This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft File: 2pa1va-ygzLa_oR87RT3pfrUXmk.mft (raw, json) Hash identifier: 5pNGz0c5t9tXWJ5RUwuizunNNyTlI7OcDeNi6RFLFHo= Subject key identifier: FA:61:30:EB:3F:1B:AD:6A:E9:4D:4A:A1:CC:69:8E:59:16:7A:51:40 Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69 Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69 Certificate serial: 019B650D7077F7B80C538170F3B46564899F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft Manifest number: 179C Signing time: Sun 28 Dec 2025 13:02:18 +0000 Manifest this update: Sun 28 Dec 2025 13:02:18 +0000 Manifest next update: Mon 29 Dec 2025 13:02:18 +0000 Files and hashes: 1: 2pa1va-ygzLa_oR87RT3pfrUXmk.crl (hash: NMl5eT8hSlAUHtFL+P8v9AJ5VSDXmJi6ZoehXED/itM=) 2: 99kZ91L5k4nve2PYsWtipJThPHU.roa (hash: bVtLb94sDBWJmE1C3lJHiBUqgO9xT7zdCZpTZaX8mXc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 13:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:0d:70:77:f7:b8:0c:53:81:70:f3:b4:65:64:89:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69 Validity Not Before: Dec 28 13:02:18 2025 GMT Not After : Dec 29 13:02:18 2025 GMT Subject: CN=fa6130eb3f1bad6ae94d4aa1cc698e59167a5140 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:06:bf:5b:cb:e7:31:04:74:44:3e:74:e6:cb: 68:69:8b:da:72:fd:71:6c:70:11:78:9d:f7:44:71: 63:e4:62:8a:ca:1f:7e:97:b1:bc:25:13:48:9e:0e: df:e9:e5:25:15:42:db:67:94:af:9d:98:14:7d:1a: 72:19:a7:be:09:b7:fb:69:33:74:62:df:29:b7:21: 3f:2c:cc:a8:2e:f7:93:ae:ad:25:4f:a7:08:7a:af: 8d:85:74:24:ad:b6:45:a9:f8:15:5c:5e:8f:eb:2f: 58:f1:b4:c8:7a:be:79:1b:3e:56:3b:3e:4c:6e:64: 9d:4e:38:b1:4d:dd:6b:6d:33:73:6d:50:a7:10:47: 27:b4:5a:71:1f:3b:2f:a4:97:fe:5b:c7:04:78:24: c2:96:26:95:dc:04:02:6f:43:22:ed:f8:bf:04:da: c9:47:71:6d:a7:8e:92:90:49:5b:91:1f:1a:d7:70: 28:dd:7e:f9:69:d9:d7:cf:47:ef:c1:36:71:a1:b9: cc:18:e1:bc:b5:f7:f1:2f:e7:04:7f:eb:29:6a:b3: 1b:80:11:f6:4b:b7:c7:f1:d0:5f:ba:f4:b9:ca:92: e0:d7:71:e3:aa:35:6d:49:95:7e:55:15:73:8d:6e: 82:0a:10:ef:b2:34:48:4e:3e:d3:b1:8a:b8:62:a4: 15:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:61:30:EB:3F:1B:AD:6A:E9:4D:4A:A1:CC:69:8E:59:16:7A:51:40 X509v3 Authority Key Identifier: keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:42:97:7d:b7:bc:dd:84:89:d3:70:06:83:3b:e9:ef:11:7b: d5:0f:2c:67:3c:6c:6e:86:ec:22:d1:42:d7:9d:f9:b2:2d:5a: f4:b9:63:de:44:01:04:f9:3c:bf:2b:58:56:46:61:ff:3f:3f: 88:24:56:f6:4d:7a:14:f7:5d:7c:03:6a:3b:b2:7a:e0:34:aa: 2d:ef:a0:30:1d:cc:8c:51:f0:cb:4d:2c:b5:2f:62:13:43:f1: 3f:b9:97:c6:12:e2:78:54:ee:14:3e:41:4e:35:a9:e2:ac:ba: 35:da:c8:cc:18:e7:f3:95:2b:1c:b6:57:ff:35:10:4e:69:2e: 59:77:d6:04:fc:24:9f:18:ec:75:6e:55:c9:24:58:a7:3d:9c: df:8c:92:55:05:b1:f2:3f:ee:02:88:0c:cb:2e:8f:d3:30:e5: 96:c2:40:20:5e:e3:ee:be:1b:3f:72:81:99:81:0d:81:0a:93: 6a:72:dc:47:f0:d1:96:93:d5:29:ab:eb:b0:14:44:94:66:01: 1b:69:04:51:e0:ac:57:15:8e:e4:32:39:2f:4c:20:85:63:05: 72:8d:e5:5e:d0:08:a0:91:e9:7f:13:06:d3:a8:5a:72:80:76: 68:bf:db:f9:46:b4:d4:ab:54:9c:55:d8:3d:6a:8e:2b:74:90: 52:85:fb:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtlDXB397gMU4Fw87RlZImfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk NDVlNjkwHhcNMjUxMjI4MTMwMjE4WhcNMjUxMjI5MTMwMjE4WjAzMTEwLwYDVQQD EyhmYTYxMzBlYjNmMWJhZDZhZTk0ZDRhYTFjYzY5OGU1OTE2N2E1MTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAa/W8vnMQR0RD505stoaYvacv1x bHAReJ33RHFj5GKKyh9+l7G8JRNIng7f6eUlFULbZ5SvnZgUfRpyGae+Cbf7aTN0 Yt8ptyE/LMyoLveTrq0lT6cIeq+NhXQkrbZFqfgVXF6P6y9Y8bTIer55Gz5WOz5M bmSdTjixTd1rbTNzbVCnEEcntFpxHzsvpJf+W8cEeCTCliaV3AQCb0Mi7fi/BNrJ R3Ftp46SkElbkR8a13Ao3X75adnXz0fvwTZxobnMGOG8tffxL+cEf+sparMbgBH2 S7fH8dBfuvS5ypLg13HjqjVtSZV+VRVzjW6CChDvsjRITj7TsYq4YqQVIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPphMOs/G61q6U1KocxpjlkWelFAMB8GA1UdIwQY MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It NDI1Mzk1MGYxMTU1LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1 LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkKXfbe8 3YSJ03AGgzvp7xF71Q8sZzxsbobsItFC1535si1a9Llj3kQBBPk8vytYVkZh/z8/ iCRW9k16FPddfANqO7J64DSqLe+gMB3MjFHwy00stS9iE0PxP7mXxhLieFTuFD5B TjWp4qy6NdrIzBjn85UrHLZX/zUQTmkuWXfWBPwknxjsdW5VySRYpz2c34ySVQWx 8j/uAogMyy6P0zDllsJAIF7j7r4bP3KBmYENgQqTanLcR/DRlpPVKavrsBRElGYB G2kEUeCsVxWO5DI5L0wghWMFco3lXtAIoJHpfxMG06hacoB2aL/b+Ua01KtUnFXY PWqOK3SQUoX71w== -----END CERTIFICATE-----Generated at Sun Dec 28 22:16:25 2025 by rpki-client