This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft File: 2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json) Hash identifier: DU8aK0iTaQ/y002ND2Xy2QaA8zgvFhQ3lUsBI+W5Zbk= Subject key identifier: B1:9B:7B:F0:FD:11:D2:0D:A4:BB:2C:EF:0C:E1:4F:1E:A6:AF:92:0B Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 Certificate issuer: /CN=d86910b444de99fa81c393550c97e4a320bce812 Certificate serial: 019B51F318213A04B73B13FD6F7CE25B3FFE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft Manifest number: 0E9B Signing time: Wed 24 Dec 2025 20:00:44 +0000 Manifest this update: Wed 24 Dec 2025 20:00:44 +0000 Manifest next update: Thu 25 Dec 2025 20:00:44 +0000 Files and hashes: 1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: oFvSI1Hq5pgnIGAqzCw0qkYe4mgFlk5VRII8ApLEr40=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 20:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:f3:18:21:3a:04:b7:3b:13:fd:6f:7c:e2:5b:3f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812 Validity Not Before: Dec 24 20:00:44 2025 GMT Not After : Dec 25 20:00:44 2025 GMT Subject: CN=b19b7bf0fd11d20da4bb2cef0ce14f1ea6af920b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:5c:2c:f8:15:b9:8a:0c:b5:75:1d:ea:68:a6: 39:1c:4c:62:50:d0:68:83:67:d6:3a:e4:ed:0d:5e: f9:a2:a3:b2:33:03:79:8c:58:aa:74:b5:82:af:4f: 45:09:4f:b5:b9:1c:a0:18:0e:48:b5:c8:52:9f:47: 72:60:69:bc:ea:ea:30:f2:fb:8b:a9:62:bc:3a:e2: 9b:80:4e:95:f4:40:62:78:1b:83:2e:62:46:6c:0e: bd:5d:cc:0d:a4:35:dc:ec:64:17:be:33:22:c7:da: 15:2d:0a:5d:93:3a:81:76:0e:83:fd:9a:13:1c:93: cb:82:de:97:2f:fa:ff:82:e0:c9:c0:21:67:af:94: 85:a1:1b:6b:31:e6:eb:b8:67:28:68:63:98:39:5f: c4:e1:2b:3b:d3:80:6b:3f:14:0d:cc:b6:df:de:15: e6:af:c4:90:eb:e5:3e:3a:a3:cf:7f:0e:9c:ad:1f: 9f:89:98:87:cc:8a:23:f6:27:8b:2b:a6:4d:b2:4f: 23:ee:67:16:4c:23:57:39:2d:7a:f9:79:58:28:38: 68:0d:90:a8:11:29:3d:10:da:e0:63:8e:58:0f:22: aa:6e:0d:41:a0:c8:d7:9e:11:34:a9:75:aa:7b:42: b7:3d:66:07:5f:c6:ce:bd:63:3f:1b:00:40:66:81: 9e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:9B:7B:F0:FD:11:D2:0D:A4:BB:2C:EF:0C:E1:4F:1E:A6:AF:92:0B X509v3 Authority Key Identifier: keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:f0:45:78:5d:a2:ab:03:6d:e4:a6:7f:00:44:a2:7f:ca:43: ef:ef:2c:77:07:7d:0e:48:a8:5e:b2:28:eb:26:77:47:1f:fa: f7:66:5a:63:c1:92:9b:0a:d6:af:49:c6:f7:fb:eb:45:0f:f0: e5:c0:8a:83:8b:c2:0c:0b:29:48:49:75:6c:2a:12:38:c7:a4: 1b:c0:82:c5:ed:88:91:93:fd:74:49:56:6c:00:e0:7b:2a:23: 75:8b:7d:8f:9b:19:87:bb:fd:d4:c9:84:0b:ab:e0:d3:59:48: 54:6a:9a:89:ce:09:b1:49:c4:a3:d1:13:4b:63:a7:39:7a:3f: a2:1e:dd:fa:48:fb:d8:62:42:12:59:ab:a6:51:88:e8:cf:2a: 11:38:26:b5:f1:b6:c9:0d:d9:e2:c1:35:b3:18:90:dc:a8:a8: ca:0b:32:87:06:ba:a3:95:0d:b7:07:7e:68:28:26:d9:58:3a: 37:fe:c0:07:5c:5d:f5:6f:57:1a:28:33:78:46:ac:72:b5:c2: f1:ca:00:28:36:9d:95:c4:e9:98:40:2b:92:74:15:3f:2d:da: ae:dd:b3:4c:46:0e:9e:e9:09:55:0b:99:0d:8f:e6:00:eb:51: a1:8d:db:4c:91:3a:ec:73:cb:40:7e:24:c9:cd:79:37:c8:91: 46:e0:fc:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtR8xghOgS3OxP9b3ziWz/+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi Y2U4MTIwHhcNMjUxMjI0MjAwMDQ0WhcNMjUxMjI1MjAwMDQ0WjAzMTEwLwYDVQQD EyhiMTliN2JmMGZkMTFkMjBkYTRiYjJjZWYwY2UxNGYxZWE2YWY5MjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Vws+BW5igy1dR3qaKY5HExiUNBo g2fWOuTtDV75oqOyMwN5jFiqdLWCr09FCU+1uRygGA5ItchSn0dyYGm86uow8vuL qWK8OuKbgE6V9EBieBuDLmJGbA69XcwNpDXc7GQXvjMix9oVLQpdkzqBdg6D/ZoT HJPLgt6XL/r/guDJwCFnr5SFoRtrMebruGcoaGOYOV/E4Ss704BrPxQNzLbf3hXm r8SQ6+U+OqPPfw6crR+fiZiHzIoj9ieLK6ZNsk8j7mcWTCNXOS16+XlYKDhoDZCo ESk9ENrgY45YDyKqbg1BoMjXnhE0qXWqe0K3PWYHX8bOvWM/GwBAZoGeCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLGbe/D9EdINpLss7wzhTx6mr5ILMB8GA1UdIwQY MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfBFeF2i qwNt5KZ/AESif8pD7+8sdwd9DkioXrIo6yZ3Rx/692ZaY8GSmwrWr0nG9/vrRQ/w 5cCKg4vCDAspSEl1bCoSOMekG8CCxe2IkZP9dElWbADgeyojdYt9j5sZh7v91MmE C6vg01lIVGqaic4JsUnEo9ETS2OnOXo/oh7d+kj72GJCElmrplGI6M8qETgmtfG2 yQ3Z4sE1sxiQ3Kioygsyhwa6o5UNtwd+aCgm2Vg6N/7AB1xd9W9XGigzeEascrXC 8coAKDadlcTpmEArknQVPy3art2zTEYOnukJVQuZDY/mAOtRoY3bTJE67HPLQH4k yc15N8iRRuD8vw== -----END CERTIFICATE-----Generated at Thu Dec 25 05:14:08 2025 by rpki-client