This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json) Hash identifier: IPu38wqbeHdQBFZsCVVvqbqkaJKtcLOmIvYYZjHzLhQ= Subject key identifier: 27:31:FB:0A:B0:6E:97:8A:E5:A0:67:1D:DC:14:DE:32:81:E7:EA:88 Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05 Certificate serial: 019B3AFD614CE467328671BB06B0770B9185 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft Manifest number: 0F3B Signing time: Sat 20 Dec 2025 09:00:42 +0000 Manifest this update: Sat 20 Dec 2025 09:00:42 +0000 Manifest next update: Sun 21 Dec 2025 09:00:42 +0000 Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: HDIXlMUYV1u21i1smlxCtYGeGvXziXZN+GOurHouU8A=) 2: anoG2QxpBajiR81r5Nnqj0baENo.roa (hash: KO9yPbtejqfpWJpsarLnmq3okmJ48dSkW7G2+vLUOFY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:61:4c:e4:67:32:86:71:bb:06:b0:77:0b:91:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05 Validity Not Before: Dec 20 09:00:42 2025 GMT Not After : Dec 21 09:00:42 2025 GMT Subject: CN=2731fb0ab06e978ae5a0671ddc14de3281e7ea88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:17:65:42:91:99:9d:01:64:a0:60:fb:1c:c0: 2c:8a:42:19:15:e1:0b:e4:f3:dd:54:09:20:8c:2a: e2:f2:d4:d6:dc:38:51:a0:b3:65:36:82:72:15:f9: e0:35:cf:03:34:84:f4:31:a0:e3:31:15:10:fb:fd: 50:43:65:fd:76:96:b9:12:45:51:2a:71:58:02:80: 1a:b9:db:85:2b:d9:9c:0f:3f:6a:c7:d0:3b:bc:eb: e8:a8:a8:1d:6f:f5:00:4c:30:21:0d:ac:ea:32:6c: b0:37:62:b7:c5:b8:1b:ff:9a:24:6d:e6:0d:79:b2: 7c:cf:5d:f3:fc:61:4b:c4:28:a3:4f:3c:42:d1:e0: ac:3b:34:d2:3f:5d:26:a0:bb:f3:aa:2d:b2:3b:b9: c1:2a:5d:63:8b:0c:4a:14:af:93:20:26:af:b8:e9: dc:ae:92:b0:2c:93:ea:4c:af:f2:c6:ee:0d:0e:68: 05:58:c3:2b:e4:2d:43:61:d6:59:46:3b:e9:38:28: 3a:1f:24:65:a5:6a:09:b3:26:cd:93:d7:c4:81:80: 93:36:53:47:61:fb:59:bd:a5:63:f7:58:1b:56:08: 40:77:4e:9f:1b:a7:cc:4e:29:29:cf:29:1c:48:5c: e8:92:34:03:97:6d:7f:f6:a8:ab:cb:33:05:73:3e: 51:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:31:FB:0A:B0:6E:97:8A:E5:A0:67:1D:DC:14:DE:32:81:E7:EA:88 X509v3 Authority Key Identifier: keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:0c:bb:c2:8c:0e:12:23:72:71:5c:b1:86:f5:61:a3:3a:ac: 5e:9c:f8:42:21:a9:80:12:26:f7:83:c3:96:8f:0d:db:eb:f2: 9e:78:37:45:cc:43:01:a8:69:fc:19:81:38:92:ac:4e:51:f2: 83:1a:66:b6:f0:9f:e8:77:ae:e3:e0:38:79:ee:d0:74:56:8d: af:c7:71:2b:75:10:2a:b7:ca:56:a1:eb:04:e5:29:f2:bf:02: 0f:af:03:5d:24:c3:c8:c2:1b:c5:88:91:6f:50:56:f5:db:81: c4:83:f2:90:88:5b:fd:2e:e5:f3:84:a2:bc:21:6c:bf:bc:28: db:77:2a:fb:f5:92:cb:6e:10:4b:d3:ed:af:f1:f7:3e:a1:d3: ce:ca:65:2e:41:0f:01:a5:b3:1c:72:91:ec:1a:a6:56:10:30: b1:79:b6:3e:3b:ba:e8:50:d0:06:92:18:03:d1:56:58:88:e1: 87:42:c4:6b:4e:b4:eb:58:b6:b7:68:07:b5:25:9c:76:51:12: da:d0:57:68:00:ad:11:9e:c6:23:c1:0a:05:32:c6:ba:01:65: dc:fa:cd:f8:13:d3:03:5b:19:21:b0:2f:c0:f9:4c:27:74:a4: d8:52:48:29:af:b7:50:f1:af:fe:b1:14:81:49:02:17:44:04: 6e:d0:13:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/WFM5GcyhnG7BrB3C5GFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz MzNhMDUwHhcNMjUxMjIwMDkwMDQyWhcNMjUxMjIxMDkwMDQyWjAzMTEwLwYDVQQD EygyNzMxZmIwYWIwNmU5NzhhZTVhMDY3MWRkYzE0ZGUzMjgxZTdlYTg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRdlQpGZnQFkoGD7HMAsikIZFeEL 5PPdVAkgjCri8tTW3DhRoLNlNoJyFfngNc8DNIT0MaDjMRUQ+/1QQ2X9dpa5EkVR KnFYAoAauduFK9mcDz9qx9A7vOvoqKgdb/UATDAhDazqMmywN2K3xbgb/5okbeYN ebJ8z13z/GFLxCijTzxC0eCsOzTSP10moLvzqi2yO7nBKl1jiwxKFK+TICavuOnc rpKwLJPqTK/yxu4NDmgFWMMr5C1DYdZZRjvpOCg6HyRlpWoJsybNk9fEgYCTNlNH YftZvaVj91gbVghAd06fG6fMTikpzykcSFzokjQDl21/9qiryzMFcz5R0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCcx+wqwbpeK5aBnHdwU3jKB5+qIMB8GA1UdIwQY MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsQy7wowO EiNycVyxhvVhozqsXpz4QiGpgBIm94PDlo8N2+vynng3RcxDAahp/BmBOJKsTlHy gxpmtvCf6Heu4+A4ee7QdFaNr8dxK3UQKrfKVqHrBOUp8r8CD68DXSTDyMIbxYiR b1BW9duBxIPykIhb/S7l84SivCFsv7wo23cq+/WSy24QS9Ptr/H3PqHTzsplLkEP AaWzHHKR7BqmVhAwsXm2Pju66FDQBpIYA9FWWIjhh0LEa06061i2t2gHtSWcdlES 2tBXaACtEZ7GI8EKBTLGugFl3PrN+BPTA1sZIbAvwPlMJ3Sk2FJIKa+3UPGv/rEU gUkCF0QEbtATDg== -----END CERTIFICATE-----Generated at Sat Dec 20 13:55:24 2025 by rpki-client