This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft File: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft (raw, json) Hash identifier: TLKzq4bsIHnEpyTWLR2q7joE2fHuCiIVXNU8pbsXuP0= Subject key identifier: 93:86:E3:73:DA:B7:72:62:F6:CA:7F:E9:34:57:A2:0E:0C:88:15:9D Authority key identifier: 95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE Certificate issuer: /CN=951bb490e09df1467e4eec43d8f20484cee839fe Certificate serial: 019B5ABFCA05C83E84F915BB902A8CD258B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft Manifest number: 0C19 Signing time: Fri 26 Dec 2025 13:01:16 +0000 Manifest this update: Fri 26 Dec 2025 13:01:16 +0000 Manifest next update: Sat 27 Dec 2025 13:01:16 +0000 Files and hashes: 1: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl (hash: csjasTt7oqajcruM3XkVcHul8iDrSqsYdFo91tg49zQ=) 2: r2nr9uHWjEIdTibij9wAoHFt-FM.roa (hash: 9uPtC9m4AAQGXek/5tdGjDekJKVu5XPicOZ4ymE6WZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:ca:05:c8:3e:84:f9:15:bb:90:2a:8c:d2:58:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=951bb490e09df1467e4eec43d8f20484cee839fe Validity Not Before: Dec 26 13:01:16 2025 GMT Not After : Dec 27 13:01:16 2025 GMT Subject: CN=9386e373dab77262f6ca7fe93457a20e0c88159d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1b:6c:16:79:2e:b7:27:b5:3c:d3:f8:b0:90: ab:8e:b5:e2:3f:53:58:8e:ff:65:09:02:b1:6e:67: ce:58:78:fc:7a:d6:3f:de:da:90:bb:71:cd:ca:d5: fb:e8:b4:c3:87:7e:f1:a4:a3:0d:73:c1:d1:fa:42: fa:01:4b:fb:6c:f8:38:b7:55:a7:8d:2b:5b:25:f4: 7b:b7:e9:5c:13:b8:6f:4f:03:2a:19:a2:3a:3b:75: f1:a5:ca:e7:fd:ff:e6:9d:a7:bb:80:84:80:e0:5d: 84:e9:ea:41:f3:2f:30:db:ca:c5:ba:59:fe:15:d3: ef:7f:5b:5c:d6:a7:0d:ef:a7:b8:ca:38:3b:0c:6c: 4a:60:d4:9d:49:7f:fc:43:64:62:84:e4:cf:bb:82: 36:c8:ca:94:d5:ac:53:a0:94:cf:9e:8a:7d:5a:61: 11:26:a9:7d:b9:9c:00:f7:94:fe:90:cf:62:81:f6: 31:9e:99:f8:3c:4f:f4:48:07:ea:66:5f:19:ce:63: 4b:25:5d:bc:4a:77:f2:ac:96:2e:48:a8:ab:5f:2c: 84:27:03:3e:b1:5f:2b:9f:a2:86:09:43:4c:e4:aa: e4:78:df:b0:38:76:57:ba:f4:76:28:fc:09:70:13: b9:07:50:a4:18:f7:06:3c:0c:8c:5c:76:a0:64:26: 33:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:86:E3:73:DA:B7:72:62:F6:CA:7F:E9:34:57:A2:0E:0C:88:15:9D X509v3 Authority Key Identifier: keyid:95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:57:cf:bf:ac:2c:c4:4a:10:08:59:f7:69:37:4d:d9:da:4d: 20:ec:95:01:d6:69:94:f3:f8:8f:40:e8:7f:28:1d:53:62:7a: 4d:46:c6:0d:24:40:c6:38:c0:19:3a:db:28:b7:8c:ff:74:d4: 29:ea:1b:79:36:b3:d8:8a:de:ae:3d:54:4a:4c:34:c3:83:80: e5:83:f6:4f:4e:41:3c:d4:1b:91:98:c9:3f:13:be:59:85:f4: 4d:de:4f:b2:80:a0:17:a5:85:46:59:e4:21:ef:19:46:44:fc: 10:7e:0b:bd:c1:71:25:da:77:9e:9b:d4:38:d1:8e:2c:4a:0e: ca:ea:d3:39:66:35:d7:6f:4c:0f:c9:91:9e:0b:2e:c2:c6:d6: e3:b9:05:bc:09:39:e4:ff:8b:d4:53:f8:45:e3:8e:a7:f6:83: 71:b2:5c:1a:39:bf:a6:93:54:6d:3c:86:41:53:34:1f:7d:35: 30:a1:29:90:65:0e:c3:b5:0d:38:c6:7d:bf:82:27:6d:8a:1e: af:cb:4b:be:35:e3:e3:88:2a:3c:40:fd:fb:89:26:22:92:55: d8:c8:cb:69:0c:70:9c:88:d4:2d:68:3b:d0:a1:4e:5e:7a:c7: c3:e5:07:e9:72:46:88:8a:19:08:ca:a1:74:d1:c2:0e:d0:1e: 28:1e:29:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav8oFyD6E+RW7kCqM0li0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MWJiNDkwZTA5ZGYxNDY3ZTRlZWM0M2Q4ZjIwNDg0Y2Vl ODM5ZmUwHhcNMjUxMjI2MTMwMTE2WhcNMjUxMjI3MTMwMTE2WjAzMTEwLwYDVQQD Eyg5Mzg2ZTM3M2RhYjc3MjYyZjZjYTdmZTkzNDU3YTIwZTBjODgxNTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxtsFnkutye1PNP4sJCrjrXiP1NY jv9lCQKxbmfOWHj8etY/3tqQu3HNytX76LTDh37xpKMNc8HR+kL6AUv7bPg4t1Wn jStbJfR7t+lcE7hvTwMqGaI6O3Xxpcrn/f/mnae7gISA4F2E6epB8y8w28rFuln+ FdPvf1tc1qcN76e4yjg7DGxKYNSdSX/8Q2RihOTPu4I2yMqU1axToJTPnop9WmER Jql9uZwA95T+kM9igfYxnpn4PE/0SAfqZl8ZzmNLJV28SnfyrJYuSKirXyyEJwM+ sV8rn6KGCUNM5KrkeN+wOHZXuvR2KPwJcBO5B1CkGPcGPAyMXHagZCYzbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJOG43Pat3Ji9sp/6TRXog4MiBWdMB8GA1UdIwQY MBaAFJUbtJDgnfFGfk7sQ9jyBITO6Dn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTct MWRiNGVkMTMxYmMzLzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTctMWRiNGVkMTMxYmMz LzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFfPv6ws xEoQCFn3aTdN2dpNIOyVAdZplPP4j0DofygdU2J6TUbGDSRAxjjAGTrbKLeM/3TU KeobeTaz2Irerj1USkw0w4OA5YP2T05BPNQbkZjJPxO+WYX0Td5PsoCgF6WFRlnk Ie8ZRkT8EH4LvcFxJdp3npvUONGOLEoOyurTOWY1129MD8mRngsuwsbW47kFvAk5 5P+L1FP4ReOOp/aDcbJcGjm/ppNUbTyGQVM0H301MKEpkGUOw7UNOMZ9v4InbYoe r8tLvjXj44gqPED9+4kmIpJV2MjLaQxwnIjULWg70KFOXnrHw+UH6XJGiIoZCMqh dNHCDtAeKB4pRw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:05:25 2025 by rpki-client