This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft File: lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft (raw, json) Hash identifier: iGeebyeZkYm8trgdbS7rOhlsb1kXnhpAlGwKMSCevRs= Subject key identifier: D1:0F:7B:1A:A6:67:18:9F:13:AC:7D:FC:B2:D8:AB:A5:22:24:7A:89 Authority key identifier: 94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42 Certificate issuer: /CN=94282a6078ba98fb4a6e343e7603a960e7a63442 Certificate serial: 019B33B19EDA44A32C55849328BC15F616E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft Manifest number: 173E Signing time: Thu 18 Dec 2025 23:00:37 +0000 Manifest this update: Thu 18 Dec 2025 23:00:37 +0000 Manifest next update: Fri 19 Dec 2025 23:00:37 +0000 Files and hashes: 1: G39ME0xFxZesqQwqos2EdI8n7qo.roa (hash: 8k5VE0uXEGXbMB9ED4RCnZSTVNYbIG3+AEXwxhVpiyI=) 2: lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl (hash: tR5hkkacBuEXcx6j9XCInS4DyaZDnfMHdLxg0kFY9kQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:9e:da:44:a3:2c:55:84:93:28:bc:15:f6:16:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94282a6078ba98fb4a6e343e7603a960e7a63442 Validity Not Before: Dec 18 23:00:37 2025 GMT Not After : Dec 19 23:00:37 2025 GMT Subject: CN=d10f7b1aa667189f13ac7dfcb2d8aba522247a89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:db:1f:74:92:48:b6:f8:e2:48:d0:32:62:45: 59:00:6f:f7:53:1f:49:26:ce:fb:70:b6:b4:61:fc: c3:68:97:ab:2f:68:16:24:04:a1:6c:d5:ff:b9:5c: 02:04:b0:06:72:5a:e8:da:a5:23:0b:b6:84:80:38: 15:44:bc:7b:28:a9:9b:bd:78:90:9d:cc:52:b5:b8: 2a:be:11:c4:3d:4b:e1:db:dc:9b:c9:b2:f1:da:76: 8a:e5:93:c6:00:ee:62:d9:5a:6f:8c:c3:76:13:20: 8f:2d:06:b3:ff:5a:bf:93:9d:ab:6b:f9:43:56:f1: 6b:5d:ec:4a:51:6d:bc:39:3d:14:67:eb:df:38:11: 87:cc:b8:ff:a7:79:2b:57:6f:1a:eb:fa:70:17:54: fb:38:2a:b1:4b:d2:8f:3a:0b:78:8d:69:78:db:06: f2:59:37:b1:4b:06:02:38:81:3c:30:da:5c:43:bb: b8:24:4a:54:94:c7:f8:d2:1a:d4:61:82:e6:2a:72: 0c:0b:3c:9b:26:06:d4:68:ff:d1:90:a5:b0:c4:82: 60:c4:f2:dd:e4:c4:39:c0:5c:0a:38:41:0f:dc:1a: 13:ae:2b:1e:bc:44:02:3c:e6:6c:41:f8:6f:12:9f: 3d:5f:72:1c:d6:0c:8e:09:7a:64:ab:57:02:3c:e6: 99:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:0F:7B:1A:A6:67:18:9F:13:AC:7D:FC:B2:D8:AB:A5:22:24:7A:89 X509v3 Authority Key Identifier: keyid:94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:1c:a9:2d:4a:d6:1e:78:81:1c:76:46:75:6d:9a:4d:c4:f2: 30:11:16:46:99:08:e9:d9:ed:56:f1:c9:06:85:99:dc:05:cf: 1b:19:4c:0a:b3:f3:4f:19:4d:fa:f7:33:07:0f:2a:5d:60:0b: d8:f5:ac:ef:1e:d0:c0:56:94:33:96:d1:e0:68:57:70:b9:68: 24:6a:6b:1b:72:7c:6c:8a:03:a6:a4:dd:3e:83:5f:49:7e:5b: 36:00:4d:d8:23:5b:44:55:c7:8d:0d:ba:b3:39:81:16:d8:c3: a3:9e:49:96:85:de:c8:d6:0b:23:99:79:7c:33:6e:e7:a4:93: a0:c3:bb:68:7a:1f:fb:1d:b9:50:07:ee:86:b9:80:28:dc:13: 11:1f:43:bd:d8:d9:e8:a1:d4:c0:16:84:7d:31:2e:de:f0:f7: b5:c0:d5:b0:a2:0a:68:e9:b4:e1:f5:52:77:0b:8a:3d:68:b3: 30:8a:54:cb:b5:16:f9:c8:24:d7:52:76:b7:65:7f:47:a8:83: 1d:d0:4e:59:4c:b3:6d:e2:e6:a5:73:e1:29:b6:d6:cc:15:03: 7a:1a:02:cb:37:49:52:1e:11:22:25:ba:0e:d7:da:ab:87:9a: 70:c3:9d:aa:68:c6:86:07:f1:13:3f:5a:06:bf:ae:89:5a:70: d2:66:d2:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsZ7aRKMsVYSTKLwV9hblMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0MjgyYTYwNzhiYTk4ZmI0YTZlMzQzZTc2MDNhOTYwZTdh NjM0NDIwHhcNMjUxMjE4MjMwMDM3WhcNMjUxMjE5MjMwMDM3WjAzMTEwLwYDVQQD EyhkMTBmN2IxYWE2NjcxODlmMTNhYzdkZmNiMmQ4YWJhNTIyMjQ3YTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdsfdJJItvjiSNAyYkVZAG/3Ux9J Js77cLa0YfzDaJerL2gWJAShbNX/uVwCBLAGclro2qUjC7aEgDgVRLx7KKmbvXiQ ncxStbgqvhHEPUvh29ybybLx2naK5ZPGAO5i2VpvjMN2EyCPLQaz/1q/k52ra/lD VvFrXexKUW28OT0UZ+vfOBGHzLj/p3krV28a6/pwF1T7OCqxS9KPOgt4jWl42wby WTexSwYCOIE8MNpcQ7u4JEpUlMf40hrUYYLmKnIMCzybJgbUaP/RkKWwxIJgxPLd 5MQ5wFwKOEEP3BoTrisevEQCPOZsQfhvEp89X3Ic1gyOCXpkq1cCPOaZHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNEPexqmZxifE6x9/LLYq6UiJHqJMB8GA1UdIwQY MBaAFJQoKmB4upj7Sm40PnYDqWDnpjRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yYTk2YjgtMDQ2ZC00YWMzLWIyM2Qt ZDgxOTc5NGEzMmEzLzEvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yYTk2YjgtMDQ2ZC00YWMzLWIyM2QtZDgxOTc5NGEzMmEz LzEvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACBypLUrW HniBHHZGdW2aTcTyMBEWRpkI6dntVvHJBoWZ3AXPGxlMCrPzTxlN+vczBw8qXWAL 2PWs7x7QwFaUM5bR4GhXcLloJGprG3J8bIoDpqTdPoNfSX5bNgBN2CNbRFXHjQ26 szmBFtjDo55JloXeyNYLI5l5fDNu56SToMO7aHof+x25UAfuhrmAKNwTER9DvdjZ 6KHUwBaEfTEu3vD3tcDVsKIKaOm04fVSdwuKPWizMIpUy7UW+cgk11J2t2V/R6iD HdBOWUyzbeLmpXPhKbbWzBUDehoCyzdJUh4RIiW6Dtfaq4eacMOdqmjGhgfxEz9a Br+uiVpw0mbS+w== -----END CERTIFICATE-----Generated at Fri Dec 19 07:49:51 2025 by rpki-client