This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json) Hash identifier: tbm50/p5pztVW8SpZ9daxEv1VxycIETVI6mBzseRLHw= Subject key identifier: 03:B0:AC:E8:26:AF:2B:2C:09:5B:E3:09:6D:CE:6F:5E:9B:44:D5:81 Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa Certificate serial: 019B3B6BA4198A1E7298EEB7FE086DBE1933 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 11:01:08 +0000 Manifest this update: Sat 20 Dec 2025 11:01:08 +0000 Manifest next update: Sun 21 Dec 2025 11:01:08 +0000 Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=) 2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: F5owDYlCH+XVdeBSGKbKUygKGrCj39KB9eBHUpDGkok=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:a4:19:8a:1e:72:98:ee:b7:fe:08:6d:be:19:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa Validity Not Before: Dec 20 11:01:08 2025 GMT Not After : Dec 21 11:01:08 2025 GMT Subject: CN=03b0ace826af2b2c095be3096dce6f5e9b44d581 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:65:bf:2b:5e:4f:d5:54:c3:fe:32:71:7a:0d: c3:c8:79:8b:e0:a1:ee:23:98:19:b8:60:46:71:33: e2:62:d0:a5:26:f3:da:90:87:0f:d4:d8:63:60:41: 85:0e:16:2f:ff:a6:a3:c9:4d:1b:f0:13:e0:9e:03: 56:6c:7a:d6:b1:c7:6e:db:74:75:cb:f8:43:e0:64: 9d:c1:79:e2:7e:4b:d7:48:69:4a:fc:00:73:6e:ba: ba:c6:f7:e2:a1:06:24:f0:59:a2:2e:8f:9b:08:24: 77:54:59:e3:64:98:aa:bd:7d:c5:6b:80:59:2a:62: 58:26:72:d9:29:4e:d2:c9:1b:cd:86:48:21:55:58: 10:54:06:c3:98:77:40:3f:d1:01:fa:96:d2:ba:52: e8:e5:eb:2a:17:a0:6b:13:a0:20:1b:cd:97:e5:9e: 8a:79:31:6f:53:3e:9f:53:13:ea:3a:52:d3:3d:d7: 90:c1:fd:09:b6:5c:21:2b:f9:31:22:82:1b:20:ee: f1:ab:63:68:9b:06:d9:0c:77:98:f5:e5:bd:ec:44: 06:74:af:ae:3b:ee:f2:a2:26:37:7e:59:8e:89:92: fb:08:58:cc:41:78:66:fd:6c:e0:bd:e4:96:fe:04: 62:f1:6c:25:e5:f2:89:cd:2c:38:4a:c1:d9:c4:c3: 10:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:B0:AC:E8:26:AF:2B:2C:09:5B:E3:09:6D:CE:6F:5E:9B:44:D5:81 X509v3 Authority Key Identifier: keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:af:bb:08:8c:32:b6:f5:5e:65:05:5d:e0:e4:84:7a:92:1c: 2c:92:8a:be:ed:d7:6f:39:7a:b9:a4:dc:03:08:90:22:f1:9b: 31:10:73:92:4b:dc:b0:6b:f5:dd:32:51:72:46:26:6b:0f:ef: f0:fb:93:44:ed:35:95:be:03:dc:de:f7:c7:34:9b:86:e1:78: 7a:d1:a0:e9:1a:2a:cf:1b:14:ab:fd:a4:06:bc:5e:e0:62:aa: ce:c6:f2:04:85:86:99:48:29:cd:9a:95:bb:4d:22:b0:71:c9: aa:25:ce:75:13:b3:f6:e7:10:58:b2:d0:51:31:e3:5d:3a:d1: ec:a6:99:33:e3:c7:e3:7e:3e:1a:1a:63:3a:a6:0c:3f:f4:d9: 22:1f:2c:c1:30:f2:7d:b8:05:fb:39:23:56:02:1e:06:6a:db: 83:3f:47:74:c2:33:b4:e4:7b:84:06:15:ed:53:89:bc:c7:7d: 28:f1:ba:e3:cf:9e:5f:f8:e2:b5:2c:34:d7:e9:72:98:88:87: 56:1e:7e:2d:92:07:18:a7:4c:bb:94:9e:77:8d:23:26:7a:dc: fb:22:56:d0:83:43:bd:15:06:38:9f:07:b3:5f:51:a0:6e:71: 9d:e2:40:c2:35:13:74:4e:c5:1e:3d:21:16:c7:c5:e2:a6:1b: fd:89:42:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a6QZih5ymO63/ghtvhkzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj MmNiZmEwHhcNMjUxMjIwMTEwMTA4WhcNMjUxMjIxMTEwMTA4WjAzMTEwLwYDVQQD EygwM2IwYWNlODI2YWYyYjJjMDk1YmUzMDk2ZGNlNmY1ZTliNDRkNTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWW/K15P1VTD/jJxeg3DyHmL4KHu I5gZuGBGcTPiYtClJvPakIcP1NhjYEGFDhYv/6ajyU0b8BPgngNWbHrWscdu23R1 y/hD4GSdwXnifkvXSGlK/ABzbrq6xvfioQYk8FmiLo+bCCR3VFnjZJiqvX3Fa4BZ KmJYJnLZKU7SyRvNhkghVVgQVAbDmHdAP9EB+pbSulLo5esqF6BrE6AgG82X5Z6K eTFvUz6fUxPqOlLTPdeQwf0JtlwhK/kxIoIbIO7xq2NomwbZDHeY9eW97EQGdK+u O+7yoiY3flmOiZL7CFjMQXhm/WzgveSW/gRi8Wwl5fKJzSw4SsHZxMMQ6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAOwrOgmryssCVvjCW3Ob16bRNWBMB8GA1UdIwQY MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARq+7CIwy tvVeZQVd4OSEepIcLJKKvu3Xbzl6uaTcAwiQIvGbMRBzkkvcsGv13TJRckYmaw/v 8PuTRO01lb4D3N73xzSbhuF4etGg6RoqzxsUq/2kBrxe4GKqzsbyBIWGmUgpzZqV u00isHHJqiXOdROz9ucQWLLQUTHjXTrR7KaZM+PH434+GhpjOqYMP/TZIh8swTDy fbgF+zkjVgIeBmrbgz9HdMIztOR7hAYV7VOJvMd9KPG648+eX/jitSw01+lymIiH Vh5+LZIHGKdMu5Sed40jJnrc+yJW0INDvRUGOJ8Hs19RoG5xneJAwjUTdE7FHj0h FsfF4qYb/YlCQA== -----END CERTIFICATE-----Generated at Sat Dec 20 12:22:37 2025 by rpki-client