This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft File: lf0DtfNbMXtNMv8aSywXuzdsIeE.mft (raw, json) Hash identifier: SLC4Rb2MDs8lH5qGt205CvZaPZFvDM1NlOEM3/EPCAI= Subject key identifier: 8D:0A:9F:EB:69:05:53:A0:8E:41:90:A0:B4:C7:7B:93:0B:E7:A9:6A Authority key identifier: 95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1 Certificate issuer: /CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1 Certificate serial: 019B405C2CE9F78036AF558C4417304693B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft Manifest number: 1397 Signing time: Sun 21 Dec 2025 10:02:21 +0000 Manifest this update: Sun 21 Dec 2025 10:02:21 +0000 Manifest next update: Mon 22 Dec 2025 10:02:21 +0000 Files and hashes: 1: LZt4gb-xWjsUFFEJJlr5snAnfj4.roa (hash: iVanuwhOVMx/ABZHooPm82UQY207412XKo2wvn51IRE=) 2: lf0DtfNbMXtNMv8aSywXuzdsIeE.crl (hash: 6p29wRJ17D6t1U/01UWlAm7aIMIysuGhiL8Pr/ZFrvs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:2c:e9:f7:80:36:af:55:8c:44:17:30:46:93:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1 Validity Not Before: Dec 21 10:02:21 2025 GMT Not After : Dec 22 10:02:21 2025 GMT Subject: CN=8d0a9feb690553a08e4190a0b4c77b930be7a96a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:8f:49:28:2b:33:a2:06:c9:05:4f:f0:d5:1e: 8b:c4:43:65:83:ab:5c:92:5c:7f:e3:04:d5:eb:5e: 4e:60:cb:e8:b9:b2:b5:2b:34:de:70:31:5c:f5:91: 74:e6:de:ff:34:51:5f:c2:b3:8c:38:62:4f:ac:35: 1e:c5:b7:2d:4a:e2:4f:35:5c:4c:a5:45:ac:6c:38: 5a:71:d3:ac:4b:7a:d5:a8:93:74:60:ff:2a:35:1e: b7:69:92:09:1d:fb:71:2d:34:07:47:5a:d1:47:a1: a9:05:00:11:65:4c:ee:53:1c:64:6d:52:7d:88:d7: 31:48:f1:75:20:84:b9:09:f4:30:84:4b:eb:92:23: 4c:46:b3:04:03:20:83:7d:f1:4a:13:8c:e2:83:cf: bc:4e:c8:d2:bd:a1:ef:df:94:c1:5f:d2:15:c8:d5: 76:fe:cb:cb:9b:d2:c9:0f:f4:79:9c:b9:8c:06:8c: 53:99:8d:57:ac:b2:5b:46:df:df:22:e0:f2:1a:17: cd:83:cf:33:45:d5:96:49:c2:11:c1:a7:75:31:b3: 3b:1c:8c:58:db:6b:e9:6f:d3:5c:a8:b7:df:fe:4d: 32:8c:20:7e:8f:75:86:12:22:2c:78:1b:f6:59:07: 9f:23:bd:27:8a:42:75:64:ad:69:5c:00:d9:3a:37: a4:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:0A:9F:EB:69:05:53:A0:8E:41:90:A0:B4:C7:7B:93:0B:E7:A9:6A X509v3 Authority Key Identifier: keyid:95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:a0:13:38:74:a8:03:49:eb:12:d6:a7:a2:ae:0a:26:79:f0: 00:f2:d2:55:4b:fc:e7:d5:4a:41:9b:1d:c3:0d:4c:f3:c1:48: 8c:33:2a:0d:ae:2c:88:da:3e:75:b1:1f:c3:c0:28:af:14:7c: c1:e7:4d:7e:9f:03:79:8e:1c:77:7c:91:ee:24:5d:00:94:26: 7b:2c:44:6f:99:26:dd:db:73:2f:ad:ff:09:72:a6:13:f0:6d: 2c:36:81:71:b0:0b:06:ca:2e:87:a7:58:36:ca:db:63:0a:9f: 0a:c0:e3:9e:cd:da:88:07:27:c0:0f:28:d8:75:d9:8d:66:fc: 92:bb:50:e5:c6:5a:a2:c0:6a:39:71:4a:0e:78:b6:fb:b6:36: de:da:2a:30:fd:10:25:08:aa:3a:70:60:f9:b3:03:63:34:b6: fa:07:91:8f:91:67:aa:2e:aa:9e:d1:9e:ce:fb:3f:ae:8c:01: d5:ef:1b:7e:69:55:06:a1:4d:fd:36:21:f8:d9:19:cc:06:70: f5:27:19:26:d8:b6:f2:37:2f:8f:0c:b0:ce:d5:7d:67:78:94: bb:02:8a:50:6a:ea:18:df:08:fb:cf:66:f2:b6:88:2a:df:1e: 49:81:9b:09:b2:f6:e9:0f:e8:2a:7f:f3:cf:32:57:86:d7:20: 9e:34:6c:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXCzp94A2r1WMRBcwRpOwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ZmQwM2I1ZjM1YjMxN2I0ZDMyZmYxYTRiMmMxN2JiMzc2 YzIxZTEwHhcNMjUxMjIxMTAwMjIxWhcNMjUxMjIyMTAwMjIxWjAzMTEwLwYDVQQD Eyg4ZDBhOWZlYjY5MDU1M2EwOGU0MTkwYTBiNGM3N2I5MzBiZTdhOTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo9JKCszogbJBU/w1R6LxENlg6tc klx/4wTV615OYMvoubK1KzTecDFc9ZF05t7/NFFfwrOMOGJPrDUexbctSuJPNVxM pUWsbDhacdOsS3rVqJN0YP8qNR63aZIJHftxLTQHR1rRR6GpBQARZUzuUxxkbVJ9 iNcxSPF1IIS5CfQwhEvrkiNMRrMEAyCDffFKE4zig8+8TsjSvaHv35TBX9IVyNV2 /svLm9LJD/R5nLmMBoxTmY1XrLJbRt/fIuDyGhfNg88zRdWWScIRwad1MbM7HIxY 22vpb9NcqLff/k0yjCB+j3WGEiIseBv2WQefI70nikJ1ZK1pXADZOjek8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI0Kn+tpBVOgjkGQoLTHe5ML56lqMB8GA1UdIwQY MBaAFJX9A7XzWzF7TTL/GkssF7s3bCHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2Et ZDYwZjQ0YTkzNGIxLzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2EtZDYwZjQ0YTkzNGIx LzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKATOHSo A0nrEtanoq4KJnnwAPLSVUv859VKQZsdww1M88FIjDMqDa4siNo+dbEfw8AorxR8 wedNfp8DeY4cd3yR7iRdAJQmeyxEb5km3dtzL63/CXKmE/BtLDaBcbALBsouh6dY NsrbYwqfCsDjns3aiAcnwA8o2HXZjWb8krtQ5cZaosBqOXFKDni2+7Y23toqMP0Q JQiqOnBg+bMDYzS2+geRj5Fnqi6qntGezvs/rowB1e8bfmlVBqFN/TYh+NkZzAZw 9ScZJti28jcvjwywztV9Z3iUuwKKUGrqGN8I+89m8raIKt8eSYGbCbL26Q/oKn/z zzJXhtcgnjRsrQ== -----END CERTIFICATE-----Generated at Sun Dec 21 18:55:26 2025 by rpki-client