This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft File: lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json) Hash identifier: yrSxYBMrQkt10rBZazHUD2nsw9TPDsGn5pNDD1yiPVU= Subject key identifier: DA:AB:D5:2F:4C:A3:31:AB:3D:EE:21:3A:97:47:BE:93:B9:E9:11:98 Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24 Certificate issuer: /CN=956e316c983804c2501ecc5abea53a2a83b57324 Certificate serial: 019B32D75CF1684381B8DF224CE9AFACE568 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft Manifest number: 1753 Signing time: Thu 18 Dec 2025 19:02:13 +0000 Manifest this update: Thu 18 Dec 2025 19:02:13 +0000 Manifest next update: Fri 19 Dec 2025 19:02:13 +0000 Files and hashes: 1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: JkveiZu2nAyQaqdLXgDjKsdRgxzhe5xFxzi9lcKN2kg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:5c:f1:68:43:81:b8:df:22:4c:e9:af:ac:e5:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324 Validity Not Before: Dec 18 19:02:13 2025 GMT Not After : Dec 19 19:02:13 2025 GMT Subject: CN=daabd52f4ca331ab3dee213a9747be93b9e91198 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:7f:db:1d:83:2b:ac:e6:82:63:b7:ed:e4:0b: dc:f5:73:77:7b:d1:81:76:06:c2:2f:4b:b8:ae:e7: 5c:40:e7:57:91:22:a6:43:bd:66:b0:91:c7:bf:f0: 23:09:09:f6:55:a8:d6:80:4e:dd:44:3f:7c:41:15: e1:02:6a:c3:a5:d1:dc:6d:07:e6:dc:1e:6c:93:12: 40:4d:10:65:0c:0c:d2:58:6e:66:31:fc:d7:09:0e: 98:6c:63:39:78:cb:9c:3a:e2:49:65:37:c3:5b:1e: ca:8e:95:bd:b8:b3:b9:4f:c2:52:09:f8:83:4e:2e: 07:91:16:ec:a8:9d:80:9e:c8:c7:92:cd:4a:95:27: b7:41:0d:46:9f:cb:e6:e1:db:2c:cb:15:7a:36:d5: 36:12:a9:4d:36:2e:d1:c4:91:6a:e9:1e:d7:e0:6e: 47:be:6b:03:3c:dd:a3:8d:56:e4:3c:a7:09:97:13: 2e:d0:98:87:6c:01:fc:80:94:8a:b4:13:09:8d:9e: 19:e4:ff:e0:0a:b8:bc:e0:cf:c2:48:64:f7:90:de: b8:da:eb:44:be:10:57:e5:5a:98:fd:48:be:79:96: 9c:42:43:8f:23:35:2f:3f:ce:cf:4c:43:d5:28:37: a4:2c:fe:cd:dd:68:ea:a6:1e:c2:38:28:5d:ae:d3: 9a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:AB:D5:2F:4C:A3:31:AB:3D:EE:21:3A:97:47:BE:93:B9:E9:11:98 X509v3 Authority Key Identifier: keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:4c:da:8d:11:73:57:f6:6f:07:cf:37:fd:2a:7c:27:00:45: bf:96:36:3a:96:23:97:e9:2c:14:0c:ac:79:bd:7a:2a:90:2c: 12:da:7f:84:35:5e:57:1e:a7:21:96:12:00:c2:cd:e8:d0:ec: cb:c9:b9:19:2b:27:ae:5b:3b:32:58:ca:36:40:5b:6b:58:40: 54:b3:fc:14:76:ee:c2:ac:7f:5c:cb:ec:22:65:46:11:77:25: 96:6c:0d:68:3e:e7:ee:70:a0:4d:a3:84:6d:55:bc:78:b4:23: 41:f0:34:29:42:70:45:77:71:f2:c8:8c:72:80:b3:ad:7d:3b: bc:88:9d:6b:b5:cf:1e:50:9f:49:2f:c3:50:96:58:3b:34:d8: 40:c9:8b:e6:b3:1a:d9:95:90:46:9a:4a:9b:d6:93:93:5d:a3: 18:08:3a:4b:f3:2b:bc:7b:3d:da:69:58:53:ea:8e:6c:d8:9a: 5e:ae:29:f2:d7:da:1a:74:51:5e:0d:4a:d4:b2:2f:53:0c:d3: 44:da:1d:ea:58:d3:6f:44:71:0c:20:c8:82:79:c4:a4:cc:9f: a7:1f:12:4f:4c:6f:80:f3:c8:f6:6a:49:4d:af:93:9d:96:17: e7:fb:df:0f:0b:8d:18:47:5f:d0:27:37:62:ac:a4:b9:97:9b: 71:05:35:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy11zxaEOBuN8iTOmvrOVoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi NTczMjQwHhcNMjUxMjE4MTkwMjEzWhcNMjUxMjE5MTkwMjEzWjAzMTEwLwYDVQQD EyhkYWFiZDUyZjRjYTMzMWFiM2RlZTIxM2E5NzQ3YmU5M2I5ZTkxMTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX/bHYMrrOaCY7ft5Avc9XN3e9GB dgbCL0u4rudcQOdXkSKmQ71msJHHv/AjCQn2VajWgE7dRD98QRXhAmrDpdHcbQfm 3B5skxJATRBlDAzSWG5mMfzXCQ6YbGM5eMucOuJJZTfDWx7KjpW9uLO5T8JSCfiD Ti4HkRbsqJ2AnsjHks1KlSe3QQ1Gn8vm4dssyxV6NtU2EqlNNi7RxJFq6R7X4G5H vmsDPN2jjVbkPKcJlxMu0JiHbAH8gJSKtBMJjZ4Z5P/gCri84M/CSGT3kN642utE vhBX5VqY/Ui+eZacQkOPIzUvP87PTEPVKDekLP7N3Wjqph7COChdrtOaPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNqr1S9MozGrPe4hOpdHvpO56RGYMB8GA1UdIwQY MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADUzajRFz V/ZvB883/Sp8JwBFv5Y2OpYjl+ksFAyseb16KpAsEtp/hDVeVx6nIZYSAMLN6NDs y8m5GSsnrls7MljKNkBba1hAVLP8FHbuwqx/XMvsImVGEXcllmwNaD7n7nCgTaOE bVW8eLQjQfA0KUJwRXdx8siMcoCzrX07vIida7XPHlCfSS/DUJZYOzTYQMmL5rMa 2ZWQRppKm9aTk12jGAg6S/MrvHs92mlYU+qObNiaXq4p8tfaGnRRXg1K1LIvUwzT RNod6ljTb0RxDCDIgnnEpMyfpx8ST0xvgPPI9mpJTa+TnZYX5/vfDwuNGEdf0Cc3 YqykuZebcQU1Eg== -----END CERTIFICATE-----Generated at Fri Dec 19 04:48:34 2025 by rpki-client