This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json) Hash identifier: z/fmD51WmVyJy8YdvDgCywdg5dQNaoJ6LrSJiO6+A+Q= Subject key identifier: 4F:1F:76:18:32:E9:BA:B4:79:B7:80:FD:9C:4E:08:AA:D5:CF:4C:55 Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a Certificate serial: 019B3F7F1A36E53C5E8B912C9847EC5D6842 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft Manifest number: 16B8 Signing time: Sun 21 Dec 2025 06:00:52 +0000 Manifest this update: Sun 21 Dec 2025 06:00:52 +0000 Manifest next update: Mon 22 Dec 2025 06:00:52 +0000 Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: a532sBL3TLsUuEhaK9165t5liII1KtcOLlP4lSnbUUI=) 2: 6R0wvkFPscZQ2uww-ZvwnaXh--0.roa (hash: wyiJ7rZP6x6kzeIfld1VjsLp4nIqzGhNhuxTGdTq1Ek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:1a:36:e5:3c:5e:8b:91:2c:98:47:ec:5d:68:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a Validity Not Before: Dec 21 06:00:52 2025 GMT Not After : Dec 22 06:00:52 2025 GMT Subject: CN=4f1f761832e9bab479b780fd9c4e08aad5cf4c55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:26:1d:ef:54:45:02:f2:7b:47:13:e1:42:d5: e3:58:25:7f:b7:cc:7c:9d:06:2c:b6:c6:f4:71:5b: 65:69:18:a1:23:5d:c5:e3:1f:83:16:35:5c:0e:85: 1a:d8:6d:9f:06:f0:43:04:04:47:39:ee:99:25:a4: 7f:e7:5d:86:ae:18:c9:2e:49:29:c7:e3:f4:dd:63: b9:e8:1e:1d:d9:49:b9:23:09:50:33:a8:a3:80:ae: e3:dc:27:48:4b:78:7f:91:4a:b1:78:f1:af:e0:0f: af:d6:7f:77:45:fc:56:aa:f0:9d:1b:c1:3a:4c:56: 55:9f:58:5a:1f:4d:c0:a7:f5:40:2e:aa:dc:76:9e: 06:13:f7:c9:15:85:29:02:db:33:58:bc:66:ca:75: d0:0c:e1:e2:52:ed:53:b9:19:61:d2:d2:2a:88:e3: 93:7b:a0:72:b3:54:53:18:79:0d:3b:9e:38:e8:d1: fe:48:20:8b:4b:1d:ed:7d:7a:1f:ec:a0:b1:92:2e: 40:78:d2:23:8d:95:2c:d1:83:0f:7b:d2:f5:07:fb: a8:4f:74:6a:49:90:14:27:ee:2e:4e:9b:d9:ed:e3: 2b:11:84:8a:df:1f:06:f4:4d:1e:81:be:af:fd:0f: 64:f8:ce:60:7c:ec:1e:a5:32:d3:66:f8:5e:9d:c3: 2c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:1F:76:18:32:E9:BA:B4:79:B7:80:FD:9C:4E:08:AA:D5:CF:4C:55 X509v3 Authority Key Identifier: keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:2f:33:49:8a:bc:66:bc:16:1c:8c:df:1a:5c:3c:62:53:39: 19:62:f2:a9:3c:d2:46:9f:c8:c9:26:f7:f0:43:e0:68:17:9a: bb:dd:23:61:55:0a:39:71:0b:a4:d2:61:91:35:3f:ba:b2:5f: c7:e1:30:44:fb:67:04:9c:2b:c6:01:3a:1c:aa:98:95:e9:61: 44:c6:82:11:ad:4b:46:7a:42:d5:d1:30:95:4d:9b:21:0c:70: 79:9c:d7:36:23:0d:64:8a:ec:ce:9c:26:71:72:d6:13:78:5f: 86:d4:e7:4e:0f:5d:30:31:db:e9:91:8c:e8:fd:3e:2d:79:ba: 23:30:80:98:a6:15:53:58:4c:83:9f:58:35:e3:65:de:57:51: 51:6f:98:1d:ba:63:79:de:5e:61:14:a9:2d:4a:77:75:ca:76: 59:77:cf:6c:84:2c:bc:e3:fa:d4:0c:0c:b3:ea:e5:3b:35:63: ff:2a:d7:2b:a8:6a:a0:ae:35:90:65:f0:dd:98:6a:3d:4b:21: 67:ef:25:57:82:c0:9f:49:b8:6b:ce:66:f5:5e:b1:34:32:6c: c8:ab:1e:ab:f2:11:6e:87:20:2c:ea:25:63:21:62:22:ba:10: b2:89:4c:a7:89:7e:2d:9b:b8:94:b4:ca:3b:d6:e8:09:52:a7: e9:d3:71:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fxo25Txei5EsmEfsXWhCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk OTEzM2EwHhcNMjUxMjIxMDYwMDUyWhcNMjUxMjIyMDYwMDUyWjAzMTEwLwYDVQQD Eyg0ZjFmNzYxODMyZTliYWI0NzliNzgwZmQ5YzRlMDhhYWQ1Y2Y0YzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyYd71RFAvJ7RxPhQtXjWCV/t8x8 nQYstsb0cVtlaRihI13F4x+DFjVcDoUa2G2fBvBDBARHOe6ZJaR/512GrhjJLkkp x+P03WO56B4d2Um5IwlQM6ijgK7j3CdIS3h/kUqxePGv4A+v1n93RfxWqvCdG8E6 TFZVn1haH03Ap/VALqrcdp4GE/fJFYUpAtszWLxmynXQDOHiUu1TuRlh0tIqiOOT e6Bys1RTGHkNO5446NH+SCCLSx3tfXof7KCxki5AeNIjjZUs0YMPe9L1B/uoT3Rq SZAUJ+4uTpvZ7eMrEYSK3x8G9E0egb6v/Q9k+M5gfOwepTLTZvhencMssQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE8fdhgy6bq0ebeA/ZxOCKrVz0xVMB8GA1UdIwQY MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALi8zSYq8 ZrwWHIzfGlw8YlM5GWLyqTzSRp/IySb38EPgaBeau90jYVUKOXELpNJhkTU/urJf x+EwRPtnBJwrxgE6HKqYlelhRMaCEa1LRnpC1dEwlU2bIQxweZzXNiMNZIrszpwm cXLWE3hfhtTnTg9dMDHb6ZGM6P0+LXm6IzCAmKYVU1hMg59YNeNl3ldRUW+YHbpj ed5eYRSpLUp3dcp2WXfPbIQsvOP61AwMs+rlOzVj/yrXK6hqoK41kGXw3ZhqPUsh Z+8lV4LAn0m4a85m9V6xNDJsyKseq/IRbocgLOolYyFiIroQsolMp4l+LZu4lLTK O9boCVKn6dNx2Q== -----END CERTIFICATE-----Generated at Sun Dec 21 11:13:19 2025 by rpki-client