This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft File: 2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json) Hash identifier: kraVlv76zm2hC+Sxye9jYC6rr1acC0e3mB04Mcckl58= Subject key identifier: 2B:D4:73:E8:1C:25:F0:15:DA:E5:20:9A:2A:79:5C:B1:FC:ED:A7:47 Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5 Certificate issuer: /CN=da54c820ee5415432c68b013619275ff4c6e6ea5 Certificate serial: 019B68E8A3F8D744E98E2260E111F7BCE9C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft Manifest number: 0823 Signing time: Mon 29 Dec 2025 07:00:35 +0000 Manifest this update: Mon 29 Dec 2025 07:00:35 +0000 Manifest next update: Tue 30 Dec 2025 07:00:35 +0000 Files and hashes: 1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: IZgbcpTLPsuQotXkPOOnqzWbD+ibglAZy/tCq0Pjykw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 07:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e8:a3:f8:d7:44:e9:8e:22:60:e1:11:f7:bc:e9:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5 Validity Not Before: Dec 29 07:00:35 2025 GMT Not After : Dec 30 07:00:35 2025 GMT Subject: CN=2bd473e81c25f015dae5209a2a795cb1fceda747 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:36:bc:f1:38:95:75:ff:4c:62:90:78:de:da: d0:a0:4f:89:c1:4a:a1:38:a7:fc:4b:9d:51:59:74: b6:8a:84:91:99:91:a5:70:dc:bd:e2:ed:4b:9b:18: 80:29:ee:87:bc:c5:90:b8:78:6e:20:9a:1d:dc:29: d0:e1:06:c1:54:20:70:71:ac:33:2e:e4:b7:29:11: ff:af:b9:9e:0d:61:61:95:55:85:fa:60:5c:8d:84: 8c:e4:9a:0a:74:ec:b0:45:c9:1d:19:13:35:09:4b: bb:b0:5d:37:d2:7d:3a:6e:de:86:fb:15:f4:0e:67: 52:b6:e2:02:6d:2b:bd:74:ff:14:8f:95:03:0b:6a: af:f7:3a:20:67:31:00:17:18:f2:28:72:e4:8b:17: cd:9b:cf:52:98:86:17:88:be:c9:ec:f0:9a:f0:79: 74:37:a9:c0:e7:cf:65:70:20:14:7a:c9:49:6a:ec: e9:d4:da:84:43:d0:de:f8:43:8a:7a:9d:b1:c9:7f: a8:5d:2c:14:b9:07:52:21:ac:77:56:61:27:b1:9a: 6b:04:75:c0:e3:8e:01:07:09:fc:a9:06:c2:f5:07: 7d:1b:f5:26:65:57:cf:63:fa:dc:c3:1a:36:a4:61: 43:2b:b1:40:32:78:f7:73:9c:2d:98:f4:65:0d:ca: ad:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D4:73:E8:1C:25:F0:15:DA:E5:20:9A:2A:79:5C:B1:FC:ED:A7:47 X509v3 Authority Key Identifier: keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:0a:ed:65:ca:de:44:6c:59:f2:eb:d8:da:a1:e2:76:cb:64: 35:e1:e7:a5:db:7d:a8:53:f0:6b:78:05:2c:ed:05:12:2f:4e: 7b:c3:79:2a:9a:5f:eb:38:3c:86:15:be:0d:87:30:7f:c3:84: ed:78:67:e9:36:39:46:1a:9e:29:e2:3e:9b:26:25:ab:c0:7f: 11:7b:2e:75:49:a7:c7:6d:6e:bc:0e:db:28:b3:c6:23:a7:bf: f9:d6:86:68:2f:7f:bd:d9:22:3d:02:92:3f:3f:d5:99:28:b0: 23:4a:49:fd:54:e0:11:a4:a1:3f:02:92:7f:ca:cb:f2:20:7f: 20:c2:df:86:1b:b8:b1:7d:0c:5c:0b:d5:20:d2:b0:d6:1d:e6: 33:9d:bd:36:d4:f7:2a:57:56:5e:db:22:a6:cf:21:ef:92:93: a7:39:6e:96:77:f7:00:26:fa:63:06:59:ba:81:81:29:a1:2e: 64:6f:a5:7a:4b:f9:bc:4d:ba:9c:0d:89:d9:06:99:2d:c5:d8: 9a:ec:64:ec:33:13:98:93:b9:21:c5:b4:3e:1d:40:f4:cf:45: f8:dc:49:f2:cd:27:3b:17:0c:79:db:ea:58:98:bd:ae:21:81: ed:c6:98:dc:79:c6:d6:a4:ca:b2:bf:1e:64:eb:c4:d1:0c:30: 7a:a9:20:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6KP410TpjiJg4RH3vOnEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2 ZTZlYTUwHhcNMjUxMjI5MDcwMDM1WhcNMjUxMjMwMDcwMDM1WjAzMTEwLwYDVQQD EygyYmQ0NzNlODFjMjVmMDE1ZGFlNTIwOWEyYTc5NWNiMWZjZWRhNzQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3za88TiVdf9MYpB43trQoE+JwUqh OKf8S51RWXS2ioSRmZGlcNy94u1LmxiAKe6HvMWQuHhuIJod3CnQ4QbBVCBwcawz LuS3KRH/r7meDWFhlVWF+mBcjYSM5JoKdOywRckdGRM1CUu7sF030n06bt6G+xX0 DmdStuICbSu9dP8Uj5UDC2qv9zogZzEAFxjyKHLkixfNm89SmIYXiL7J7PCa8Hl0 N6nA589lcCAUeslJauzp1NqEQ9De+EOKep2xyX+oXSwUuQdSIax3VmEnsZprBHXA 444BBwn8qQbC9Qd9G/UmZVfPY/rcwxo2pGFDK7FAMnj3c5wtmPRlDcqtqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCvUc+gcJfAV2uUgmip5XLH87adHMB8GA1UdIwQY MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwrtZcre RGxZ8uvY2qHidstkNeHnpdt9qFPwa3gFLO0FEi9Oe8N5Kppf6zg8hhW+DYcwf8OE 7Xhn6TY5RhqeKeI+myYlq8B/EXsudUmnx21uvA7bKLPGI6e/+daGaC9/vdkiPQKS Pz/VmSiwI0pJ/VTgEaShPwKSf8rL8iB/IMLfhhu4sX0MXAvVINKw1h3mM529NtT3 KldWXtsips8h75KTpzlulnf3ACb6YwZZuoGBKaEuZG+lekv5vE26nA2J2QaZLcXY muxk7DMTmJO5IcW0Ph1A9M9F+NxJ8s0nOxcMedvqWJi9riGB7caY3HnG1qTKsr8e ZOvE0QwweqkgTw== -----END CERTIFICATE-----Generated at Mon Dec 29 14:41:42 2025 by rpki-client