This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json) Hash identifier: ukPZHCZD+vGkV+lVXvFxjD4DZLEniC3AGo5D6JzqybA= Subject key identifier: 65:4F:43:DC:11:BE:D7:E6:94:E2:BA:7F:44:55:EC:CC:10:95:3C:28 Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Certificate serial: 019B38D7EE99A076F15784C6AA49875DE843 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft Manifest number: 0EBD Signing time: Fri 19 Dec 2025 23:00:33 +0000 Manifest this update: Fri 19 Dec 2025 23:00:33 +0000 Manifest next update: Sat 20 Dec 2025 23:00:33 +0000 Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=) 2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: o/Sp/XJfHaPTq6v8sMEzNT3s1JS+G1C/XYMbtfTjUIU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:d7:ee:99:a0:76:f1:57:84:c6:aa:49:87:5d:e8:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Validity Not Before: Dec 19 23:00:33 2025 GMT Not After : Dec 20 23:00:33 2025 GMT Subject: CN=654f43dc11bed7e694e2ba7f4455eccc10953c28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:17:ce:02:b7:8c:2d:fd:01:fc:e7:91:31:6e: 0b:fa:bf:cf:f5:f8:63:6c:89:a5:ba:c1:11:c9:86: e8:87:23:a7:5c:24:94:3c:f9:5b:19:e2:e9:a0:f0: 3c:ad:6c:93:02:27:23:b6:e5:f0:df:0c:12:d5:ef: fb:82:3e:c1:75:c6:a7:52:fa:8e:45:d0:f5:96:12: 87:31:42:bf:fb:47:9e:01:d1:40:24:e9:a5:50:60: 67:47:20:9b:70:b1:40:0b:5a:db:fe:19:ee:f6:39: d7:d5:58:3a:bb:9e:f4:00:b5:49:3f:1c:1c:5b:62: 6f:4d:a5:4e:ac:1f:a1:58:57:c8:f5:c1:e3:de:f4: ab:4c:9e:de:29:50:e7:dd:a4:df:d8:8e:11:40:b7: 47:e6:0d:0a:09:a4:12:37:96:bc:62:86:2e:9a:9d: 26:aa:31:92:36:05:bf:08:6b:d9:3c:b0:69:f6:fe: 47:ba:3c:f1:c2:06:18:43:3e:2a:04:6c:f9:b3:ae: 8a:5d:32:7a:6b:0a:15:24:9b:ea:3f:0e:11:12:19: 5b:6d:a3:cf:e4:d0:bd:f0:5a:49:9d:10:01:83:5f: 7f:59:52:43:b0:0c:99:7f:fd:5d:25:a9:40:20:40: 82:00:6b:d1:f1:55:9b:5f:cd:6d:4f:04:4e:7d:f2: 78:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4F:43:DC:11:BE:D7:E6:94:E2:BA:7F:44:55:EC:CC:10:95:3C:28 X509v3 Authority Key Identifier: keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:09:f1:0e:09:fd:c0:70:f4:7b:fe:87:0c:96:bf:f0:8a:28: 27:09:dc:4b:86:58:7e:b0:8c:0e:8a:f8:27:e5:ed:2b:92:b8: ea:50:23:1f:0e:50:b2:ef:65:1f:78:c6:f6:03:84:96:ac:74: 1a:56:98:c1:6d:9d:83:af:4d:fa:aa:4d:09:e3:49:62:70:dd: b7:02:f8:93:22:6f:13:09:3b:12:8f:92:9d:f4:5c:40:db:a8: 7b:c1:f5:c7:0d:b9:9f:84:5c:0a:03:7a:85:33:f7:22:78:01: 0f:d3:18:19:96:ac:ef:a3:97:06:8f:29:cf:a9:9e:58:fc:9b: f5:37:db:15:21:e6:ae:a6:f7:5f:e0:3a:e9:37:6d:f3:c0:c6: 00:6e:be:1c:c7:2b:c0:c0:1b:53:be:fe:d0:7e:d9:06:b9:01: e3:fe:72:4f:ca:55:6c:9b:33:ba:2a:18:01:f2:50:5f:2b:be: 08:ce:f5:fe:4d:51:75:b2:30:e0:9e:72:8e:0f:e3:93:f1:7f: 14:35:a1:85:58:ba:a1:f1:47:35:92:0c:17:f7:52:96:06:ab: 6d:da:d7:d5:cd:cc:af:ee:fa:8b:71:10:a1:08:76:c1:b0:9f: 28:61:8a:3b:0a:97:67:86:4d:cf:66:44:58:67:d0:6c:93:78: 49:42:e5:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs41+6ZoHbxV4TGqkmHXehDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj NWNkNjcwHhcNMjUxMjE5MjMwMDMzWhcNMjUxMjIwMjMwMDMzWjAzMTEwLwYDVQQD Eyg2NTRmNDNkYzExYmVkN2U2OTRlMmJhN2Y0NDU1ZWNjYzEwOTUzYzI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhfOAreMLf0B/OeRMW4L+r/P9fhj bImlusERyYbohyOnXCSUPPlbGeLpoPA8rWyTAicjtuXw3wwS1e/7gj7BdcanUvqO RdD1lhKHMUK/+0eeAdFAJOmlUGBnRyCbcLFAC1rb/hnu9jnX1Vg6u570ALVJPxwc W2JvTaVOrB+hWFfI9cHj3vSrTJ7eKVDn3aTf2I4RQLdH5g0KCaQSN5a8YoYump0m qjGSNgW/CGvZPLBp9v5HujzxwgYYQz4qBGz5s66KXTJ6awoVJJvqPw4REhlbbaPP 5NC98FpJnRABg19/WVJDsAyZf/1dJalAIECCAGvR8VWbX81tTwROffJ47QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGVPQ9wRvtfmlOK6f0RV7MwQlTwoMB8GA1UdIwQY MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAnxDgn9 wHD0e/6HDJa/8IooJwncS4ZYfrCMDor4J+XtK5K46lAjHw5Qsu9lH3jG9gOElqx0 GlaYwW2dg69N+qpNCeNJYnDdtwL4kyJvEwk7Eo+SnfRcQNuoe8H1xw25n4RcCgN6 hTP3IngBD9MYGZas76OXBo8pz6meWPyb9TfbFSHmrqb3X+A66Tdt88DGAG6+HMcr wMAbU77+0H7ZBrkB4/5yT8pVbJszuioYAfJQXyu+CM71/k1RdbIw4J5yjg/jk/F/ FDWhhVi6ofFHNZIMF/dSlgarbdrX1c3Mr+76i3EQoQh2wbCfKGGKOwqXZ4ZNz2ZE WGfQbJN4SULlpA== -----END CERTIFICATE-----Generated at Sat Dec 20 00:17:15 2025 by rpki-client