This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.mft (raw, json) Hash identifier: cnaUXT/P/ripLLllHMqnAssPqzk3MGi8YtHcDjB1A6c= Subject key identifier: BF:12:D2:17:BE:C3:44:96:51:CA:2D:56:DD:1E:7C:D4:77:9D:04:B8 Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a Certificate serial: 019B3C7E970A58019706E5E4EA4FABA2C124 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft Manifest number: 1495 Signing time: Sat 20 Dec 2025 16:01:27 +0000 Manifest this update: Sat 20 Dec 2025 16:01:27 +0000 Manifest next update: Sun 21 Dec 2025 16:01:27 +0000 Files and hashes: 1: 2HGZiqFAq3wf8kDqsMkjWRPJboo.crl (hash: QYP+8NbNi7uVub8jL03/MkMXe23X22yxW2PYB+Q1IvQ=) 2: ogQz1j5jLQsKEpzhS2JSyEZnZ6I.roa (hash: B7xqxcI+bkCsaT71C5rhEWIjLfcjAKzC1lxv7kehuvo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:97:0a:58:01:97:06:e5:e4:ea:4f:ab:a2:c1:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a Validity Not Before: Dec 20 16:01:27 2025 GMT Not After : Dec 21 16:01:27 2025 GMT Subject: CN=bf12d217bec3449651ca2d56dd1e7cd4779d04b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:fe:89:0f:b1:fb:0c:33:5b:86:2e:39:2b:e6: 46:70:3c:61:d1:b6:cd:0a:89:60:be:02:3f:e7:94: 6c:de:bd:e6:ba:67:8f:52:ab:59:28:29:fe:13:47: 6f:2f:2a:14:0e:b7:5d:f7:08:fa:34:3b:8a:53:94: 34:71:01:16:04:95:9f:f1:56:89:ec:ea:07:4d:ba: 00:4a:bd:c8:38:07:39:d4:2d:c3:b0:43:21:2c:5a: cb:51:cc:23:9a:03:07:90:be:01:2d:48:31:e5:78: 23:77:56:5b:3f:32:41:f7:e0:6f:34:9e:36:85:32: 8a:91:b9:04:31:d1:69:fb:2a:24:e5:58:27:41:74: 81:59:4c:59:11:f1:9a:09:66:ec:58:b4:60:73:bc: 50:8f:73:d2:58:7e:13:e6:29:2e:96:c7:e6:d9:7d: fe:c8:c5:0d:fb:cc:d9:bb:6b:08:ff:f3:01:9b:b4: c8:2f:e2:5f:e9:fc:f0:0e:6b:f8:30:a8:95:79:07: 24:d4:9f:b8:0e:53:ab:0f:89:ea:0b:02:3a:ce:c2: d8:1f:d1:0a:4e:66:b8:26:a7:b9:d8:f0:59:8e:30: a2:6c:d7:80:f9:18:40:1b:80:8f:5d:cb:f4:d4:5a: cb:f2:cf:87:e3:37:19:a4:3b:ae:70:d3:83:dd:db: da:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:12:D2:17:BE:C3:44:96:51:CA:2D:56:DD:1E:7C:D4:77:9D:04:B8 X509v3 Authority Key Identifier: keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:bb:11:d7:3c:ae:12:05:e3:86:c3:90:ba:0d:12:ba:3f:90: 67:5c:51:b2:2e:03:76:22:44:ce:4c:8b:24:d4:cb:89:cf:7e: c5:60:1d:aa:ea:1b:e8:44:cd:c9:e5:e7:55:01:09:f2:9c:de: 05:be:9b:83:9b:ca:3e:21:a2:a3:1e:6a:ac:d8:38:13:82:89: d9:4f:f2:f8:a1:46:7a:05:1f:8d:85:ce:73:9f:ff:0e:f1:6d: fb:ef:90:18:8d:3e:ac:16:6d:7a:ce:61:1a:4d:91:17:0d:80: de:02:15:5a:1a:d2:08:96:38:43:24:5e:7b:19:b3:df:8a:03: 75:c2:c5:c0:e2:88:3c:65:6a:4d:80:aa:57:50:c9:ab:e2:86: 76:f3:34:ca:56:e1:6b:cd:c4:0f:c1:76:06:9e:60:dc:11:27: d1:85:f0:87:6b:ad:4f:53:9f:cb:49:9e:1f:25:11:99:81:e8: 80:fa:38:dd:27:10:7c:9d:58:e7:c9:c0:96:83:e8:b6:dc:ae: cf:79:fb:7e:19:30:25:f1:ed:6d:ed:6b:94:a9:4d:f5:77:79: 71:a8:90:d3:18:e6:77:7f:d9:d9:e8:31:a0:b4:90:b6:19:dc: 9c:79:0f:79:58:5e:ff:c3:13:28:2a:20:2c:5b:c2:a7:24:02: 05:40:36:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fpcKWAGXBuXk6k+rosEkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj OTZlOGEwHhcNMjUxMjIwMTYwMTI3WhcNMjUxMjIxMTYwMTI3WjAzMTEwLwYDVQQD EyhiZjEyZDIxN2JlYzM0NDk2NTFjYTJkNTZkZDFlN2NkNDc3OWQwNGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv6JD7H7DDNbhi45K+ZGcDxh0bbN ColgvgI/55Rs3r3mumePUqtZKCn+E0dvLyoUDrdd9wj6NDuKU5Q0cQEWBJWf8VaJ 7OoHTboASr3IOAc51C3DsEMhLFrLUcwjmgMHkL4BLUgx5Xgjd1ZbPzJB9+BvNJ42 hTKKkbkEMdFp+yok5VgnQXSBWUxZEfGaCWbsWLRgc7xQj3PSWH4T5ikulsfm2X3+ yMUN+8zZu2sI//MBm7TIL+Jf6fzwDmv4MKiVeQck1J+4DlOrD4nqCwI6zsLYH9EK Tma4Jqe52PBZjjCibNeA+RhAG4CPXcv01FrL8s+H4zcZpDuucNOD3dvahQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL8S0he+w0SWUcotVt0efNR3nQS4MB8GA1UdIwQY MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt NWEzNGU1MmIwYjEwLzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrsR1zyu EgXjhsOQug0Suj+QZ1xRsi4DdiJEzkyLJNTLic9+xWAdquob6ETNyeXnVQEJ8pze Bb6bg5vKPiGiox5qrNg4E4KJ2U/y+KFGegUfjYXOc5//DvFt+++QGI0+rBZtes5h Gk2RFw2A3gIVWhrSCJY4QyReexmz34oDdcLFwOKIPGVqTYCqV1DJq+KGdvM0ylbh a83ED8F2Bp5g3BEn0YXwh2utT1Ofy0meHyURmYHogPo43ScQfJ1Y58nAloPottyu z3n7fhkwJfHtbe1rlKlN9Xd5caiQ0xjmd3/Z2egxoLSQthncnHkPeVhe/8MTKCog LFvCpyQCBUA2HQ== -----END CERTIFICATE-----Generated at Sat Dec 20 20:45:55 2025 by rpki-client