This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft File: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json) Hash identifier: GjRw1SBDQvpJ7iz+2O5wGFEt0XaehPyf+JnnU9iDBKY= Subject key identifier: 95:63:52:7F:BA:01:5F:D6:61:2A:AA:E5:CE:E2:79:03:B0:69:B3:4D Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF Certificate issuer: /CN=d87d8150d1182385c461b580d5638a570c2bc0bf Certificate serial: 019BAEDDACAF9BAE96F1DA3D0BE6C6C71F2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft Manifest number: 17BF Signing time: Sun 11 Jan 2026 21:02:01 +0000 Manifest this update: Sun 11 Jan 2026 21:02:01 +0000 Manifest next update: Mon 12 Jan 2026 21:02:01 +0000 Files and hashes: 1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: LJG59MXOjrANDbwaEkKWgXSKfYE4AGSAvIBLdQyFi9s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:dd:ac:af:9b:ae:96:f1:da:3d:0b:e6:c6:c7:1f:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf Validity Not Before: Jan 11 21:02:01 2026 GMT Not After : Jan 12 21:02:01 2026 GMT Subject: CN=9563527fba015fd6612aaae5cee27903b069b34d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:eb:3b:32:c3:ad:69:8d:d2:9e:47:2f:0b:30: 35:75:82:bd:2c:71:64:02:9d:ef:c0:4f:42:73:fa: be:9e:f0:66:16:91:43:ac:06:d6:98:c6:1e:a5:b2: 17:ee:bc:2e:2e:59:5e:6b:2f:56:1c:07:68:59:a5: bb:7c:52:14:c5:50:e1:c1:86:f4:84:9f:b3:1d:1d: a8:58:e6:26:ae:a6:03:a9:fe:7a:5b:be:13:ad:44: be:59:9d:a4:19:9e:bb:2c:40:c5:83:ea:9d:50:a5: 39:56:83:fb:58:dc:ea:e0:b7:d5:c2:32:85:55:4e: 15:b8:d8:0e:ec:52:6a:88:05:d5:14:c3:82:ae:ad: 72:f7:56:ef:0f:14:b3:8d:60:d5:2d:1a:47:ac:d3: ba:4b:9a:5a:9f:b5:c0:74:7e:9c:f3:26:90:f8:7d: 4a:c9:71:9a:c1:4d:f4:4d:34:da:9f:2c:c6:d5:7e: da:c1:14:4c:1e:e0:72:eb:a6:72:f5:b4:d8:8e:39: e8:5e:30:93:8b:4b:32:d7:bc:f1:90:64:7e:4a:81: f5:0b:03:e3:27:6d:f3:87:65:ed:52:5e:39:e4:20: f0:69:d5:cb:10:84:e7:54:0c:40:ed:00:ca:1d:1b: 21:7f:35:57:ac:45:27:45:21:dc:fe:de:28:1b:14: ac:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:63:52:7F:BA:01:5F:D6:61:2A:AA:E5:CE:E2:79:03:B0:69:B3:4D X509v3 Authority Key Identifier: keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:ed:59:46:e6:d2:2c:c6:d8:ff:78:72:33:60:ec:a7:b4:6a: c0:e4:ee:ef:d1:45:90:aa:f8:8a:70:20:68:0e:6d:a4:ab:0a: 6e:b1:67:f1:de:af:d1:f1:4f:a7:1b:a3:93:6e:7e:05:58:61: 65:78:98:c3:be:54:42:1d:16:a4:f7:09:c1:b7:7a:f0:e4:87: 1e:90:72:b4:2e:8a:04:d7:b5:a9:d1:66:aa:2c:96:e8:1f:a7: 6c:bc:cb:fc:dd:c0:1e:f6:02:c6:e5:4c:fe:9d:84:5c:a7:14: 04:5c:04:89:ce:b2:8d:07:2f:bd:b0:4a:f7:04:ee:5c:e1:12: 66:6b:11:f4:5f:7f:37:83:57:3d:58:cc:1f:53:0b:19:0b:af: a8:ff:04:ea:6f:dc:d9:d4:83:6a:4e:72:9b:5c:0c:88:7c:9f: 69:d0:85:7d:25:c1:2e:21:2a:83:04:c0:d2:d4:51:bd:37:d0: 2a:58:34:b9:67:50:36:7c:9c:e3:9c:c0:9b:5f:d9:5b:b2:2f: 6c:86:8c:05:85:48:0c:94:0f:68:51:a1:00:24:fc:f4:e6:66: 61:b3:bd:25:07:07:b8:a9:31:51:4b:1e:a5:ba:d2:98:c5:6a: 19:66:df:6d:3b:78:61:e8:ae:93:72:20:99:a0:a3:59:cc:7f: d0:ab:cb:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuu3ayvm66W8do9C+bGxx8vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy YmMwYmYwHhcNMjYwMTExMjEwMjAxWhcNMjYwMTEyMjEwMjAxWjAzMTEwLwYDVQQD Eyg5NTYzNTI3ZmJhMDE1ZmQ2NjEyYWFhZTVjZWUyNzkwM2IwNjliMzRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+s7MsOtaY3SnkcvCzA1dYK9LHFk Ap3vwE9Cc/q+nvBmFpFDrAbWmMYepbIX7rwuLlleay9WHAdoWaW7fFIUxVDhwYb0 hJ+zHR2oWOYmrqYDqf56W74TrUS+WZ2kGZ67LEDFg+qdUKU5VoP7WNzq4LfVwjKF VU4VuNgO7FJqiAXVFMOCrq1y91bvDxSzjWDVLRpHrNO6S5pan7XAdH6c8yaQ+H1K yXGawU30TTTanyzG1X7awRRMHuBy66Zy9bTYjjnoXjCTi0sy17zxkGR+SoH1CwPj J23zh2XtUl455CDwadXLEITnVAxA7QDKHRshfzVXrEUnRSHc/t4oGxSswQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJVjUn+6AV/WYSqq5c7ieQOwabNNMB8GA1UdIwQY MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+1ZRubS LMbY/3hyM2Dsp7RqwOTu79FFkKr4inAgaA5tpKsKbrFn8d6v0fFPpxujk25+BVhh ZXiYw75UQh0WpPcJwbd68OSHHpBytC6KBNe1qdFmqiyW6B+nbLzL/N3AHvYCxuVM /p2EXKcUBFwEic6yjQcvvbBK9wTuXOESZmsR9F9/N4NXPVjMH1MLGQuvqP8E6m/c 2dSDak5ym1wMiHyfadCFfSXBLiEqgwTA0tRRvTfQKlg0uWdQNnyc45zAm1/ZW7Iv bIaMBYVIDJQPaFGhACT89OZmYbO9JQcHuKkxUUsepbrSmMVqGWbfbTt4Yeiuk3Ig maCjWcx/0KvLgA== -----END CERTIFICATE-----Generated at Sun Jan 11 23:36:29 2026 by rpki-client