This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft File: 2KzzS-KwTHzO8iIejR_LbKu0FZE.mft (raw, json) Hash identifier: NXPtD6DISrLydD7KOlzSPJhiZz1g5VlUqmL99hdLSEE= Subject key identifier: E0:72:2C:D9:17:6E:2A:5B:27:BF:33:C1:31:24:BB:F3:DA:BC:1E:6A Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91 Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591 Certificate serial: 019B4B4D06FB41312B2FD135E3DCA8F601C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft Manifest number: 1790 Signing time: Tue 23 Dec 2025 13:01:37 +0000 Manifest this update: Tue 23 Dec 2025 13:01:37 +0000 Manifest next update: Wed 24 Dec 2025 13:01:37 +0000 Files and hashes: 1: 2KzzS-KwTHzO8iIejR_LbKu0FZE.crl (hash: GaF7VfJyTI0HKtnB43JXKGpNBuzUGrH1NCAm+bkrIFg=) 2: tFYWfziNY6T1pgWT96la8X957p4.roa (hash: 08hpQSe8BwmYvsZjvFViF9kdWzrXeHJU+sA3OilF/oE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 13:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:4d:06:fb:41:31:2b:2f:d1:35:e3:dc:a8:f6:01:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591 Validity Not Before: Dec 23 13:01:37 2025 GMT Not After : Dec 24 13:01:37 2025 GMT Subject: CN=e0722cd9176e2a5b27bf33c13124bbf3dabc1e6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:55:71:21:e4:67:91:68:ad:fb:3d:ea:22:77: d7:80:11:b9:1d:19:05:7a:f3:14:4b:ae:39:09:78: ba:ae:a8:9a:a6:b4:14:aa:42:df:9c:4f:37:2c:b1: a2:9a:9e:d4:21:df:1e:df:d5:b4:45:aa:10:96:de: 46:9a:ab:f8:da:6e:c3:46:10:2b:0d:6e:ce:99:ac: b8:93:73:16:1e:b5:e4:57:1c:18:d2:e4:d6:e3:d3: 84:00:d3:29:c5:24:a4:a4:75:72:5e:63:e4:19:8f: 64:82:b1:38:d0:3c:12:ec:57:e1:9d:f2:33:7b:29: 18:30:7c:50:c4:cb:45:e4:e8:e9:60:e5:b7:fd:15: 82:e4:de:f9:f3:11:b2:4b:ab:56:68:78:3c:65:aa: 2c:fa:02:00:7f:3a:b1:59:f5:41:fd:11:51:45:43: 0c:50:a2:ab:95:ef:dd:18:f1:b2:2c:38:eb:ef:7a: 24:29:7b:55:b7:9f:9c:77:c2:07:39:ae:a8:f3:dd: 15:7a:20:72:b0:08:b1:36:0c:0b:e1:e8:05:e7:33: 76:8f:22:b2:11:06:f8:ad:35:c9:04:13:12:04:cb: d3:20:3f:0b:96:a0:9f:f3:e3:d4:ca:18:43:d6:7c: 16:80:11:4f:aa:b2:63:8d:3e:0b:b3:be:4a:37:2b: b6:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:72:2C:D9:17:6E:2A:5B:27:BF:33:C1:31:24:BB:F3:DA:BC:1E:6A X509v3 Authority Key Identifier: keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:48:d9:cd:f7:b2:b2:86:03:f0:71:8c:d9:ed:66:30:9e:8b: 6c:ce:7b:42:8d:4f:a5:b4:ba:f2:30:e0:96:b1:2d:99:93:30: d0:1f:b5:2a:c5:7f:b0:b3:e3:ca:73:a4:60:7d:eb:70:94:a9: c1:0f:0b:51:dc:76:0d:dc:05:30:86:f2:1c:8d:96:d1:9c:42: e2:4f:14:8e:ea:c6:d8:7c:0f:bd:e6:d9:83:b2:6f:4c:ec:9f: b8:82:8f:8a:39:48:f1:30:84:30:8a:17:f4:97:47:0f:4a:de: 94:6b:26:6f:24:a7:72:4a:4c:ad:69:59:8e:a6:54:fb:4f:31: cf:ad:b3:1e:fd:6b:1b:9d:2e:74:4f:7b:34:04:b5:73:b8:2e: 0f:35:14:91:6d:16:ec:58:57:eb:b7:44:11:9d:8b:3c:ce:3f: 05:57:ca:67:ad:b0:bc:73:0a:62:c2:54:ba:9a:ed:32:ce:1f: d2:17:d5:04:e7:bd:9b:ae:9c:7f:1c:62:ab:75:06:c6:8f:14: 7e:f0:44:25:4e:83:09:c7:99:78:a0:5e:48:e8:69:b4:fd:ee: fa:24:ac:23:30:2c:b6:f5:bf:1b:ca:6f:ab:ba:25:50:66:d1: 54:aa:59:dc:22:6e:38:d0:13:2c:13:c5:6b:d4:8f:cd:0c:cd: 1b:4d:88:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLTQb7QTErL9E149yo9gHCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YWNmMzRiZTJiMDRjN2NjZWYyMjIxZThkMWZjYjZjYWJi NDE1OTEwHhcNMjUxMjIzMTMwMTM3WhcNMjUxMjI0MTMwMTM3WjAzMTEwLwYDVQQD EyhlMDcyMmNkOTE3NmUyYTViMjdiZjMzYzEzMTI0YmJmM2RhYmMxZTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lVxIeRnkWit+z3qInfXgBG5HRkF evMUS645CXi6rqiaprQUqkLfnE83LLGimp7UId8e39W0RaoQlt5Gmqv42m7DRhAr DW7Omay4k3MWHrXkVxwY0uTW49OEANMpxSSkpHVyXmPkGY9kgrE40DwS7FfhnfIz eykYMHxQxMtF5OjpYOW3/RWC5N758xGyS6tWaHg8Zaos+gIAfzqxWfVB/RFRRUMM UKKrle/dGPGyLDjr73okKXtVt5+cd8IHOa6o890VeiBysAixNgwL4egF5zN2jyKy EQb4rTXJBBMSBMvTID8LlqCf8+PUyhhD1nwWgBFPqrJjjT4Ls75KNyu2bQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOByLNkXbipbJ78zwTEku/PavB5qMB8GA1UdIwQY MBaAFNis80visEx8zvIiHo0fy2yrtBWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjct NDRkNjRiOWRhNDU5LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjctNDRkNjRiOWRhNDU5 LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUjZzfey soYD8HGM2e1mMJ6LbM57Qo1PpbS68jDglrEtmZMw0B+1KsV/sLPjynOkYH3rcJSp wQ8LUdx2DdwFMIbyHI2W0ZxC4k8UjurG2HwPvebZg7JvTOyfuIKPijlI8TCEMIoX 9JdHD0relGsmbySnckpMrWlZjqZU+08xz62zHv1rG50udE97NAS1c7guDzUUkW0W 7FhX67dEEZ2LPM4/BVfKZ62wvHMKYsJUuprtMs4f0hfVBOe9m66cfxxiq3UGxo8U fvBEJU6DCceZeKBeSOhptP3u+iSsIzAstvW/G8pvq7olUGbRVKpZ3CJuONATLBPF a9SPzQzNG02IKA== -----END CERTIFICATE-----Generated at Tue Dec 23 22:15:28 2025 by rpki-client