This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json) Hash identifier: U/LKM1dY2STMf1RAJFuOpPStSD0YzpbCy/YUkbLoEdc= Subject key identifier: 88:2D:60:85:47:B3:3B:FB:30:59:A7:38:F1:2E:5B:BE:B7:95:FF:4C Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13 Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713 Certificate serial: 019B1E740DCCA6B9AD8804B972F1D24D481F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft Manifest number: 1779 Signing time: Sun 14 Dec 2025 20:01:20 +0000 Manifest this update: Sun 14 Dec 2025 20:01:20 +0000 Manifest next update: Mon 15 Dec 2025 20:01:20 +0000 Files and hashes: 1: bdAF9viIHB5V5FhTALS-owQhcks.roa (hash: lPv9YsuyVHwxqfP/RRJpZeMDZjwRG/d34AhteS5V7Ew=) 2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: D5QrBnjxesrdsglQoRZLBx+4zo5HDdNZ8SJkOm4an6w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 20:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:74:0d:cc:a6:b9:ad:88:04:b9:72:f1:d2:4d:48:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94d161593da815cac58d3479652d048480d26713 Validity Not Before: Dec 14 20:01:20 2025 GMT Not After : Dec 15 20:01:20 2025 GMT Subject: CN=882d608547b33bfb3059a738f12e5bbeb795ff4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:10:dd:e8:99:91:05:fc:28:dc:44:94:b4:e6: cf:39:c3:0a:da:6a:68:cc:01:27:5b:c8:cf:75:9c: 47:93:15:ac:e4:c9:78:e6:19:d7:c6:6d:e3:53:97: 87:d9:4b:2d:b1:02:c2:7b:47:de:d9:e1:e6:f3:41: 8a:19:97:e5:f4:3b:ce:98:f1:78:73:5a:c4:e0:35: 69:ae:89:53:26:e2:2d:b6:f2:d0:c5:05:00:fa:b8: cd:cb:26:f2:68:0b:ff:db:99:93:4d:97:6b:0c:1b: 4a:dc:7e:8a:2c:9f:56:50:15:10:71:a7:3a:ff:07: 4a:3e:1e:85:67:e1:50:95:10:84:98:46:18:f4:59: 29:a8:00:63:59:33:0b:04:da:b2:87:d0:f5:5e:d7: 99:24:fc:b4:4f:73:88:6b:95:e8:7a:e4:05:b8:bb: 88:f1:da:be:dd:cb:b5:b4:8e:26:1c:c1:00:76:53: 58:5b:49:8a:52:27:2c:de:9b:7e:d2:63:21:1f:a4: 0e:40:3c:cb:3a:c3:d0:1e:4d:ee:a5:fc:15:ee:89: de:60:fa:e2:70:23:ef:15:87:56:ba:78:fa:6a:5f: 47:aa:28:b7:c8:82:d0:dc:f5:ef:fe:ff:51:a6:55: 96:f8:16:ee:f0:ba:5d:69:29:78:b8:25:b7:2e:c2: fb:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:2D:60:85:47:B3:3B:FB:30:59:A7:38:F1:2E:5B:BE:B7:95:FF:4C X509v3 Authority Key Identifier: keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:42:27:72:18:12:f6:5c:56:63:10:ca:98:14:03:ff:ed:aa: 2c:e8:c8:91:b8:b4:52:fc:db:1e:b7:cf:17:d4:ac:bc:2e:75: 1e:c0:9a:3a:8b:e1:d7:93:f5:14:99:f7:93:cd:3f:db:fc:ec: 83:22:2b:66:51:ab:ba:a8:1b:91:88:46:d6:34:14:4b:4c:dc: 97:ca:8f:ff:b9:a7:8b:55:c2:5c:9e:f7:03:6e:32:7c:33:70: ef:3b:b2:c0:93:b0:88:80:ba:dd:f6:0c:9b:9a:87:6c:61:f6: a6:59:37:76:81:fd:f8:49:29:13:b1:6f:cd:36:b5:11:19:61: 48:48:92:6f:0f:8a:cf:fd:73:12:26:c0:a8:d2:48:49:d1:ee: 23:b3:77:8f:b4:67:51:21:6a:0b:bc:b7:86:57:c7:dc:4f:62: e6:08:a9:a0:d4:bc:96:40:5a:bd:77:b1:c6:f7:01:66:d4:19: 5d:1c:9f:ce:2b:01:59:3a:8b:ce:c4:8f:c7:02:ec:e1:fc:8f: 5d:fa:dd:97:11:a1:31:ef:7c:ff:c0:75:1b:f9:f7:20:bf:9e: e3:b6:fa:02:72:ee:98:6f:7d:49:58:17:99:02:4f:21:54:dd: 67:99:6f:e2:97:9b:e7:b9:eb:42:05:38:26:7a:32:e2:56:90: 16:31:95:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsedA3MprmtiAS5cvHSTUgfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk MjY3MTMwHhcNMjUxMjE0MjAwMTIwWhcNMjUxMjE1MjAwMTIwWjAzMTEwLwYDVQQD Eyg4ODJkNjA4NTQ3YjMzYmZiMzA1OWE3MzhmMTJlNWJiZWI3OTVmZjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxDd6JmRBfwo3ESUtObPOcMK2mpo zAEnW8jPdZxHkxWs5Ml45hnXxm3jU5eH2UstsQLCe0fe2eHm80GKGZfl9DvOmPF4 c1rE4DVprolTJuIttvLQxQUA+rjNyybyaAv/25mTTZdrDBtK3H6KLJ9WUBUQcac6 /wdKPh6FZ+FQlRCEmEYY9FkpqABjWTMLBNqyh9D1XteZJPy0T3OIa5XoeuQFuLuI 8dq+3cu1tI4mHMEAdlNYW0mKUics3pt+0mMhH6QOQDzLOsPQHk3upfwV7oneYPri cCPvFYdWunj6al9Hqii3yILQ3PXv/v9RplWW+Bbu8LpdaSl4uCW3LsL7jwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIgtYIVHszv7MFmnOPEuW763lf9MMB8GA1UdIwQY MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0 LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkInchgS 9lxWYxDKmBQD/+2qLOjIkbi0UvzbHrfPF9SsvC51HsCaOovh15P1FJn3k80/2/zs gyIrZlGruqgbkYhG1jQUS0zcl8qP/7mni1XCXJ73A24yfDNw7zuywJOwiIC63fYM m5qHbGH2plk3doH9+EkpE7FvzTa1ERlhSEiSbw+Kz/1zEibAqNJISdHuI7N3j7Rn USFqC7y3hlfH3E9i5gipoNS8lkBavXexxvcBZtQZXRyfzisBWTqLzsSPxwLs4fyP XfrdlxGhMe98/8B1G/n3IL+e47b6AnLumG99SVgXmQJPIVTdZ5lv4peb57nrQgU4 Jnoy4laQFjGV4g== -----END CERTIFICATE-----Generated at Mon Dec 15 05:00:36 2025 by rpki-client