This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft File: 2DLajUWISdX0C6bwuSCPhYXZ4j4.mft (raw, json) Hash identifier: D7eZL5P0CvJLhTxnZ/Fq+6moicZN3biswUeZDAyqp/I= Subject key identifier: A3:EC:8D:8E:FA:70:3E:34:21:00:B0:83:14:AF:BE:47:D0:63:E1:59 Authority key identifier: D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E Certificate issuer: /CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e Certificate serial: 019B2A77E6BE70581B15FAF41C89DB963320 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft Manifest number: 177E Signing time: Wed 17 Dec 2025 04:00:59 +0000 Manifest this update: Wed 17 Dec 2025 04:00:59 +0000 Manifest next update: Thu 18 Dec 2025 04:00:59 +0000 Files and hashes: 1: 0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa (hash: ii+DUPaWPj2PKPLgx9rgU4vJhM6MjQajOc4FBEHl1O8=) 2: 2DLajUWISdX0C6bwuSCPhYXZ4j4.crl (hash: 0N3iPkHokFA2wHV2JzJULdpSdrw8vGgNznouTxHj2zc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2a:77:e6:be:70:58:1b:15:fa:f4:1c:89:db:96:33:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e Validity Not Before: Dec 17 04:00:59 2025 GMT Not After : Dec 18 04:00:59 2025 GMT Subject: CN=a3ec8d8efa703e342100b08314afbe47d063e159 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0b:81:34:cb:34:9b:20:ed:92:d6:a8:26:2e: 85:b6:cc:ea:49:64:ab:e2:1b:7f:2f:67:cf:3d:86: a9:ab:af:3e:19:af:b2:b3:c0:c2:1e:71:c5:f6:d1: 75:c4:e7:03:dd:ea:97:d4:fa:d6:55:76:37:0d:29: 7f:15:94:d4:2e:ac:d3:8c:64:f2:90:99:17:2a:7f: e6:f7:1f:c6:b5:95:37:cb:2c:71:7a:81:e5:f9:7a: 06:63:84:63:b0:9b:ce:c6:0a:f0:ec:53:42:e8:c0: 45:03:c4:9c:a6:34:2c:dd:cc:e9:a4:bc:13:c7:44: 49:3c:8b:ed:22:e4:e8:b4:9d:00:c4:09:8a:34:37: c2:e9:9b:fe:7f:77:70:6e:51:0f:30:4e:ed:82:32: 0c:ba:f4:52:d8:dd:17:a1:e8:f6:49:97:90:07:b9: 82:0c:b3:e0:f0:dd:c9:6d:74:58:d9:0d:2b:2c:c7: e8:27:dd:cc:38:fd:05:35:af:59:a1:1a:d9:b8:41: 16:d4:b4:7c:90:0b:0b:d2:e0:c9:ea:00:fb:8d:cf: 50:b4:d3:65:2a:d0:7b:95:b2:0b:9d:0f:2f:1b:02: 33:d1:c7:71:ad:6a:4d:fc:05:21:e7:62:da:b9:0a: 1c:be:c8:e6:bf:45:53:31:ea:2a:d0:3d:81:f7:64: ee:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:EC:8D:8E:FA:70:3E:34:21:00:B0:83:14:AF:BE:47:D0:63:E1:59 X509v3 Authority Key Identifier: keyid:D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:86:03:8f:9e:6d:c1:bb:9e:4f:d1:bd:e4:26:b8:59:5c:71: 37:12:a1:25:3f:b4:83:1d:60:fd:9b:c8:61:3e:8f:e6:ca:91: 8d:4c:b6:2f:13:08:94:a3:b7:3e:66:36:44:e7:26:3f:06:2a: 49:c7:90:dd:6d:91:4c:64:f2:dc:32:09:f6:f7:bd:ec:9d:ac: 22:8b:24:e2:89:5e:4a:e8:ce:6f:28:66:e4:7a:56:0a:ae:b5: e5:d4:26:2a:5b:46:08:cb:00:66:05:d5:e9:3c:e6:2f:cb:ab: 38:e9:6e:d9:0a:ce:75:83:11:9d:c4:0f:24:91:6e:e8:ba:a6: bf:b4:36:4e:84:b1:36:dd:b1:6c:8f:47:f0:34:26:0b:c1:c2: 8f:5a:ac:85:41:4e:a1:93:97:11:55:ae:89:fc:4f:52:48:32: 64:b6:83:01:7f:7a:68:c6:96:b7:48:6d:fb:21:0d:35:e3:26: c7:49:3d:ad:8e:64:46:26:26:9a:8b:78:f3:38:15:55:9d:31: 4f:f0:15:8b:d6:41:77:07:af:d6:7e:b0:9e:30:ff:54:90:b4: c1:92:8f:1f:56:79:08:14:cc:5b:58:ef:95:b8:52:c0:b1:e1: b8:86:2a:13:cc:a6:fc:c9:24:47:cd:01:20:ba:01:5d:95:be: e6:30:b3:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsqd+a+cFgbFfr0HInbljMgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MzJkYThkNDU4ODQ5ZDVmNDBiYTZmMGI5MjA4Zjg1ODVk OWUyM2UwHhcNMjUxMjE3MDQwMDU5WhcNMjUxMjE4MDQwMDU5WjAzMTEwLwYDVQQD EyhhM2VjOGQ4ZWZhNzAzZTM0MjEwMGIwODMxNGFmYmU0N2QwNjNlMTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQuBNMs0myDtktaoJi6FtszqSWSr 4ht/L2fPPYapq68+Ga+ys8DCHnHF9tF1xOcD3eqX1PrWVXY3DSl/FZTULqzTjGTy kJkXKn/m9x/GtZU3yyxxeoHl+XoGY4RjsJvOxgrw7FNC6MBFA8ScpjQs3czppLwT x0RJPIvtIuTotJ0AxAmKNDfC6Zv+f3dwblEPME7tgjIMuvRS2N0Xoej2SZeQB7mC DLPg8N3JbXRY2Q0rLMfoJ93MOP0FNa9ZoRrZuEEW1LR8kAsL0uDJ6gD7jc9QtNNl KtB7lbILnQ8vGwIz0cdxrWpN/AUh52LauQocvsjmv0VTMeoq0D2B92TuvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKPsjY76cD40IQCwgxSvvkfQY+FZMB8GA1UdIwQY MBaAFNgy2o1FiEnV9Aum8Lkgj4WF2eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYt Yzk5Nzk1ZjM4ODVmLzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYtYzk5Nzk1ZjM4ODVm LzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR4YDj55t wbueT9G95Ca4WVxxNxKhJT+0gx1g/ZvIYT6P5sqRjUy2LxMIlKO3PmY2ROcmPwYq SceQ3W2RTGTy3DIJ9ve97J2sIosk4oleSujObyhm5HpWCq615dQmKltGCMsAZgXV 6TzmL8urOOlu2QrOdYMRncQPJJFu6Lqmv7Q2ToSxNt2xbI9H8DQmC8HCj1qshUFO oZOXEVWuifxPUkgyZLaDAX96aMaWt0ht+yENNeMmx0k9rY5kRiYmmot48zgVVZ0x T/AVi9ZBdwev1n6wnjD/VJC0wZKPH1Z5CBTMW1jvlbhSwLHhuIYqE8ym/MkkR80B ILoBXZW+5jCzdg== -----END CERTIFICATE-----Generated at Wed Dec 17 11:20:39 2025 by rpki-client