This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json) Hash identifier: NcEohzS0K8wK7tnzvG25h7Y7PUSXQWlujfUFi0cJPyY= Subject key identifier: 84:FB:86:90:15:64:33:16:84:C8:CB:95:6E:91:3E:51:3E:8E:A7:69 Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a Certificate serial: 019B54BD4556D713AE1BB70D19B23E06436C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft Manifest number: 16C3 Signing time: Thu 25 Dec 2025 09:00:48 +0000 Manifest this update: Thu 25 Dec 2025 09:00:48 +0000 Manifest next update: Fri 26 Dec 2025 09:00:48 +0000 Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: 2B5c+EYXrl7bMNTvlvZs2JWaVPR79a8JL5p0lGG9RCk=) 2: 6R0wvkFPscZQ2uww-ZvwnaXh--0.roa (hash: wyiJ7rZP6x6kzeIfld1VjsLp4nIqzGhNhuxTGdTq1Ek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:bd:45:56:d7:13:ae:1b:b7:0d:19:b2:3e:06:43:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a Validity Not Before: Dec 25 09:00:48 2025 GMT Not After : Dec 26 09:00:48 2025 GMT Subject: CN=84fb86901564331684c8cb956e913e513e8ea769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:73:71:75:10:e1:fd:e3:8d:cb:b2:19:31:27: b3:e4:19:fc:ba:c8:66:a0:c9:f8:ff:a1:de:cd:e9: 8d:40:1b:56:f2:4b:4b:2b:19:0b:bc:3f:ce:0b:0a: b9:63:ec:ce:29:05:4b:a9:ae:3f:a5:bb:3e:44:cd: fa:87:16:83:99:7e:64:88:ef:ca:89:5a:a6:87:34: db:f7:13:f0:36:b6:b3:4d:6e:c4:7d:c7:20:cd:0f: f4:45:90:54:a3:44:75:13:37:2b:50:ce:70:ff:0a: 1c:4f:05:c1:05:62:fd:07:f9:fd:58:b0:6a:e6:e1: aa:34:a8:f4:ba:cd:a2:02:8f:96:ce:ac:97:7c:5e: 18:8b:80:ad:13:5f:2d:7b:6e:a2:76:6d:1f:20:f3: 9e:e8:c5:f5:89:9e:75:e3:58:be:b0:54:c7:bc:2a: 87:f9:b2:92:8c:78:64:23:e9:fe:43:aa:7c:d8:a2: c7:6b:50:4b:f7:46:2f:ad:45:c9:36:1a:78:a9:83: b2:64:25:9a:c3:1d:c3:1a:43:48:48:4e:3d:17:07: 18:f4:3b:b4:37:04:4f:92:a2:27:87:78:cc:f4:f0: 78:98:7b:fb:f3:2b:48:fc:aa:87:2e:69:4e:86:d4: 9f:49:1b:69:b8:97:8e:38:35:b7:30:82:68:1b:5a: a3:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:FB:86:90:15:64:33:16:84:C8:CB:95:6E:91:3E:51:3E:8E:A7:69 X509v3 Authority Key Identifier: keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c8:05:1b:c2:b4:a3:c3:df:22:bc:49:08:ad:35:cc:19:4d:18: 14:f1:cc:9e:d9:29:50:87:76:57:af:c9:28:35:30:8d:91:cb: 69:45:f5:e6:5a:13:26:da:f9:cc:e6:36:45:78:2e:c2:d7:bd: 3d:a2:f8:aa:4f:8f:b3:4d:a7:80:ee:d7:ff:d1:d1:1f:63:f2: ca:2f:ce:9e:3b:f5:4c:8d:14:1d:5e:83:69:f5:3f:d5:d8:e2: 3a:97:41:25:29:2d:da:45:d9:e6:18:48:8f:83:a3:6a:23:8e: 70:a8:1f:ef:06:c0:d8:29:e9:b8:80:3a:74:a9:30:6a:b7:23: e2:d0:71:94:a0:64:c6:45:06:a2:e6:94:3f:a5:64:6f:0a:66: dd:f7:c7:8b:16:48:b0:ca:df:47:a3:91:1d:d5:97:5d:c4:d5: fe:e0:cc:3f:a5:f7:7d:ae:ba:e9:fc:5b:42:af:38:ea:a8:69: 89:2c:3a:ae:57:7d:e7:2c:8b:16:18:db:1f:4d:77:ab:24:74: 73:d7:65:b8:b6:ae:25:0f:e3:74:c8:04:71:14:4e:43:cc:8d: 6c:4a:ed:a4:f2:55:bb:c3:8a:e3:cf:ce:35:ca:a6:e7:5d:c3: fd:6b:e2:61:07:ad:78:66:25:f4:41:58:6b:a9:64:e1:dc:5e: 43:90:ad:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUvUVW1xOuG7cNGbI+BkNsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk OTEzM2EwHhcNMjUxMjI1MDkwMDQ4WhcNMjUxMjI2MDkwMDQ4WjAzMTEwLwYDVQQD Eyg4NGZiODY5MDE1NjQzMzE2ODRjOGNiOTU2ZTkxM2U1MTNlOGVhNzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonNxdRDh/eONy7IZMSez5Bn8ushm oMn4/6HezemNQBtW8ktLKxkLvD/OCwq5Y+zOKQVLqa4/pbs+RM36hxaDmX5kiO/K iVqmhzTb9xPwNrazTW7EfccgzQ/0RZBUo0R1EzcrUM5w/wocTwXBBWL9B/n9WLBq 5uGqNKj0us2iAo+WzqyXfF4Yi4CtE18te26idm0fIPOe6MX1iZ5141i+sFTHvCqH +bKSjHhkI+n+Q6p82KLHa1BL90YvrUXJNhp4qYOyZCWawx3DGkNISE49FwcY9Du0 NwRPkqInh3jM9PB4mHv78ytI/KqHLmlOhtSfSRtpuJeOODW3MIJoG1qjXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIT7hpAVZDMWhMjLlW6RPlE+jqdpMB8GA1UdIwQY MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyAUbwrSj w98ivEkIrTXMGU0YFPHMntkpUId2V6/JKDUwjZHLaUX15loTJtr5zOY2RXguwte9 PaL4qk+Ps02ngO7X/9HRH2Pyyi/Onjv1TI0UHV6DafU/1djiOpdBJSkt2kXZ5hhI j4OjaiOOcKgf7wbA2CnpuIA6dKkwarcj4tBxlKBkxkUGouaUP6Vkbwpm3ffHixZI sMrfR6ORHdWXXcTV/uDMP6X3fa666fxbQq846qhpiSw6rld95yyLFhjbH013qyR0 c9dluLauJQ/jdMgEcRROQ8yNbErtpPJVu8OK48/ONcqm513D/WviYQeteGYl9EFY a6lk4dxeQ5CtHA== -----END CERTIFICATE-----Generated at Thu Dec 25 12:43:14 2025 by rpki-client