This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft File: 2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json) Hash identifier: Luffy/PJVnB6wsA7lmoCtABUfoSp90of7LigmchOOf4= Subject key identifier: BE:71:53:20:FD:C9:E5:6A:DC:96:BD:73:57:C9:88:14:79:1A:88:DD Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 Certificate issuer: /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Certificate serial: 019B55D04DE6292EC4D7C5758675B220EF23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft Manifest number: 0444 Signing time: Thu 25 Dec 2025 14:01:13 +0000 Manifest this update: Thu 25 Dec 2025 14:01:13 +0000 Manifest next update: Fri 26 Dec 2025 14:01:13 +0000 Files and hashes: 1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: wV3fT1FQLPQSAV/w3BvDaYUpyyE9eNdyMi3dyt2wmq8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:d0:4d:e6:29:2e:c4:d7:c5:75:86:75:b2:20:ef:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Validity Not Before: Dec 25 14:01:13 2025 GMT Not After : Dec 26 14:01:13 2025 GMT Subject: CN=be715320fdc9e56adc96bd7357c98814791a88dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f1:6b:93:ac:33:01:f7:4c:29:96:d5:d2:cf: 27:25:78:c9:84:26:19:28:35:d0:e6:9d:d3:e7:c6: 0f:6e:66:31:89:d6:dd:53:bd:d2:24:b6:e7:07:bd: c8:42:c6:0a:5e:5c:af:f0:bf:0e:d5:d7:e8:d2:8c: 39:3c:97:44:b5:81:5c:2f:89:5b:ae:5f:c8:1a:09: ef:67:13:d7:be:c9:ee:6e:a3:d6:99:2d:6e:40:5b: 77:a6:76:dd:87:48:1c:30:48:27:ee:0e:e2:ba:0e: a7:ae:5e:25:b4:79:03:21:21:cd:a0:10:91:f7:22: 39:55:3f:7d:06:ca:8d:3e:05:f6:0c:6f:52:99:1b: 83:23:66:78:cc:70:05:53:d8:5d:32:40:90:0b:4c: f6:9a:89:be:e8:d1:56:0f:3c:eb:a6:37:d5:55:80: ec:21:5b:4b:db:83:49:be:78:f1:ad:87:35:6f:87: 62:7b:aa:81:22:7f:3a:de:32:69:92:ff:fa:d0:82: cd:d4:4d:68:46:51:ff:26:e2:dc:36:87:a7:99:cf: 87:45:ff:cd:b8:51:c9:5b:87:85:9d:a5:f6:bc:99: 26:58:57:43:b8:49:c6:4c:ad:b7:1d:81:ef:2f:1b: ed:8a:b4:1d:2b:d2:21:da:45:fa:34:a9:4d:1d:c9: dc:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:71:53:20:FD:C9:E5:6A:DC:96:BD:73:57:C9:88:14:79:1A:88:DD X509v3 Authority Key Identifier: keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:ef:2e:a1:95:72:44:4e:c7:be:1d:b3:5b:0c:67:1a:14:6b: 65:2b:03:88:e7:19:2b:4a:55:6d:8e:13:dd:4c:be:37:10:3c: 80:64:f5:2a:70:09:f1:9b:57:99:df:45:22:b4:67:a4:4e:3e: f7:f6:63:e3:9e:d9:97:cb:88:04:49:a5:6e:1a:b9:71:c6:71: c7:e5:39:22:bb:2f:ef:6b:4a:e8:fd:63:ee:b1:51:b5:fd:c4: 5c:f0:5a:74:8d:c9:00:8f:70:d6:8b:0e:7f:04:c1:4e:fa:5a: 14:27:c6:e1:f6:a1:1a:08:06:ad:9f:06:9d:86:83:23:30:d1: 32:05:b1:fc:0b:85:6e:d6:bb:61:6d:9f:74:04:53:bc:79:ba: a0:71:b4:20:a1:57:e1:50:b9:64:3f:f3:d0:3b:62:6d:b5:18: 0e:17:bd:b2:7a:54:53:82:e3:94:82:72:47:b5:70:19:b9:3f: ff:c7:b8:fa:f1:44:ec:f2:d8:d8:4b:91:0f:f4:a1:e0:8d:c5: fb:1c:3c:38:72:0a:52:9a:e1:3d:fe:4a:ec:e2:fd:4a:f5:ae: b3:c1:2c:48:f5:86:cf:5b:a7:a4:5e:04:4c:e3:08:43:ec:6b: ba:83:24:85:04:f4:2b:47:ea:c3:7c:9b:64:9b:a6:ce:59:71: 90:5b:f0:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtV0E3mKS7E18V1hnWyIO8jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm N2VhOTEwHhcNMjUxMjI1MTQwMTEzWhcNMjUxMjI2MTQwMTEzWjAzMTEwLwYDVQQD EyhiZTcxNTMyMGZkYzllNTZhZGM5NmJkNzM1N2M5ODgxNDc5MWE4OGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/Frk6wzAfdMKZbV0s8nJXjJhCYZ KDXQ5p3T58YPbmYxidbdU73SJLbnB73IQsYKXlyv8L8O1dfo0ow5PJdEtYFcL4lb rl/IGgnvZxPXvsnubqPWmS1uQFt3pnbdh0gcMEgn7g7iug6nrl4ltHkDISHNoBCR 9yI5VT99BsqNPgX2DG9SmRuDI2Z4zHAFU9hdMkCQC0z2mom+6NFWDzzrpjfVVYDs IVtL24NJvnjxrYc1b4die6qBIn863jJpkv/60ILN1E1oRlH/JuLcNoenmc+HRf/N uFHJW4eFnaX2vJkmWFdDuEnGTK23HYHvLxvtirQdK9Ih2kX6NKlNHcncHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL5xUyD9yeVq3Ja9c1fJiBR5GojdMB8GA1UdIwQY MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0 LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+8uoZVy RE7Hvh2zWwxnGhRrZSsDiOcZK0pVbY4T3Uy+NxA8gGT1KnAJ8ZtXmd9FIrRnpE4+ 9/Zj457Zl8uIBEmlbhq5ccZxx+U5Irsv72tK6P1j7rFRtf3EXPBadI3JAI9w1osO fwTBTvpaFCfG4fahGggGrZ8GnYaDIzDRMgWx/AuFbta7YW2fdARTvHm6oHG0IKFX 4VC5ZD/z0DtibbUYDhe9snpUU4LjlIJyR7VwGbk//8e4+vFE7PLY2EuRD/Sh4I3F +xw8OHIKUprhPf5K7OL9SvWus8EsSPWGz1unpF4ETOMIQ+xruoMkhQT0K0fqw3yb ZJumzllxkFvw7g== -----END CERTIFICATE-----Generated at Thu Dec 25 19:39:10 2025 by rpki-client