This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.mft File: 2KmU2EbLZpboicHMMiheCyOvx3c.mft (raw, json) Hash identifier: VITTz6sVxACNWN/vIr2pB/0+pR9Zr1y2D0GRF7MSrfg= Subject key identifier: B0:5E:3B:C4:C1:3E:9E:4C:99:6A:26:7B:BF:37:1A:76:60:99:DA:B6 Authority key identifier: D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77 Certificate issuer: /CN=d8a994d846cb6696e889c1cc32285e0b23afc777 Certificate serial: 019B33B19FCDA4150C7892A85E0D2C73944E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.mft Manifest number: 166D Signing time: Thu 18 Dec 2025 23:00:37 +0000 Manifest this update: Thu 18 Dec 2025 23:00:37 +0000 Manifest next update: Fri 19 Dec 2025 23:00:37 +0000 Files and hashes: 1: 2KmU2EbLZpboicHMMiheCyOvx3c.crl (hash: 2x/6nVBlMGOdmVD3d7RSPDiEo1l8Uj5ThDJtbXNB0dc=) 2: UHp7t70IbcWp2bwKOGl-4b8ScF4.roa (hash: UvX//cn/2erRwYZHy/h/xPpeIQdcBl4GUvhBbyEANqc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.mft rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:9f:cd:a4:15:0c:78:92:a8:5e:0d:2c:73:94:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8a994d846cb6696e889c1cc32285e0b23afc777 Validity Not Before: Dec 18 23:00:37 2025 GMT Not After : Dec 19 23:00:37 2025 GMT Subject: CN=b05e3bc4c13e9e4c996a267bbf371a766099dab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:b2:d7:b0:2e:a2:dd:58:d4:fe:36:65:dd:dd: 97:38:33:73:d1:e5:7c:2f:2f:b5:8c:dd:f5:c2:19: dd:69:26:a5:de:c5:dc:2a:12:40:fe:f2:6d:19:15: 11:31:df:d7:44:55:82:d8:ae:ed:c8:d7:02:03:1d: c8:37:e5:74:5b:e4:c3:6e:11:1c:9d:09:0c:6c:4b: d9:37:d0:ce:59:6a:6e:9f:f5:45:e7:8f:98:ec:0a: 94:08:46:94:f5:70:75:7c:66:82:b8:b5:41:12:2f: 46:a1:b8:87:77:22:22:c5:c4:47:7f:d9:e1:72:95: dc:9e:d2:a5:07:f2:51:48:5a:57:b2:08:3e:83:a8: 69:a1:12:9b:28:d5:22:65:64:c5:5f:f3:28:68:9e: 40:cc:0e:1d:14:a9:87:ac:b6:f3:24:8d:a0:ee:4f: 98:55:7c:50:b5:0e:dc:68:94:09:a1:a5:54:ed:56: 33:08:df:1a:74:2b:ca:22:c3:ab:8e:b8:7d:a4:2a: 96:c5:e1:80:26:d2:a2:4f:27:b7:55:c1:91:af:3c: 31:4e:d1:bf:e4:73:93:df:bd:5d:2c:8c:13:30:28: 21:b9:92:7b:22:84:55:a5:60:ff:1d:76:54:d2:0c: dd:3a:4b:45:0b:6a:53:7a:fe:19:42:46:0c:2f:2c: 90:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:5E:3B:C4:C1:3E:9E:4C:99:6A:26:7B:BF:37:1A:76:60:99:DA:B6 X509v3 Authority Key Identifier: keyid:D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:57:38:68:20:95:af:2d:98:dd:51:02:ba:82:46:71:eb:5c: 