This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft File: 2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft (raw, json) Hash identifier: ak4sN/ZjEk0HYFQbIBGJBs/4urXQ2fAojZPoTNTjGHs= Subject key identifier: 5A:82:99:4A:00:9D:36:13:8A:E6:91:BF:D8:40:C3:4C:5B:6B:84:93 Authority key identifier: D8:81:E5:77:7C:CE:99:0C:0B:2B:0F:4C:29:CC:8D:2C:F9:AF:E8:3B Certificate issuer: /CN=d881e5777cce990c0b2b0f4c29cc8d2cf9afe83b Certificate serial: 019B3C7F71116983DF7D0040B6866B39A46E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft Manifest number: 1719 Signing time: Sat 20 Dec 2025 16:02:23 +0000 Manifest this update: Sat 20 Dec 2025 16:02:23 +0000 Manifest next update: Sun 21 Dec 2025 16:02:23 +0000 Files and hashes: 1: 2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl (hash: iuyqoOMZWR34Jso5wfhKeY56lH20RG+cMO7OsMGlBgI=) 2: gd86nab0qf28eq3d5pPFq5e9rZo.roa (hash: OleM9BzJjHgCcSMlxVVC1tH0LyJmqbhh/CO/g3APccs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:71:11:69:83:df:7d:00:40:b6:86:6b:39:a4:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d881e5777cce990c0b2b0f4c29cc8d2cf9afe83b Validity Not Before: Dec 20 16:02:23 2025 GMT Not After : Dec 21 16:02:23 2025 GMT Subject: CN=5a82994a009d36138ae691bfd840c34c5b6b8493 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d8:3b:95:a1:4d:eb:82:8c:fd:45:c6:d7:24: 70:2b:c1:73:56:37:c7:3b:a9:de:18:f6:39:1c:a0: 63:90:ba:fe:be:35:49:9d:3b:d4:88:c6:ff:39:71: 4b:f4:0d:54:6d:ca:48:6f:c3:3a:86:47:40:3a:f9: c6:ea:25:40:f0:dc:1a:82:02:ce:b9:85:32:2c:3f: 99:81:f5:7f:09:80:e2:56:ba:d3:b0:07:ff:e1:13: 17:22:ba:18:9a:f6:80:4d:9f:89:95:7f:73:df:e0: f1:a0:eb:1c:4d:14:9d:cd:4e:2c:d7:5c:c8:65:d9: 0f:38:48:46:3b:20:09:c8:d3:1b:b9:d4:83:2f:01: 92:27:de:9c:90:eb:6f:6e:aa:c5:71:b3:c8:4c:93: 2b:f0:c0:ed:90:aa:1f:69:45:ec:8e:d0:5e:a3:40: ab:74:e4:eb:15:6a:b5:b9:84:34:a0:6d:2e:45:88: 9b:64:81:4b:9a:21:2e:57:21:29:e2:d8:cf:ff:a1: f7:70:fb:57:21:e2:e1:bd:64:e0:a8:69:d5:1d:e2: 79:bc:59:f9:00:46:e6:4b:4e:1d:4b:07:2f:ff:79: 8c:b9:f9:e3:9e:a7:36:c7:d3:67:74:3f:89:70:d0: bd:d0:ee:b8:ae:58:a6:0b:03:18:94:ee:fd:a2:15: 83:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:82:99:4A:00:9D:36:13:8A:E6:91:BF:D8:40:C3:4C:5B:6B:84:93 X509v3 Authority Key Identifier: