This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft File: Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json) Hash identifier: PKfnqvCqsmfdts6TEIjNGiF3iQ9JaXyl3Ml1fBSCwP8= Subject key identifier: 4B:C4:73:4A:0C:70:24:43:01:CF:35:C4:1E:99:44:60:94:EF:77:B8 Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91 Certificate issuer: /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491 Certificate serial: 019B36B4E44B24B61E6A01075FB7F3CA0F65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft Manifest number: 1781 Signing time: Fri 19 Dec 2025 13:03:03 +0000 Manifest this update: Fri 19 Dec 2025 13:03:03 +0000 Manifest next update: Sat 20 Dec 2025 13:03:03 +0000 Files and hashes: 1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: EwWf0FNVGb+4352YYKU2Y8ru96oNhkhnBykH1k4j9h8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b4:e4:4b:24:b6:1e:6a:01:07:5f:b7:f3:ca:0f:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491 Validity Not Before: Dec 19 13:03:03 2025 GMT Not After : Dec 20 13:03:03 2025 GMT Subject: CN=4bc4734a0c70244301cf35c41e99446094ef77b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ea:41:5d:0c:6b:62:1b:53:ad:41:d4:03:48: 7e:db:8e:0d:3a:e3:1c:0b:ec:ae:52:20:01:1a:dc: 94:f1:7a:fd:a8:1c:e6:5f:0c:1e:25:1d:28:a0:58: 20:df:47:60:49:4a:42:45:88:e1:4e:ae:17:bf:44: 27:35:4b:df:14:5c:8b:b6:ae:77:1f:d2:04:9b:5d: fa:24:fe:59:93:c9:ff:ed:16:e8:2a:34:df:38:4c: d0:ed:37:f6:33:b6:f9:ae:52:18:58:3f:e2:1f:ac: 4f:52:14:c9:f4:09:6f:fc:9c:9d:52:03:74:7d:14: f6:99:9e:e1:8e:2f:37:e3:1f:57:5b:31:fd:15:56: a9:a7:67:66:8d:10:ee:c7:04:33:d3:e8:fd:3e:e2: 99:80:c0:eb:cc:b2:92:7a:22:61:41:80:29:e1:c1: 22:c4:94:6e:fb:1e:e8:42:9a:7f:12:31:9b:76:19: 86:e9:4a:81:3b:b0:a7:30:0c:5f:82:5a:b2:ea:ec: 5e:87:c5:0f:95:95:5e:2b:de:e1:19:2e:0e:02:02: b5:dd:08:0f:54:df:e8:5e:24:a5:96:40:57:d6:f1: 8d:ad:f7:bb:61:73:6f:a8:4b:ff:ec:97:7d:a6:78: 67:91:41:db:90:90:4a:f2:f7:52:6d:cc:92:ae:b0: cc:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:C4:73:4A:0C:70:24:43:01:CF:35:C4:1E:99:44:60:94:EF:77:B8 X509v3 Authority Key Identifier: keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:54:96:2d:e9:ca:9f:27:a6:28:33:f4:25:c8:a0:40:72:0e: 3c:4b:91:2b:37:9c:52:2a:b4:d3:f5:05:b9:bc:f5:51:1a:ca: 46:89:31:ed:2b:8c:e3:da:47:14:7d:7f:d8:1c:1d:18:82:74: c3:ff:5e:44:c4:b6:2f:78:08:bf:fa:f6:d9:ec:3b:43:ab:7a: 25:7a:0c:94:55:e8:a4:2d:b8:a3:7a:de:d6:e6:9d:13:63:4e: b4:e2:1d:e7:9b:39:99:90:aa:8a:a8:85:7a:8b:5c:b0:06:74: d2:ad:39:c2:37:2f:86:d1:d1:7a:0c:c7:84:3a:b0:c1:61:63: 5f:cc:00:26:a3:df:ae:57:f5:91:29:41:73:b8:ec:69:fa:5e: 10:39:1c:3b:5b:47:b6:1e:8f:16:8b:47:b5:d8:34:2a:a0:a8: b0:8e:e9:22:a8:29:0a:27:e9:be:6f:cb:17:29:0b:05:c6:5c: bf:69:d0:d5:ac:a8:c4:7d:5f:0c:1c:bc:0f:2d:c7:a0:93:e7: 87:90:c6:aa:42:45:24:cb:58:30:5f:f5:5a:ca:f2:60:0c:c6: 65:9b:d0:e1:8d:be:af:01:a2:7e:92:2b:78:fd:ce:45:1c:b8: 65:33:7a:de:76:84:ba:72:d8:76:1c:a4:e8:83:5b:58:2a:49: 76:b6:31:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2tORLJLYeagEHX7fzyg9lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5 OWM0OTEwHhcNMjUxMjE5MTMwMzAzWhcNMjUxMjIwMTMwMzAzWjAzMTEwLwYDVQQD Eyg0YmM0NzM0YTBjNzAyNDQzMDFjZjM1YzQxZTk5NDQ2MDk0ZWY3N2I4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOpBXQxrYhtTrUHUA0h+244NOuMc C+yuUiABGtyU8Xr9qBzmXwweJR0ooFgg30dgSUpCRYjhTq4Xv0QnNUvfFFyLtq53 H9IEm136JP5Zk8n/7RboKjTfOEzQ7Tf2M7b5rlIYWD/iH6xPUhTJ9Alv/JydUgN0 fRT2mZ7hji834x9XWzH9FVapp2dmjRDuxwQz0+j9PuKZgMDrzLKSeiJhQYAp4cEi xJRu+x7oQpp/EjGbdhmG6UqBO7CnMAxfglqy6uxeh8UPlZVeK97hGS4OAgK13QgP VN/oXiSllkBX1vGNrfe7YXNvqEv/7Jd9pnhnkUHbkJBK8vdSbcySrrDMewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEvEc0oMcCRDAc81xB6ZRGCU73e4MB8GA1UdIwQY MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1 LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlSWLenK nyemKDP0JcigQHIOPEuRKzecUiq00/UFubz1URrKRokx7SuM49pHFH1/2BwdGIJ0 w/9eRMS2L3gIv/r22ew7Q6t6JXoMlFXopC24o3re1uadE2NOtOId55s5mZCqiqiF eotcsAZ00q05wjcvhtHRegzHhDqwwWFjX8wAJqPfrlf1kSlBc7jsafpeEDkcO1tH th6PFotHtdg0KqCosI7pIqgpCifpvm/LFykLBcZcv2nQ1ayoxH1fDBy8Dy3HoJPn h5DGqkJFJMtYMF/1WsryYAzGZZvQ4Y2+rwGifpIreP3ORRy4ZTN63naEunLYdhyk 6INbWCpJdrYx0Q== -----END CERTIFICATE-----Generated at Fri Dec 19 14:51:05 2025 by rpki-client