:39:05: 82:0b:42:a3:88:72:0d:1e:0c:50:20:4e:ef:a6:59: b7:31:9a:a5:40:47:e1:6c:1d:d1:ce:ec:73:75:60: 00:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:8E:B9:90:37:9E:F1:7E:69:CE:DA:62:94:6F:D4:C8:96:61:40:72 X509v3 Authority Key Identifier: keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:65:ab:95:07:38:f2:db:1f:a0:e2:e5:6f:10:30:fe:3e:ff: 61:b1:7a:01:71:c3:ef:88:c2:16:93:a4:c7:2f:08:bf:9f:3b: ff:29:0d:ca:02:c1:ca:b0:f2:49:ab:38:11:db:40:a5:70:c2: 15:16:e7:ef:98:8b:e3:81:7d:59:3c:fa:61:45:90:a2:5d:22: 61:b8:1d:a7:ab:56:ad:84:93:f1:63:87:83:0c:13:c3:1e:08: 4a:f5:71:bb:5c:53:0c:01:a5:e6:90:3e:e3:9c:85:79:3a:69: 4f:ae:fb:34:cc:59:8c:bf:0d:24:c4:d1:d5:a3:27:43:99:8c: 62:50:4d:68:23:4b:9e:6d:77:45:0c:42:91:f8:e8:4a:68:32: 81:1b:5b:5d:d9:de:7e:ae:12:34:d9:35:85:cc:f4:6d:5a:69: bb:6c:2c:16:85:62:dd:bb:52:dc:28:46:27:5f:00:d4:fa:72: 0e:c5:39:ee:cd:47:41:2f:07:d5:e3:08:a1:ed:a2:4c:b3:a2: e6:0f:f8:08:4d:b9:cd:b3:40:f1:43:d7:59:6f:60:67:9a:63: 99:4c:a1:87:e6:23:4a:3b:ec:9b:66:bb:ab:87:a2:71:b9:44: 6c:5a:ad:17:79:a5:51:0d:62:98:1e:37:a7:5c:02:54:c0:5b: b7:62:5e:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtmjQ7eSjXLX8UKXSAVK1cNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2 NjIyY2QwHhcNMjUxMjI4MjAwMTE4WhcNMjUxMjI5MjAwMTE4WjAzMTEwLwYDVQQD EygzOThlYjk5MDM3OWVmMTdlNjljZWRhNjI5NDZmZDRjODk2NjE0MDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVz1ySnBrIqLsTnn8SP84b6+uP2J SwfHkW/Nof2Th50aPneLRynOGQuYJmC+2REGXA25P59J0YunEyFxb3rtZ2QgctVC Je8hiDHJDNyqY8LARqvvDJzMrAqy0VYtKVioyqwMV8S/z3TukQQKSJtYiaUgguYK /yLKsMzNuLLZ+ajJkEUYr2rC0eGyZND4eivRNq9mi6H+WFqsvbTE3ePcZmGHB7TP EieTWcqYQYUyGNTtwHa4CKmfUDY7qapnId62sYXdk2Re/gGb7ym50DjDy7+53t9y oJhx1n3tt6q1OQWCC0KjiHINHgxQIE7vplm3MZqlQEfhbB3RzuxzdWAAMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDmOuZA3nvF+ac7aYpRv1MiWYUByMB8GA1UdIwQY MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5 LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1GWrlQc4 8tsfoOLlbxAw/j7/YbF6AXHD74jCFpOkxy8Iv587/ykNygLByrDySas4EdtApXDC FRbn75iL44F9WTz6YUWQol0iYbgdp6tWrYST8WOHgwwTwx4ISvVxu1xTDAGl5pA+ 45yFeTppT677NMxZjL8NJMTR1aMnQ5mMYlBNaCNLnm13RQxCkfjoSmgygRtbXdne fq4SNNk1hcz0bVppu2wsFoVi3btS3ChGJ18A1PpyDsU57s1HQS8H1eMIoe2iTLOi 5g/4CE25zbNA8UPXWW9gZ5pjmUyhh+YjSjvsm2a7q4eicblEbFqtF3mlUQ1imB43 p1wCVMBbt2Jeow== -----END CERTIFICATE-----Generated at Mon Dec 29 01:48:46 2025 by rpki-client