This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json) Hash identifier: iNrjJCUdGr/CQdOre4/A/88wbi8dbcOOI6pBNFBmxQM= Subject key identifier: 33:0E:E1:4F:64:1D:6F:38:32:4E:56:E8:C2:60:73:59:A9:A5:CC:4E Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad Certificate serial: 019B3D235443AE544FA46AC59577BD8B2B18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft Manifest number: 0601 Signing time: Sat 20 Dec 2025 19:01:24 +0000 Manifest this update: Sat 20 Dec 2025 19:01:24 +0000 Manifest next update: Sun 21 Dec 2025 19:01:24 +0000 Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=) 2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: B8Eqfutq5e4h9Yy+H1IWNLRIf9F+ZiOoZWZyAvyNm8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:54:43:ae:54:4f:a4:6a:c5:95:77:bd:8b:2b:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad Validity Not Before: Dec 20 19:01:24 2025 GMT Not After : Dec 21 19:01:24 2025 GMT Subject: CN=330ee14f641d6f38324e56e8c2607359a9a5cc4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:c2:00:b2:5c:b7:c4:c8:46:16:be:01:3a:cd: 18:22:e8:d7:45:08:6e:fc:07:b9:c7:0b:12:37:d1: a9:ef:a1:05:02:e3:1e:b7:85:9b:26:40:e0:4d:b0: 0a:e7:63:fc:23:f7:ae:b6:f9:41:75:a8:4f:e5:2b: 58:11:68:41:59:a2:bf:f1:5f:37:c3:fd:ae:19:44: 2f:75:a5:ea:25:a4:e7:5a:80:bb:e3:74:aa:cf:54: d3:a7:02:be:af:7d:5e:43:1b:b0:a4:7e:62:f6:5c: 17:44:71:79:3b:b5:90:b0:49:f3:96:84:78:7a:78: 08:f4:79:9d:4b:84:5e:cb:91:57:23:dd:b8:4e:4d: 75:a6:82:91:2c:82:ef:67:89:78:2f:b6:ec:4a:d0: a3:7c:b8:e0:74:a6:c9:f7:11:1d:f1:03:da:32:14: 34:19:2d:8d:eb:75:15:50:e7:ce:28:9b:3a:68:e8: 89:e4:6e:98:ee:3a:37:d8:98:7b:e8:63:5f:49:97: c3:6e:17:04:86:4d:92:d1:81:be:be:20:da:20:a0: 88:d5:73:11:e1:1a:e7:94:5f:0a:d4:79:a6:bc:c1: 4a:74:44:a9:ee:7e:5a:b0:0c:2b:43:10:91:28:b0: 71:0c:d9:ad:ad:08:15:db:2b:2e:9f:73:2f:5a:a4: 38:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:0E:E1:4F:64:1D:6F:38:32:4E:56:E8:C2:60:73:59:A9:A5:CC:4E X509v3 Authority Key Identifier: keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:86:96:44:6f:6c:66:eb:59:a7:3f:65:8b:ae:37:16:75:df: 22:d2:bd:2a:c5:f6:61:ae:ad:2c:90:64:b7:c3:ae:8d:a0:5e: 78:aa:f3:64:5b:9f:99:6e:0e:50:b0:2f:fd:b9:42:09:1a:69: 3d:e2:c8:39:b4:8b:c9:1b:64:4d:ca:b5:36:4f:4a:04:50:be: da:bb:d9:f1:a7:77:fa:e7:c6:d2:eb:be:3d:65:b0:12:da:34: 52:ac:92:d9:e7:84:4f:1e:7c:a8:b9:0e:d3:94:81:a1:43:d8: b9:7c:a0:bb:53:c1:9a:57:a5:c5:19:a4:d6:65:28:01:20:33: d2:f0:1c:b9:2b:93:cb:d1:e5:b4:d3:d9:9c:8e:87:07:73:9f: c7:c7:65:1e:59:8d:9b:a2:29:a5:04:ef:c4:01:4c:2b:47:34: 84:e0:6f:a7:59:0a:88:20:29:6e:01:4b:88:11:3d:bc:36:87: 68:dd:97:b1:26:5f:78:be:20:1d:5e:9a:b4:d1:86:c7:a0:ac: 28:60:76:b3:e3:fa:90:51:be:46:bc:0c:14:ad:fe:5f:a5:24: f2:b0:c8:aa:0e:d9:3f:7f:37:02:57:7e:63:53:1a:cf:d1:e5: 27:53:9f:f2:dd:70:84:3c:8b:10:75:86:e8:b0:3a:8b:d6:44: c5:f5:ec:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I1RDrlRPpGrFlXe9iysYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3 MjRmYWQwHhcNMjUxMjIwMTkwMTI0WhcNMjUxMjIxMTkwMTI0WjAzMTEwLwYDVQQD EygzMzBlZTE0ZjY0MWQ2ZjM4MzI0ZTU2ZThjMjYwNzM1OWE5YTVjYzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cIAsly3xMhGFr4BOs0YIujXRQhu /Ae5xwsSN9Gp76EFAuMet4WbJkDgTbAK52P8I/eutvlBdahP5StYEWhBWaK/8V83 w/2uGUQvdaXqJaTnWoC743Sqz1TTpwK+r31eQxuwpH5i9lwXRHF5O7WQsEnzloR4 engI9HmdS4Rey5FXI924Tk11poKRLILvZ4l4L7bsStCjfLjgdKbJ9xEd8QPaMhQ0 GS2N63UVUOfOKJs6aOiJ5G6Y7jo32Jh76GNfSZfDbhcEhk2S0YG+viDaIKCI1XMR 4RrnlF8K1HmmvMFKdESp7n5asAwrQxCRKLBxDNmtrQgV2ysun3MvWqQ4RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDMO4U9kHW84Mk5W6MJgc1mppcxOMB8GA1UdIwQY MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARIaWRG9s ZutZpz9li643FnXfItK9KsX2Ya6tLJBkt8OujaBeeKrzZFufmW4OULAv/blCCRpp PeLIObSLyRtkTcq1Nk9KBFC+2rvZ8ad3+ufG0uu+PWWwEto0UqyS2eeETx58qLkO 05SBoUPYuXygu1PBmlelxRmk1mUoASAz0vAcuSuTy9HltNPZnI6HB3Ofx8dlHlmN m6IppQTvxAFMK0c0hOBvp1kKiCApbgFLiBE9vDaHaN2XsSZfeL4gHV6atNGGx6Cs KGB2s+P6kFG+RrwMFK3+X6Uk8rDIqg7ZP383Ald+Y1Maz9HlJ1Of8t1whDyLEHWG 6LA6i9ZExfXsRA== -----END CERTIFICATE-----Generated at Sat Dec 20 23:08:45 2025 by rpki-client