This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json) Hash identifier: Xzt08HbbW3Zo6/tGuRG+JEUmwWXkbSiNj2YdWcoUO+U= Subject key identifier: 23:51:E1:12:05:B4:04:B8:BD:B1:00:97:A8:18:55:76:7E:99:6D:49 Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Certificate serial: 019B0C6D14CAE90BC429989F6BE9D298E384 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft Manifest number: 0EA6 Signing time: Thu 11 Dec 2025 08:00:33 +0000 Manifest this update: Thu 11 Dec 2025 08:00:33 +0000 Manifest next update: Fri 12 Dec 2025 08:00:33 +0000 Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=) 2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: pzwimbJcQLW27cScBb6GRWZYPNRsRFPiyJ0yEI8gw7Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 08:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0c:6d:14:ca:e9:0b:c4:29:98:9f:6b:e9:d2:98:e3:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Validity Not Before: Dec 11 08:00:33 2025 GMT Not After : Dec 12 08:00:33 2025 GMT Subject: CN=2351e11205b404b8bdb10097a81855767e996d49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6f:2f:7e:ce:bd:20:df:c1:85:16:7b:82:7d: c7:69:39:46:a4:30:97:5e:44:a9:d9:e5:91:18:20: 33:5f:16:3b:56:1a:36:43:1a:38:06:8d:6f:cc:9c: 2a:34:9d:29:27:95:6d:22:8a:eb:19:db:e4:b7:91: b0:80:cc:67:c7:6a:78:cf:33:9f:84:97:a5:fc:07: 78:86:04:37:03:74:bf:53:e1:77:e8:c6:f0:39:e5: b7:f0:bb:bc:81:dd:1b:1e:82:03:2d:75:9e:ff:a7: d6:8d:b6:61:27:38:6b:29:17:08:50:08:f6:4b:d6: 53:69:c3:90:1d:7e:ae:62:14:07:c8:ab:af:45:0d: d6:21:11:5d:69:3a:7f:3a:62:6d:77:e9:be:70:88: 6e:4f:ee:c7:66:a0:46:31:1c:52:f5:53:d9:a8:5e: c2:89:ac:8d:b0:52:73:5f:5d:a6:63:d6:34:d9:68: a7:59:12:41:5c:46:f5:20:bb:88:93:8a:9a:5c:78: c0:e2:ff:c0:1f:3c:a1:7d:3e:e6:13:06:f9:b3:18: 86:27:32:36:ea:0d:eb:6c:25:81:a3:77:eb:a8:b1: 21:8a:37:89:5f:dd:25:46:6a:d9:00:62:1b:82:bb: 8f:f5:59:03:36:5c:2d:9d:eb:c0:44:83:7d:d8:f8: d9:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:51:E1:12:05:B4:04:B8:BD:B1:00:97:A8:18:55:76:7E:99:6D:49 X509v3 Authority Key Identifier: keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:a4:13:e4:11:36:38:55:01:dd:f9:96:7e:dd:79:06:1d:c5: ce:0f:05:22:4d:b6:cf:ed:83:e2:e2:b7:fe:2c:cf:0d:3a:4b: 87:e8:87:e6:0e:18:a3:c0:2f:2c:46:1c:1a:e8:54:2c:d3:1f: a2:5e:a1:7d:fb:06:b4:e0:b0:9c:1a:fb:e6:2b:06:90:eb:b1: 61:63:af:4d:e9:3a:58:63:02:87:9c:2e:48:0d:1c:29:c0:b7: fd:57:68:3d:67:84:11:27:a3:88:68:46:fc:c6:33:0f:32:49: b6:36:70:11:8a:57:c4:70:3b:d2:94:5d:10:1a:26:76:06:12: 7f:34:ee:15:5b:f2:10:5b:34:9f:c8:94:86:3f:cc:1e:a9:0f: 78:ca:4f:06:17:00:e8:f4:d4:95:f4:e1:78:ab:81:88:6c:2f: 90:85:fc:45:b1:da:f8:2c:0b:d7:0f:c1:4d:e7:1e:f5:1f:e3: 2a:c6:31:9d:b9:5e:56:f3:02:f2:75:35:b9:91:74:70:61:b2: ce:71:d1:0a:97:25:0c:e7:a4:4e:49:84:6c:d6:73:0f:81:05: 26:6a:f0:51:63:08:23:3c:27:70:99:c3:2f:aa:14:8b:2b:42: a9:97:f7:98:ae:d2:bd:c4:b7:fd:b9:24:10:56:5a:84:7f:92: 11:72:20:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsMbRTK6QvEKZifa+nSmOOEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj NWNkNjcwHhcNMjUxMjExMDgwMDMzWhcNMjUxMjEyMDgwMDMzWjAzMTEwLwYDVQQD EygyMzUxZTExMjA1YjQwNGI4YmRiMTAwOTdhODE4NTU3NjdlOTk2ZDQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom8vfs69IN/BhRZ7gn3HaTlGpDCX XkSp2eWRGCAzXxY7Vho2Qxo4Bo1vzJwqNJ0pJ5VtIorrGdvkt5GwgMxnx2p4zzOf hJel/Ad4hgQ3A3S/U+F36MbwOeW38Lu8gd0bHoIDLXWe/6fWjbZhJzhrKRcIUAj2 S9ZTacOQHX6uYhQHyKuvRQ3WIRFdaTp/OmJtd+m+cIhuT+7HZqBGMRxS9VPZqF7C iayNsFJzX12mY9Y02WinWRJBXEb1ILuIk4qaXHjA4v/AHzyhfT7mEwb5sxiGJzI2 6g3rbCWBo3frqLEhijeJX90lRmrZAGIbgruP9VkDNlwtnevARIN92PjZhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCNR4RIFtAS4vbEAl6gYVXZ+mW1JMB8GA1UdIwQY MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU6QT5BE2 OFUB3fmWft15Bh3Fzg8FIk22z+2D4uK3/izPDTpLh+iH5g4Yo8AvLEYcGuhULNMf ol6hffsGtOCwnBr75isGkOuxYWOvTek6WGMCh5wuSA0cKcC3/VdoPWeEESejiGhG /MYzDzJJtjZwEYpXxHA70pRdEBomdgYSfzTuFVvyEFs0n8iUhj/MHqkPeMpPBhcA 6PTUlfTheKuBiGwvkIX8RbHa+CwL1w/BTece9R/jKsYxnbleVvMC8nU1uZF0cGGy znHRCpclDOekTkmEbNZzD4EFJmrwUWMIIzwncJnDL6oUiytCqZf3mK7SvcS3/bkk EFZahH+SEXIgtA== -----END CERTIFICATE-----Generated at Thu Dec 11 15:11:16 2025 by rpki-client