This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft File: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json) Hash identifier: p5noWVdyNsDnugCrkXMlf9dOfCs3ivRP141L6+qComA= Subject key identifier: B9:02:6C:7C:CB:0A:65:43:8D:F4:4E:F9:D7:F5:63:E8:35:9A:59:16 Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 Certificate issuer: /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Certificate serial: 019B54862A10C04A0D51B47070C973E6C967 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft Manifest number: 059E Signing time: Thu 25 Dec 2025 08:00:37 +0000 Manifest this update: Thu 25 Dec 2025 08:00:37 +0000 Manifest next update: Fri 26 Dec 2025 08:00:37 +0000 Files and hashes: 1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: I1XFhfd/o3ISOjH5GpemrANc1srajChHRJJtI4c2QcU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 08:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:86:2a:10:c0:4a:0d:51:b4:70:70:c9:73:e6:c9:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753 Validity Not Before: Dec 25 08:00:37 2025 GMT Not After : Dec 26 08:00:37 2025 GMT Subject: CN=b9026c7ccb0a65438df44ef9d7f563e8359a5916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:79:66:5a:f8:30:3c:54:e3:11:c6:6f:82:3b: 51:ad:4f:28:c7:68:73:67:9e:5b:6d:47:90:3f:b2: a5:3d:3a:a4:3a:6f:3a:ce:2d:3f:9e:29:28:4b:44: 47:ea:71:a3:f3:98:9e:97:b5:88:0d:95:9e:f8:22: ea:b4:5f:01:f5:1f:60:b2:84:a5:32:a9:cb:93:ca: 2e:56:cb:b7:25:92:82:c1:74:74:77:de:30:e7:5d: 5f:c5:71:59:d7:dc:45:87:ee:d6:77:45:33:cd:f7: 53:38:f9:a2:d8:bc:03:0b:aa:50:27:bb:96:e9:ca: 8d:40:fc:c4:92:01:4e:52:b5:a9:9c:9d:53:62:59: 68:b9:12:68:40:09:5c:20:64:ea:7e:c7:71:d4:c2: d4:91:b0:fc:fa:14:a0:98:14:4c:bb:07:22:9e:61: 10:8d:ee:e4:da:cf:98:c8:67:b6:76:67:6b:22:a1: 06:24:af:fa:ec:12:32:b6:40:a6:c0:69:76:0e:95: 29:99:5b:52:11:e0:fb:55:dc:64:d3:65:10:3a:56: 3e:b7:d5:fb:3e:ea:da:9d:76:b6:6c:fe:9a:33:17: 73:4f:28:6a:91:f7:ae:60:35:f4:6d:ae:d9:d5:08: b3:49:e6:fd:64:50:c9:f5:e6:13:f8:79:aa:8b:47: 82:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:02:6C:7C:CB:0A:65:43:8D:F4:4E:F9:D7:F5:63:E8:35:9A:59:16 X509v3 Authority Key Identifier: keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:20:1f:98:81:47:9a:b2:68:81:80:df:88:7c:7e:60:5c:eb: b6:b4:2f:5b:67:c1:b0:f6:77:74:0a:36:51:2b:6e:8a:2e:e0: 77:0e:93:b1:6f:e9:4c:11:ec:97:b0:c7:6f:50:61:4d:5d:e9: 15:75:05:f3:77:59:e0:7c:ab:9c:76:49:e5:7d:fe:e2:dc:96: be:1e:33:30:15:e6:e0:ba:99:b7:37:49:80:cf:ec:ad:b9:74: ee:01:ef:3a:ff:65:51:9c:af:f9:36:d3:5c:bb:96:9c:ef:04: 19:02:2f:4e:50:71:69:20:ba:98:87:92:fe:9a:00:5b:cb:12: 28:44:ad:c7:8e:bd:87:a9:6a:72:8b:cf:11:60:54:8b:68:7f: da:03:7c:b4:ff:a1:ed:d0:ea:5a:a3:db:34:5a:42:86:8e:f2: 5a:f9:f3:81:be:42:06:86:4b:89:14:f5:fd:84:cd:b3:53:51: 68:32:4e:31:6c:12:03:e7:87:9b:d1:8c:07:f7:8a:fc:f6:30: 2c:d2:46:d0:d8:01:b4:40:8c:43:55:97:85:a5:55:22:ed:2b: 42:e3:94:61:8c:7e:e2:6a:29:ba:2e:09:27:71:08:8a:bc:b5: ae:f4:35:c1:78:35:e0:34:53:97:17:77:f7:4a:ea:8d:9d:e7: d1:23:3e:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUhioQwEoNUbRwcMlz5slnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0 ZDk3NTMwHhcNMjUxMjI1MDgwMDM3WhcNMjUxMjI2MDgwMDM3WjAzMTEwLwYDVQQD EyhiOTAyNmM3Y2NiMGE2NTQzOGRmNDRlZjlkN2Y1NjNlODM1OWE1OTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HlmWvgwPFTjEcZvgjtRrU8ox2hz Z55bbUeQP7KlPTqkOm86zi0/nikoS0RH6nGj85iel7WIDZWe+CLqtF8B9R9gsoSl MqnLk8ouVsu3JZKCwXR0d94w511fxXFZ19xFh+7Wd0UzzfdTOPmi2LwDC6pQJ7uW 6cqNQPzEkgFOUrWpnJ1TYllouRJoQAlcIGTqfsdx1MLUkbD8+hSgmBRMuwcinmEQ je7k2s+YyGe2dmdrIqEGJK/67BIytkCmwGl2DpUpmVtSEeD7Vdxk02UQOlY+t9X7 PuranXa2bP6aMxdzTyhqkfeuYDX0ba7Z1QizSeb9ZFDJ9eYT+Hmqi0eC1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLkCbHzLCmVDjfRO+df1Y+g1mlkWMB8GA1UdIwQY MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESAfmIFH mrJogYDfiHx+YFzrtrQvW2fBsPZ3dAo2UStuii7gdw6TsW/pTBHsl7DHb1BhTV3p FXUF83dZ4HyrnHZJ5X3+4tyWvh4zMBXm4LqZtzdJgM/srbl07gHvOv9lUZyv+TbT XLuWnO8EGQIvTlBxaSC6mIeS/poAW8sSKEStx469h6lqcovPEWBUi2h/2gN8tP+h 7dDqWqPbNFpCho7yWvnzgb5CBoZLiRT1/YTNs1NRaDJOMWwSA+eHm9GMB/eK/PYw LNJG0NgBtECMQ1WXhaVVIu0rQuOUYYx+4mopui4JJ3EIiry1rvQ1wXg14DRTlxd3 90rqjZ3n0SM+Iw== -----END CERTIFICATE-----Generated at Thu Dec 25 16:00:17 2025 by rpki-client