This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft File: 2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json) Hash identifier: GpaGwCkklG62HWy6ulK1DtcJVr6ou3IkDDKxMjlM7rI= Subject key identifier: 10:AC:DA:5C:78:B8:CF:EA:C4:59:55:53:44:78:05:70:77:B2:0F:8F Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 Certificate issuer: /CN=da1bf00824b628bf6263bb74de774addf9990fc9 Certificate serial: 019BB3957204D59B4AA57D323E398A710A7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft Manifest number: 1549 Signing time: Mon 12 Jan 2026 19:01:14 +0000 Manifest this update: Mon 12 Jan 2026 19:01:14 +0000 Manifest next update: Tue 13 Jan 2026 19:01:14 +0000 Files and hashes: 1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: FTbFSL+OI58pLTuvfkOo7noSxTvNZlh9za4B7EAGkQk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 16:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:95:72:04:d5:9b:4a:a5:7d:32:3e:39:8a:71:0a:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9 Validity Not Before: Jan 12 19:01:14 2026 GMT Not After : Jan 13 19:01:14 2026 GMT Subject: CN=10acda5c78b8cfeac45955534478057077b20f8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:cb:0b:cc:f5:35:6f:61:8f:85:cb:9b:92:a3: 53:91:90:47:b8:35:b0:14:16:5c:8e:73:97:41:bd: 4b:0b:60:1d:c2:68:f9:09:6d:39:e0:01:04:7b:c8: 5e:15:7d:ce:a3:14:d9:b9:bd:3d:cb:f9:10:38:cc: e4:5e:6a:bd:f4:92:41:b8:ca:84:1a:1d:74:18:d0: 2a:a5:68:78:fc:20:9c:2f:5c:f7:b4:1b:73:1c:5f: 61:bc:d6:9e:05:12:c5:84:b7:f7:70:37:5e:4b:b9: 18:c1:d1:68:09:c2:a0:15:b7:1e:6f:0a:f4:ec:70: 50:76:4e:2d:51:75:86:44:36:86:16:fe:b5:b6:b4: cb:fd:74:6a:a3:b6:3a:d0:64:47:be:c0:0c:c8:77: 3c:8c:84:7c:7c:1b:2d:20:3c:1f:15:e4:20:b2:24: 40:a7:ba:2e:6d:20:85:95:71:73:01:0e:e2:2c:b3: b2:15:36:b0:83:da:b0:0d:37:4c:9d:35:39:25:07: 6f:4d:99:af:87:13:e6:93:b2:e4:f1:a6:2c:d5:52: c9:f8:f2:f5:09:fd:a3:9b:31:0f:6e:3a:38:bd:a2: da:7e:57:62:3f:5f:03:92:55:09:ed:8a:18:5a:d6: 75:83:f5:e4:d0:3f:6a:cc:7f:2d:fa:8b:d1:7e:54: 7a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:AC:DA:5C:78:B8:CF:EA:C4:59:55:53:44:78:05:70:77:B2:0F:8F X509v3 Authority Key Identifier: keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:0a:59:90:6f:1e:1d:80:1e:2c:8b:f1:f0:18:e0:60:38:ae: cf:09:e5:97:fb:22:84:58:93:b3:51:b8:8c:75:72:b4:b2:88: fe:17:ed:eb:17:c0:fb:84:c6:56:b9:b0:ba:7e:78:e2:c8:4a: 6f:fe:44:86:51:79:60:94:0a:6b:e6:46:aa:4b:86:8f:2e:97: c0:23:76:3b:ed:eb:69:63:84:0f:29:be:94:78:67:8e:53:57: ec:c6:c5:30:bd:13:34:39:73:21:2d:43:e0:47:7a:d1:68:ce: 18:13:d6:40:2e:96:18:ec:53:42:c2:a7:6f:bb:ab:9a:44:9f: 9a:13:d3:fd:bd:3c:d8:92:1b:26:33:21:ca:27:f1:38:67:43: da:98:8f:2f:a6:32:9c:f5:fe:dc:88:57:23:73:46:94:76:2b: 8f:e3:3e:48:77:d5:31:06:04:f2:6a:8f:bd:1b:58:dd:62:26: 59:8d:74:c7:60:1f:53:db:2a:f6:20:93:13:9b:6e:35:0b:98: 4e:98:86:49:f8:2c:18:9f:80:87:36:26:6d:7c:f6:a7:d6:35: f0:9d:39:11:f8:a6:70:64:d8:f2:a0:98:c9:1c:9f:41:33:45: 5b:1a:1b:38:70:d3:ba:94:29:c0:fa:aa:23:de:a0:45:12:59: cc:0f:cd:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuzlXIE1ZtKpX0yPjmKcQp6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5 OTBmYzkwHhcNMjYwMTEyMTkwMTE0WhcNMjYwMTEzMTkwMTE0WjAzMTEwLwYDVQQD EygxMGFjZGE1Yzc4YjhjZmVhYzQ1OTU1NTM0NDc4MDU3MDc3YjIwZjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8sLzPU1b2GPhcubkqNTkZBHuDWw FBZcjnOXQb1LC2Adwmj5CW054AEEe8heFX3OoxTZub09y/kQOMzkXmq99JJBuMqE Gh10GNAqpWh4/CCcL1z3tBtzHF9hvNaeBRLFhLf3cDdeS7kYwdFoCcKgFbcebwr0 7HBQdk4tUXWGRDaGFv61trTL/XRqo7Y60GRHvsAMyHc8jIR8fBstIDwfFeQgsiRA p7oubSCFlXFzAQ7iLLOyFTawg9qwDTdMnTU5JQdvTZmvhxPmk7Lk8aYs1VLJ+PL1 Cf2jmzEPbjo4vaLafldiP18DklUJ7YoYWtZ1g/Xk0D9qzH8t+ovRflR6RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBCs2lx4uM/qxFlVU0R4BXB3sg+PMB8GA1UdIwQY MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABwpZkG8e HYAeLIvx8BjgYDiuzwnll/sihFiTs1G4jHVytLKI/hft6xfA+4TGVrmwun544shK b/5EhlF5YJQKa+ZGqkuGjy6XwCN2O+3raWOEDym+lHhnjlNX7MbFML0TNDlzIS1D 4Ed60WjOGBPWQC6WGOxTQsKnb7urmkSfmhPT/b082JIbJjMhyifxOGdD2piPL6Yy nPX+3IhXI3NGlHYrj+M+SHfVMQYE8mqPvRtY3WImWY10x2AfU9sq9iCTE5tuNQuY TpiGSfgsGJ+AhzYmbXz2p9Y18J05EfimcGTY8qCYyRyfQTNFWxobOHDTupQpwPqq I96gRRJZzA/NDw== -----END CERTIFICATE-----Generated at Mon Jan 12 23:26:47 2026 by rpki-client