keyid:D8:81:E5:77:7C:CE:99:0C:0B:2B:0F:4C:29:CC:8D:2C:F9:AF:E8:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:ac:79:b7:ed:39:82:9c:bc:af:9b:27:42:8f:3f:95:31:83: a1:b9:e2:c8:e8:79:5a:0d:d0:69:18:f7:f3:4f:ab:3e:0f:ae: 4e:7e:65:61:52:a3:7b:6a:7a:da:bd:27:2e:50:e2:84:b5:73: 09:3d:b6:d9:6d:63:f3:8e:27:bb:f1:33:af:52:15:ad:33:dd: 1e:64:20:b8:b5:24:f5:4f:3c:57:99:05:b3:27:4f:a6:69:db: 22:c7:66:9f:79:9c:0e:b4:32:75:56:6b:b1:3a:dd:2d:78:20: 4a:7d:9a:09:8b:67:45:95:31:b7:a3:8d:b4:00:b7:7d:a0:7e: 7b:21:c7:a1:67:33:eb:e2:af:63:56:8d:ea:0f:83:d3:1f:3a: 31:58:38:bd:68:92:2a:84:55:0e:e4:f0:91:7b:49:08:d2:dd: e2:75:53:46:10:00:e7:8f:f1:f6:3b:ba:4f:9b:07:51:0b:6f: 86:04:ed:29:5b:92:71:6d:19:29:9f:d0:c0:ad:0c:7f:2f:f1: a9:48:d5:28:14:10:7c:51:ac:9e:4f:93:92:9b:1c:8f:dd:a5: a0:8d:55:94:b0:b1:72:69:c6:07:e1:35:ed:42:e1:3d:05:91: 82:26:87:29:39:99:09:5f:cd:2f:d0:cc:30:fe:f6:69:a2:e7: b7:63:7f:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f3ERaYPffQBAtoZrOaRuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ODFlNTc3N2NjZTk5MGMwYjJiMGY0YzI5Y2M4ZDJjZjlh ZmU4M2IwHhcNMjUxMjIwMTYwMjIzWhcNMjUxMjIxMTYwMjIzWjAzMTEwLwYDVQQD Eyg1YTgyOTk0YTAwOWQzNjEzOGFlNjkxYmZkODQwYzM0YzViNmI4NDkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9g7laFN64KM/UXG1yRwK8FzVjfH O6neGPY5HKBjkLr+vjVJnTvUiMb/OXFL9A1UbcpIb8M6hkdAOvnG6iVA8NwaggLO uYUyLD+ZgfV/CYDiVrrTsAf/4RMXIroYmvaATZ+JlX9z3+DxoOscTRSdzU4s11zI ZdkPOEhGOyAJyNMbudSDLwGSJ96ckOtvbqrFcbPITJMr8MDtkKofaUXsjtBeo0Cr dOTrFWq1uYQ0oG0uRYibZIFLmiEuVyEp4tjP/6H3cPtXIeLhvWTgqGnVHeJ5vFn5 AEbmS04dSwcv/3mMufnjnqc2x9NndD+JcNC90O64rlimCwMYlO79ohWDOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFqCmUoAnTYTiuaRv9hAw0xba4STMB8GA1UdIwQY MBaAFNiB5Xd8zpkMCysPTCnMjSz5r+g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zYzk1ZjMtZGMzZC00OGViLWI2ZDct ZDgzNWRlMDhiY2Y2LzEvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8zYzk1ZjMtZGMzZC00OGViLWI2ZDctZDgzNWRlMDhiY2Y2 LzEvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKx5t+05 gpy8r5snQo8/lTGDobniyOh5Wg3QaRj380+rPg+uTn5lYVKje2p62r0nLlDihLVz CT222W1j844nu/Ezr1IVrTPdHmQguLUk9U88V5kFsydPpmnbIsdmn3mcDrQydVZr sTrdLXggSn2aCYtnRZUxt6ONtAC3faB+eyHHoWcz6+KvY1aN6g+D0x86MVg4vWiS KoRVDuTwkXtJCNLd4nVTRhAA54/x9ju6T5sHUQtvhgTtKVuScW0ZKZ/QwK0Mfy/x qUjVKBQQfFGsnk+Tkpscj92loI1VlLCxcmnGB+E17ULhPQWRgiaHKTmZCV/NL9DM MP72aaLnt2N/ig== -----END CERTIFICATE-----Generated at Sun Dec 21 00:52:24 2025 by rpki-client