This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft File: lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json) Hash identifier: 1/FS513VJagnPzMLIvjXFQ1uArzoReCIWnzXJkmmP8o= Subject key identifier: D5:E8:6B:8B:1D:9D:A0:EC:10:BD:5E:99:3C:E7:95:91:09:BA:98:2C Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3 Certificate issuer: /CN=95e7dc68858c06094e0f43288b486589b483e3f3 Certificate serial: 019B38A256E2A9C2FCB29BADE583CBA38016 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft Manifest number: 0EA1 Signing time: Fri 19 Dec 2025 22:02:01 +0000 Manifest this update: Fri 19 Dec 2025 22:02:01 +0000 Manifest next update: Sat 20 Dec 2025 22:02:01 +0000 Files and hashes: 1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: X6F405Ub4Xq9R1Fsm5awfIATDvb01bt+aStq6zPR7q0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:56:e2:a9:c2:fc:b2:9b:ad:e5:83:cb:a3:80:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3 Validity Not Before: Dec 19 22:02:01 2025 GMT Not After : Dec 20 22:02:01 2025 GMT Subject: CN=d5e86b8b1d9da0ec10bd5e993ce7959109ba982c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3f:45:04:86:8c:12:d3:98:f7:f0:a5:2c:89: 61:d2:73:03:01:2b:9e:79:1f:34:85:5a:7d:3e:2d: 83:df:d7:54:16:4f:c9:82:7c:7e:7c:51:53:b5:4e: 28:8a:9d:83:05:0e:28:c1:87:45:b8:96:1f:8b:5b: 34:6a:7c:af:25:77:49:88:ad:6c:56:60:af:6b:03: 64:2a:9c:88:f1:a3:f6:7a:63:15:6b:15:52:8d:a0: e4:af:e0:bc:96:f2:22:ac:36:bc:f2:48:13:4b:a3: f4:65:91:18:0e:42:50:f9:99:88:7f:43:1c:6c:68: 32:0a:d6:9a:e4:45:68:08:ab:a1:2a:d9:5b:ae:9f: e7:1a:52:fd:a1:55:32:62:41:d2:28:10:9b:23:a1: 37:e0:c3:f8:82:d0:22:d2:4c:c4:0d:46:e5:3e:da: 51:07:25:8c:aa:ae:54:e0:e2:83:a3:89:d3:89:73: 71:5c:c4:40:4d:92:25:ec:60:f8:e1:f7:5a:0d:66: 35:0b:a3:0d:13:b0:ba:a6:5f:4e:0d:a5:2f:91:f6: 54:67:f6:c6:f3:d5:9d:c7:65:84:29:0d:78:4c:bc: 78:72:1f:71:0c:12:06:fa:61:d5:12:95:3c:ff:40: 3f:5f:82:75:dc:3f:8e:6e:1c:79:dc:76:96:2b:98: 8e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:E8:6B:8B:1D:9D:A0:EC:10:BD:5E:99:3C:E7:95:91:09:BA:98:2C X509v3 Authority Key Identifier: keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:d8:c9:9c:da:c3:17:90:f5:65:80:b4:d6:ab:ce:bc:e0:97: a9:b0:98:20:8d:83:c9:54:f6:b6:80:e4:b8:cd:8d:a6:55:e5: 71:61:60:3e:1b:a0:1f:74:8a:41:bd:7a:c3:74:e2:67:c6:07: 90:72:28:be:86:09:16:b6:d9:a3:ef:8b:ea:29:a8:19:ba:6d: 54:28:5c:50:73:78:43:c7:d8:3d:3c:2d:90:b1:48:65:39:1d: 83:0e:22:88:01:37:e0:4c:af:bc:1b:64:83:ff:f5:24:76:be: 22:bc:bb:60:c1:5b:88:d3:01:87:79:75:25:fe:f6:29:d3:99: ad:ba:85:e3:ae:7b:ee:d3:88:5a:b9:ba:80:91:25:c0:2e:05: 81:74:75:61:d6:59:e8:f9:22:1f:ef:54:6e:73:46:86:4b:ae: 22:cf:30:c2:72:7a:c9:2a:54:ef:d1:01:04:86:c2:d8:bb:8d: da:10:1d:82:49:eb:20:02:bd:3c:37:d7:c9:a9:5d:50:6b:77: 4c:d7:9a:2e:ff:2d:72:a1:ae:2c:5f:84:00:17:27:dd:88:fd: f1:11:8b:68:ae:2b:f0:86:f3:a7:99:2d:e0:3a:27:3e:28:1b: d2:30:d2:d4:e2:7c:f4:de:f4:45:33:b1:ca:ab:9c:9c:e6:d6: 61:07:2a:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4olbiqcL8sput5YPLo4AWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4 M2UzZjMwHhcNMjUxMjE5MjIwMjAxWhcNMjUxMjIwMjIwMjAxWjAzMTEwLwYDVQQD EyhkNWU4NmI4YjFkOWRhMGVjMTBiZDVlOTkzY2U3OTU5MTA5YmE5ODJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD9FBIaMEtOY9/ClLIlh0nMDASue eR80hVp9Pi2D39dUFk/Jgnx+fFFTtU4oip2DBQ4owYdFuJYfi1s0anyvJXdJiK1s VmCvawNkKpyI8aP2emMVaxVSjaDkr+C8lvIirDa88kgTS6P0ZZEYDkJQ+ZmIf0Mc bGgyCtaa5EVoCKuhKtlbrp/nGlL9oVUyYkHSKBCbI6E34MP4gtAi0kzEDUblPtpR ByWMqq5U4OKDo4nTiXNxXMRATZIl7GD44fdaDWY1C6MNE7C6pl9ODaUvkfZUZ/bG 89Wdx2WEKQ14TLx4ch9xDBIG+mHVEpU8/0A/X4J13D+Obhx53HaWK5iOOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNXoa4sdnaDsEL1emTznlZEJupgsMB8GA1UdIwQY MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4 LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdjJnNrD F5D1ZYC01qvOvOCXqbCYII2DyVT2toDkuM2NplXlcWFgPhugH3SKQb16w3TiZ8YH kHIovoYJFrbZo++L6imoGbptVChcUHN4Q8fYPTwtkLFIZTkdgw4iiAE34EyvvBtk g//1JHa+Iry7YMFbiNMBh3l1Jf72KdOZrbqF46577tOIWrm6gJElwC4FgXR1YdZZ 6PkiH+9UbnNGhkuuIs8wwnJ6ySpU79EBBIbC2LuN2hAdgknrIAK9PDfXyaldUGt3 TNeaLv8tcqGuLF+EABcn3Yj98RGLaK4r8Ibzp5kt4DonPigb0jDS1OJ89N70RTOx yqucnObWYQcqlQ== -----END CERTIFICATE-----Generated at Sat Dec 20 07:34:06 2025 by rpki-client