5e:5c:c3:28:8f:3f:ed:74:fc:98:97:fd:5a:da:58:a3:c1:a9: 41:0d:5f:ad:f7:4d:04:14:38:84:5d:a6:98:f5:cd:2a:06:6b: 36:42:b8:8c:51:24:05:f6:fd:44:c1:7f:18:ad:a0:99:20:c6: 27:ba:6b:fb:51:e3:29:94:72:63:3c:de:4e:a1:26:3b:bc:d0: 4f:4a:97:10:8c:f5:ea:ec:e5:3b:4e:37:47:32:a9:e8:82:90: 1d:33:a2:e0:72:e8:ab:68:ad:2c:53:f7:d5:fe:73:d9:46:97: 53:0d:40:cb:a0:b9:ee:c9:63:40:7b:b1:05:39:4a:9d:96:56: 40:a4:b3:4e:49:83:06:9e:f5:3c:5e:a4:67:fb:b1:5d:0e:00: 1a:8c:a1:db:37:4e:c4:76:5b:a6:96:db:b5:1b:96:8a:f3:77: c1:80:cb:1a:a0:38:6a:04:e5:56:23:2e:3d:84:87:0c:17:8e: f5:95:a6:23:d3:47:2c:ad:7f:5e:b6:19:c9:89:b1:7e:06:91: bc:32:f6:41:01:c6:5d:b5:cd:fa:78:7f:9f:c7:d5:e8:cf:5d: 1a:07:ae:fb:dc:cf:11:b2:1e:b0:f0:50:1d:5d:d3:98:13:3c: 99:67:55:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsZ/NpBUMeJKoXg0sc5ROMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YTk5NGQ4NDZjYjY2OTZlODg5YzFjYzMyMjg1ZTBiMjNh ZmM3NzcwHhcNMjUxMjE4MjMwMDM3WhcNMjUxMjE5MjMwMDM3WjAzMTEwLwYDVQQD EyhiMDVlM2JjNGMxM2U5ZTRjOTk2YTI2N2JiZjM3MWE3NjYwOTlkYWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bLXsC6i3VjU/jZl3d2XODNz0eV8 Ly+1jN31whndaSal3sXcKhJA/vJtGRURMd/XRFWC2K7tyNcCAx3IN+V0W+TDbhEc nQkMbEvZN9DOWWpun/VF54+Y7AqUCEaU9XB1fGaCuLVBEi9GobiHdyIixcRHf9nh cpXcntKlB/JRSFpXsgg+g6hpoRKbKNUiZWTFX/MoaJ5AzA4dFKmHrLbzJI2g7k+Y VXxQtQ7caJQJoaVU7VYzCN8adCvKIsOrjrh9pCqWxeGAJtKiTye3VcGRrzwxTtG/ 5HOT371dLIwTMCghuZJ7IoRVpWD/HXZU0gzdOktFC2pTev4ZQkYMLyyQdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBeO8TBPp5MmWome783GnZgmdq2MB8GA1UdIwQY MBaAFNiplNhGy2aW6InBzDIoXgsjr8d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkttVTJFYkxacGJvaWNITU1paGVDeU92eDNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9kZDA4ZjctYjZmNC00YjQyLTgxZDct MjNhYjU5Nzk4NDIxLzEvMkttVTJFYkxacGJvaWNITU1paGVDeU92eDNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9kZDA4ZjctYjZmNC00YjQyLTgxZDctMjNhYjU5Nzk4NDIx LzEvMkttVTJFYkxacGJvaWNITU1paGVDeU92eDNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiFc4aCCV ry2Y3VECuoJGcetcXlzDKI8/7XT8mJf9WtpYo8GpQQ1frfdNBBQ4hF2mmPXNKgZr NkK4jFEkBfb9RMF/GK2gmSDGJ7pr+1HjKZRyYzzeTqEmO7zQT0qXEIz16uzlO043 RzKp6IKQHTOi4HLoq2itLFP31f5z2UaXUw1Ay6C57sljQHuxBTlKnZZWQKSzTkmD Bp71PF6kZ/uxXQ4AGoyh2zdOxHZbppbbtRuWivN3wYDLGqA4agTlViMuPYSHDBeO 9ZWmI9NHLK1/XrYZyYmxfgaRvDL2QQHGXbXN+nh/n8fV6M9dGgeu+9zPEbIesPBQ HV3TmBM8mWdVCQ== -----END CERTIFICATE-----Generated at Fri Dec 19 08:27:18 2025 by rpki-client