This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft File: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft (raw, json) Hash identifier: NEmV8MG85Byvz8+i+1t7GC8DtNpz3g7bpXswK4gP2mc= Subject key identifier: FB:95:44:13:B6:4B:44:74:C3:8A:B7:D2:B3:3D:B8:47:74:54:78:91 Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32 Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932 Certificate serial: 019B4582347D69F62ECA0376B01E42E6F42F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft Manifest number: 0265 Signing time: Mon 22 Dec 2025 10:01:59 +0000 Manifest this update: Mon 22 Dec 2025 10:01:59 +0000 Manifest next update: Tue 23 Dec 2025 10:01:59 +0000 Files and hashes: 1: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl (hash: n/1iT3d8lH43faAOGG2EKh39uPD/9TAARVKygVMi5Xo=) 2: HVaoDMotksZf76Ju74TL_0gQqQw.roa (hash: 6Wt6s6Ldu4cKxpBhxwlW4dbeWtmB6JUQE70sEXR7L0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:82:34:7d:69:f6:2e:ca:03:76:b0:1e:42:e6:f4:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d97a77930122879a766470df8d660c98442a9932 Validity Not Before: Dec 22 10:01:59 2025 GMT Not After : Dec 23 10:01:59 2025 GMT Subject: CN=fb954413b64b4474c38ab7d2b33db84774547891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:70:a1:9e:03:7e:58:ef:43:3c:ca:d5:3c:5b: 18:fe:77:dd:7e:c3:b6:8d:54:de:91:52:e5:89:9e: 7f:2f:04:a9:ee:16:6f:b2:ae:4c:e9:6d:77:27:7e: b8:b7:69:46:54:2c:72:de:58:a9:fe:5c:0f:92:c5: 29:a7:da:49:ff:f9:2b:63:58:f9:fd:49:6b:05:d2: d5:5d:14:9c:cf:e6:b1:ea:ed:01:f7:ac:58:d1:9e: af:24:1e:2c:ca:da:d4:4f:d4:42:b9:bf:fd:62:a8: bc:c3:d7:e1:06:4a:14:53:e2:42:fd:e6:2d:58:d3: 82:92:c8:61:6b:df:c5:52:6a:4f:8f:f7:10:50:cc: f3:72:1d:ca:a2:03:2c:55:fb:6f:82:ca:91:9b:cd: 11:79:a2:e3:5c:1e:c7:ed:27:40:77:21:91:1f:ea: 41:4c:d3:64:e1:42:57:af:91:0c:1c:52:ca:db:ec: 5f:c4:06:5e:ee:fd:d8:82:97:b6:5d:e4:a0:de:f1: b2:cb:5f:57:45:fa:43:06:ee:09:d5:ec:56:cb:2b: 8e:1e:ee:6c:9c:7e:55:f8:bf:87:e0:65:62:e3:46: f4:ed:f2:b0:5f:f0:7e:fa:10:ba:29:47:42:34:34: 53:31:28:9f:cd:a8:46:cd:90:b9:ff:cf:69:23:3e: 84:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:95:44:13:B6:4B:44:74:C3:8A:B7:D2:B3:3D:B8:47:74:54:78:91 X509v3 Authority Key Identifier: keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:b3:81:a6:50:70:63:39:ee:c7:a1:f9:75:d8:00:9d:73:4f: 2e:63:66:ea:ea:45:84:21:10:a3:a6:f3:f5:d2:c7:49:aa:00: 7f:b0:8e:3f:9a:8e:55:bf:1f:92:b7:04:0c:17:f3:3b:84:b1: db:b9:2c:13:64:64:ed:16:62:95:ff:b9:24:a7:25:9f:0f:9e: b0:91:bc:7c:88:2a:84:17:b5:be:c0:b2:b6:ba:2d:17:14:27: 03:84:50:61:11:b8:8e:97:a9:4e:9c:b6:77:0a:fd:95:fb:05: 34:c3:72:ac:d4:b9:9b:50:6d:d2:a1:48:7f:3a:98:3b:54:d2: 37:3d:06:a5:f0:fd:d6:09:e8:67:ba:f5:b0:a2:20:ba:04:5f: 15:57:5a:92:c9:a1:f9:6c:a6:14:a7:56:ec:ac:45:c1:9c:12: 63:00:07:31:6f:c5:2d:84:d4:d1:68:d3:6c:99:c8:48:b1:10: 59:c3:ec:59:7d:3a:c0:b8:19:ca:fe:97:7d:66:43:65:e7:dc: 5c:10:57:20:73:2d:5e:d2:e4:39:61:77:29:1d:70:f0:dd:7c: 49:10:b3:69:94:ee:9d:09:40:99:10:bf:f6:68:78:e1:c3:2e: 2b:fb:ba:c7:eb:69:56:79:4a:8d:f5:d5:6c:32:ac:2f:ec:8f: 64:b2:3e:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFgjR9afYuygN2sB5C5vQvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy YTk5MzIwHhcNMjUxMjIyMTAwMTU5WhcNMjUxMjIzMTAwMTU5WjAzMTEwLwYDVQQD EyhmYjk1NDQxM2I2NGI0NDc0YzM4YWI3ZDJiMzNkYjg0Nzc0NTQ3ODkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnChngN+WO9DPMrVPFsY/nfdfsO2 jVTekVLliZ5/LwSp7hZvsq5M6W13J364t2lGVCxy3lip/lwPksUpp9pJ//krY1j5 /UlrBdLVXRScz+ax6u0B96xY0Z6vJB4sytrUT9RCub/9Yqi8w9fhBkoUU+JC/eYt WNOCkshha9/FUmpPj/cQUMzzch3KogMsVftvgsqRm80ReaLjXB7H7SdAdyGRH+pB TNNk4UJXr5EMHFLK2+xfxAZe7v3Ygpe2XeSg3vGyy19XRfpDBu4J1exWyyuOHu5s nH5V+L+H4GVi40b07fKwX/B++hC6KUdCNDRTMSifzahGzZC5/89pIz6EzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPuVRBO2S0R0w4q30rM9uEd0VHiRMB8GA1UdIwQY MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt Y2Q0NTlhNjU3MjFiLzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbOBplBw Yznux6H5ddgAnXNPLmNm6upFhCEQo6bz9dLHSaoAf7COP5qOVb8fkrcEDBfzO4Sx 27ksE2Rk7RZilf+5JKclnw+esJG8fIgqhBe1vsCytrotFxQnA4RQYRG4jpepTpy2 dwr9lfsFNMNyrNS5m1Bt0qFIfzqYO1TSNz0GpfD91gnoZ7r1sKIgugRfFVdaksmh +WymFKdW7KxFwZwSYwAHMW/FLYTU0WjTbJnISLEQWcPsWX06wLgZyv6XfWZDZefc XBBXIHMtXtLkOWF3KR1w8N18SRCzaZTunQlAmRC/9mh44cMuK/u6x+tpVnlKjfXV bDKsL+yPZLI+uA== -----END CERTIFICATE-----Generated at Mon Dec 22 17:30:57 2025 by rpki-client