This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
File: 2dYxVsGDbxbDtDDv-7cqxpky6ps.mft (raw, json)
Hash identifier: 0e5zBbDiW0+S/xl99J7/6MmDq2D7RgtF3ZcFwMGQ0+g=
Subject key identifier: E1:4B:14:90:7C:C0:A9:C3:73:E4:38:0A:0F:DA:22:32:0E:90:4A:F3
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 019B3A21A9B533023C5EFF8091E7C8C1E977
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
Manifest number: 1402
Signing time: Sat 20 Dec 2025 05:00:43 +0000
Manifest this update: Sat 20 Dec 2025 05:00:43 +0000
Manifest next update: Sun 21 Dec 2025 05:00:43 +0000
Files and hashes: 1: 2dYxVsGDbxbDtDDv-7cqxpky6ps.crl (hash: /SQeR6ol0k77G+jT70K1nEB1gTNpfm6RGqcQ53VpXTg=)
2: Jfj9dSZw93m0LgWLC-5cHZtQPbI.roa (hash: oiCigciFJOGI1kCvszmmuaaLh0TPamcLgyxjc9J3FC4=)
3: bh26FSDEWHE7GM9y8WYKONSOSrY.roa (hash: Ila3oBxBNWBNEgBFCA9ys1NdnbH6OtXjqF11+XnaK9w=)
4: f_1g2Z_O5AiL3yW6mcyUEsXnVQ8.roa (hash: d0LuTF/iwiSUpGBh2NLV29ONLEQ7pXLVwvq/UHuDiNA=)
5: jRVI_eAINH0DHfSbrJ1Lb2a1J0M.roa (hash: 6aHi9LTwWzQ2J8HFQmZN9AhMvjpcOSiPnJAqVLKRvcg=)
6: m7iDzlCGf343P9LUMQ7CzCNMpq8.roa (hash: 25V4vL1hxRuT+EiKGjaMOxdCAH/Rao4IMyItMWn6Kn4=)
7: wuWM0Bqfn2DOTXAQfUUvKBidXpo.roa (hash: m6fPdbSddi0hJ1qwurB1jCC8tnof8GXCRJUIPf5vVWk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Dec 2025 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:3a:21:a9:b5:33:02:3c:5e:ff:80:91:e7:c8:c1:e9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Dec 20 05:00:43 2025 GMT
Not After : Dec 21 05:00:43 2025 GMT
Subject: CN=e14b14907cc0a9c373e4380a0fda22320e904af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:9d:7a:3e:6a:87:33:c7:d6:a0:d7:a5:65:
d4:56:7b:33:d4:70:62:e3:ed:64:eb:2c:12:50:7e:
45:62:2a:c4:93:4d:06:31:a6:7d:9b:f3:82:03:20:
75:b5:79:42:17:f4:5c:67:66:60:4f:a7:95:c6:54:
27:d9:31:a3:28:33:05:8e:b6:c8:73:56:06:ff:8a:
4c:20:69:58:1f:d7:70:a1:ce:86:d3:0d:f8:5e:0a:
4a:90:09:7d:b5:64:36:a6:8c:5c:05:09:7c:40:25:
5e:b3:84:c7:b5:d9:b9:49:0b:86:d9:65:a2:fb:ec:
fb:b6:0d:59:52:84:a7:27:9a:ae:e7:f1:dc:d3:ed:
5f:cd:94:ff:29:25:de:1c:a7:20:68:7d:ba:8f:ca:
14:95:d6:84:02:64:cb:ea:94:52:a7:64:f2:4b:23:
8f:40:df:cd:af:88:9b:9a:06:9c:43:a8:ee:c1:89:
fe:65:08:bc:c4:e4:a0:68:eb:c5:d3:18:83:4a:63:
1b:97:e4:ef:a6:c4:18:11:8f:e5:54:80:70:42:29:
e8:a0:4e:cb:6f:e7:fa:63:c4:a4:7f:d9:dc:b4:04:
