This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft File: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft (raw, json) Hash identifier: AfaxJ+gphXyEc+rnIFfPzub74sqtgUQBlOXopac1gpY= Subject key identifier: 8A:71:B6:B7:E9:72:73:0C:AD:5B:2A:15:83:1B:B8:59:DC:02:87:2D Authority key identifier: DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D Certificate issuer: /CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d Certificate serial: 019B4CCCCD358ED339353BF463321D39ED45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft Manifest number: 10A1 Signing time: Tue 23 Dec 2025 20:00:48 +0000 Manifest this update: Tue 23 Dec 2025 20:00:48 +0000 Manifest next update: Wed 24 Dec 2025 20:00:48 +0000 Files and hashes: 1: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl (hash: /uNRotvcEhxtPtTqdJfDDobTqLoqhsfw9EzNTIfzEpY=) 2: fvccoh-XRGUydolEQwVKUg__llM.roa (hash: MESTegxG3uX73jrknXUqcZY7a9Gll4oI6clWX78ISS8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:cc:cd:35:8e:d3:39:35:3b:f4:63:32:1d:39:ed:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d Validity Not Before: Dec 23 20:00:48 2025 GMT Not After : Dec 24 20:00:48 2025 GMT Subject: CN=8a71b6b7e972730cad5b2a15831bb859dc02872d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f8:89:eb:a4:f3:38:e6:db:cc:8a:dc:f8:6c: bd:39:3a:a2:15:e1:29:f2:65:eb:b9:a1:33:53:55: 05:76:46:91:5f:2b:f3:a2:fb:8d:41:ef:51:7f:3f: ad:a2:bb:ed:1d:04:d8:06:a0:e3:1b:2e:40:87:63: 3b:8c:22:21:64:7f:40:ac:42:0c:45:7a:b1:a9:de: 0b:d4:5d:38:3f:49:3e:d4:ea:0f:a7:b6:64:da:dc: dc:09:c8:b3:d1:ce:cb:87:77:93:41:f7:c6:e3:33: 0c:98:3b:2b:fb:47:71:04:dc:ef:5c:c9:e8:5a:7b: bc:ff:1e:de:ca:5d:1b:88:7d:a1:7d:48:f6:f8:a4: 59:32:c9:4b:e5:82:57:05:db:13:6b:0d:47:1b:a8: 81:3b:49:14:e2:bb:f8:2a:66:03:b9:4a:b6:1a:1e: 08:61:32:90:fb:fe:1e:8e:cb:9b:aa:58:d9:89:59: dd:93:d3:53:98:ff:15:2c:92:e9:a8:05:83:40:56: c2:cc:a4:90:6a:73:b6:d2:4c:4e:39:91:00:89:01: 7b:d6:e2:43:8e:ba:1c:4d:96:ea:85:25:0f:7d:9d: f7:68:64:75:b3:39:99:d3:f9:8f:d0:f2:4a:6b:ec: db:bf:3d:98:cd:c6:fd:fa:04:ec:83:e5:24:2d:63: 13:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:71:B6:B7:E9:72:73:0C:AD:5B:2A:15:83:1B:B8:59:DC:02:87:2D X509v3 Authority Key Identifier: keyid:DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:5f:f4:dc:79:4e:f3:18:47:3c:7f:17:a0:d6:fe:fc:3e:30: e1:3b:df:f2:bd:3b:2a:4b:5b:bf:9d:9a:34:c3:c5:41:d4:d8: cc:85:f8:dc:f1:a3:09:c5:db:d7:be:6b:5f:d3:97:b0:08:b8: fc:b4:ab:f5:ea:93:38:0a:f0:a4:3c:9d:f7:de:7b:3c:47:51: 35:24:29:2b:17:4d:41:90:4c:ef:4d:82:14:c7:d9:1d:53:a4: ad:b8:3a:a5:85:cd:e1:df:69:c4:c7:4a:79:d8:9a:0c:e9:7e: da:ca:7d:7f:52:55:cd:53:6d:92:72:de:1f:de:ff:ac:d0:25: 73:4d:8f:60:ba:f4:dc:c3:41:59:29:d8:21:c1:78:2a:0e:99: 14:5f:79:5e:18:4d:bf:46:21:0f:73:73:8c:71:be:6f:fb:2f: ad:a5:82:e8:60:c9:36:77:e0:db:d7:69:a5:53:ae:b6:78:c2: 08:b9:2f:6d:f0:21:6e:31:02:69:cf:8d:33:30:29:4e:b7:ff: 1b:7d:c8:f5:4c:2e:35:ad:23:b1:1e:9f:2f:84:34:0c:b7:63: dd:7a:ac:5f:07:35:73:52:d1:69:d4:ea:36:cc:91:a9:9a:a3: e3:1f:a6:10:9c:b2:61:6a:dc:f7:cd:5d:e4:ce:e4:b8:98:e2: 4d:c7:d8:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMzM01jtM5NTv0YzIdOe1FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOTBkMDRiZjU3ZmE0ODY4ZTY5OTk3YzgzYjNhZDc3MWZk NTBhOWQwHhcNMjUxMjIzMjAwMDQ4WhcNMjUxMjI0MjAwMDQ4WjAzMTEwLwYDVQQD Eyg4YTcxYjZiN2U5NzI3MzBjYWQ1YjJhMTU4MzFiYjg1OWRjMDI4NzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPiJ66TzOObbzIrc+Gy9OTqiFeEp 8mXruaEzU1UFdkaRXyvzovuNQe9Rfz+torvtHQTYBqDjGy5Ah2M7jCIhZH9ArEIM RXqxqd4L1F04P0k+1OoPp7Zk2tzcCciz0c7Lh3eTQffG4zMMmDsr+0dxBNzvXMno Wnu8/x7eyl0biH2hfUj2+KRZMslL5YJXBdsTaw1HG6iBO0kU4rv4KmYDuUq2Gh4I YTKQ+/4ejsubqljZiVndk9NTmP8VLJLpqAWDQFbCzKSQanO20kxOOZEAiQF71uJD jrocTZbqhSUPfZ33aGR1szmZ0/mP0PJKa+zbvz2Yzcb9+gTsg+UkLWMTAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIpxtrfpcnMMrVsqFYMbuFncAoctMB8GA1UdIwQY MBaAFNqQ0Ev1f6SGjmmZfIOzrXcf1QqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgt NTFhZDljMzgyYThkLzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgtNTFhZDljMzgyYThk LzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1/03HlO 8xhHPH8XoNb+/D4w4Tvf8r07Kktbv52aNMPFQdTYzIX43PGjCcXb175rX9OXsAi4 /LSr9eqTOArwpDyd9957PEdRNSQpKxdNQZBM702CFMfZHVOkrbg6pYXN4d9pxMdK ediaDOl+2sp9f1JVzVNtknLeH97/rNAlc02PYLr03MNBWSnYIcF4Kg6ZFF95XhhN v0YhD3NzjHG+b/svraWC6GDJNnfg29dppVOutnjCCLkvbfAhbjECac+NMzApTrf/ G33I9UwuNa0jsR6fL4Q0DLdj3XqsXwc1c1LRadTqNsyRqZqj4x+mEJyyYWrc981d 5M7kuJjiTcfYXQ== -----END CERTIFICATE-----Generated at Tue Dec 23 22:47:53 2025 by rpki-client