d7:d9:b5:42:fe:46:37:bc:f5:4f:d1:f0:f8:63:55:
46:96:81:b0:47:78:79:7a:cd:95:6a:22:c0:7f:e9:
f9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4B:14:90:7C:C0:A9:C3:73:E4:38:0A:0F:DA:22:32:0E:90:4A:F3
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:94:7b:bc:9b:61:0e:a0:44:5c:c6:7f:61:ed:1e:6a:a2:4b:
7a:ba:91:55:5d:c6:20:dc:ed:fe:e4:b9:df:81:a4:7d:80:7b:
e3:15:38:00:8a:f6:ab:ca:02:c0:a6:e8:84:58:0c:62:10:33:
a2:4b:49:a8:31:2e:99:56:f2:b4:c4:ec:13:9a:26:1d:17:2e:
45:4f:e0:a4:48:79:85:a3:ae:a1:56:bf:45:48:57:70:6a:62:
39:05:e2:86:f1:78:f5:c6:38:48:41:18:09:7e:71:c6:3e:0a:
7e:6f:63:f0:eb:fa:de:e1:fd:b0:bf:1a:59:cd:3a:05:f4:b6:
d3:4c:6d:9f:c1:5e:21:a6:09:fc:8c:45:9b:cd:a9:2c:f7:ef:
a6:05:e7:c2:4c:ba:00:32:0f:30:24:a4:a5:0e:b0:a1:9f:05:
7a:09:54:2c:c4:a0:16:6e:ce:81:e4:e1:d4:2f:ef:2a:8c:d9:
71:b7:ce:27:e6:96:62:74:c9:21:e1:e7:4f:2e:85:c0:da:7d:
42:36:94:ac:07:93:78:a0:f2:c3:e2:b1:e9:53:fe:9a:8f:57:
32:a0:b1:4b:6b:c7:43:68:e3:84:df:fd:77:b8:11:87:e3:57:
f3:ab:86:fd:45:fc:d8:0e:ae:1c:16:59:55:72:5c:81:0d:c6:
72:12:06:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs6Iam1MwI8Xv+AkefIwel3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjUxMjIwMDUwMDQzWhcNMjUxMjIxMDUwMDQzWjAzMTEwLwYDVQQD
EyhlMTRiMTQ5MDdjYzBhOWMzNzNlNDM4MGEwZmRhMjIzMjBlOTA0YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcKdej5qhzPH1qDXpWXUVnsz1HBi
4+1k6ywSUH5FYirEk00GMaZ9m/OCAyB1tXlCF/RcZ2ZgT6eVxlQn2TGjKDMFjrbI
c1YG/4pMIGlYH9dwoc6G0w34XgpKkAl9tWQ2poxcBQl8QCVes4THtdm5SQuG2WWi
++z7tg1ZUoSnJ5qu5/Hc0+1fzZT/KSXeHKcgaH26j8oUldaEAmTL6pRSp2TySyOP
QN/Nr4ibmgacQ6juwYn+ZQi8xOSgaOvF0xiDSmMbl+TvpsQYEY/lVIBwQinooE7L
b+f6Y8Skf9nctATX2bVC/kY3vPVP0fD4Y1VGloGwR3h5es2VaiLAf+n5+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFLFJB8wKnDc+Q4Cg/aIjIOkErzMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZR7vJth
DqBEXMZ/Ye0eaqJLerqRVV3GINzt/uS534GkfYB74xU4AIr2q8oCwKbohFgMYhAz
oktJqDEumVbytMTsE5omHRcuRU/gpEh5haOuoVa/RUhXcGpiOQXihvF49cY4SEEY
CX5xxj4Kfm9j8Ov63uH9sL8aWc06BfS200xtn8FeIaYJ/IxFm82pLPfvpgXnwky6
ADIPMCSkpQ6woZ8FeglULMSgFm7OgeTh1C/vKozZcbfOJ+aWYnTJIeHnTy6FwNp9
QjaUrAeTeKDyw+Kx6VP+mo9XMqCxS2vHQ2jjhN/9d7gRh+NX86uG/UX82A6uHBZZ
VXJcgQ3GchIGyA==
-----END CERTIFICATE-----
Generated at Sat Dec 20 12:16:01 2025 by rpki-client