This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft File: L8tesBINBwkLEmJWxFo1KC1awKw.mft (raw, json) Hash identifier: FPimFNOwckv70yCbI5gfcSKQ8G+Mr4L69KpNYYUzoi0= Subject key identifier: E9:C5:BD:D8:84:CE:79:84:83:F3:58:2F:59:99:FA:85:7D:AA:5A:FF Authority key identifier: 2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC Certificate issuer: /CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac Certificate serial: 019B597734FF312EFCFB71C618BCE9E8BFC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft Manifest number: 024B Signing time: Fri 26 Dec 2025 07:02:23 +0000 Manifest this update: Fri 26 Dec 2025 07:02:23 +0000 Manifest next update: Sat 27 Dec 2025 07:02:23 +0000 Files and hashes: 1: L8tesBINBwkLEmJWxFo1KC1awKw.crl (hash: 4km00jk8fmpBcTPMfzNkwOFGPF8fff1aUSiQQKL4Gxw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:34:ff:31:2e:fc:fb:71:c6:18:bc:e9:e8:bf:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac Validity Not Before: Dec 26 07:02:23 2025 GMT Not After : Dec 27 07:02:23 2025 GMT Subject: CN=e9c5bdd884ce798483f3582f5999fa857daa5aff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:9d:5a:2a:b6:ff:c7:b7:a0:f1:cf:31:ea:61: 57:e1:26:5e:05:c5:03:46:95:8e:a7:b1:19:c1:d0: 3c:55:32:20:2a:24:7b:bd:59:2c:ee:05:df:80:95: 1a:0b:f5:08:62:20:1e:98:71:ae:a8:9b:30:36:ae: 88:35:85:99:87:31:a3:3d:2b:3e:39:b0:00:2a:a3: bf:90:39:ac:0e:94:78:5b:7c:d4:8e:28:7a:f4:34: 2d:dc:af:33:8a:5f:5d:5b:75:14:c7:a6:59:1d:f1: 41:6d:9e:92:a0:6b:4e:44:cb:23:3b:40:c0:5f:c3: c6:5c:58:68:ce:e2:b4:e9:27:fd:f4:b7:3a:22:aa: 67:67:a8:f7:03:a5:cc:3d:26:e5:a5:02:72:74:99: 67:3c:46:af:46:1d:21:d0:e7:e4:73:a0:e8:15:f0: e1:d4:08:01:b5:12:e6:49:64:1e:ce:e9:22:f2:86: 30:2b:3c:2e:e9:b1:3e:c0:be:18:46:5d:f5:e6:75: 4e:f4:42:1a:1f:7d:4e:86:c8:25:bd:02:45:cf:47: 0b:dc:f2:ed:2d:87:e4:2a:d8:47:29:4d:00:52:61: b2:b4:67:5e:0f:b8:22:58:9f:57:54:fc:1b:90:ee: 05:76:f9:cd:52:d9:8b:29:61:2d:92:df:be:b0:65: e6:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:C5:BD:D8:84:CE:79:84:83:F3:58:2F:59:99:FA:85:7D:AA:5A:FF X509v3 Authority Key Identifier: keyid:2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:9d:54:6d:97:b8:d7:2c:10:fc:ee:3b:a5:05:bc:6e:c1:f5: 98:ea:f4:ba:55:4c:4a:14:3e:5b:08:9f:31:5c:af:1e:e9:b6: 9d:63:a3:a5:50:ec:eb:c1:7b:a3:66:ac:99:6b:87:87:e5:0b: 67:7c:50:0c:fd:8e:5f:aa:c7:95:2a:20:f1:c9:bc:e5:48:c2: ff:21:7c:9f:cc:2d:cb:51:be:5b:4a:bc:e1:2f:80:34:60:f4: 6b:19:f1:5f:73:18:b1:d2:61:ae:4a:12:79:d4:bd:27:6f:fa: f7:38:fc:ad:09:ca:da:9d:8f:ce:15:a2:16:3d:e7:2c:6a:d6: f2:55:fc:1d:44:d1:2f:7f:17:cb:5b:b2:0b:4b:57:c1:cc:dc: 40:b7:98:18:67:2b:50:57:70:3b:7d:5e:66:cd:8a:a9:ca:44: 9e:42:2f:fd:93:c1:58:5a:c8:5a:14:6a:fe:61:20:c6:0d:98: 5f:83:2e:45:73:ec:5b:e8:ce:3f:c8:be:72:ba:0c:03:5f:d4: 6b:79:28:26:2d:38:59:63:d6:bb:09:2f:f7:25:ab:b8:03:2b: a7:74:05:a1:ad:23:36:24:0d:7e:09:7e:7d:59:c8:f9:7b:5f: 9b:25:97:c3:82:a8:de:a9:32:c6:b9:49:7d:bd:1f:de:59:53: 6f:c5:e0:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdzT/MS78+3HGGLzp6L/GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmY2I1ZWIwMTIwZDA3MDkwYjEyNjI1NmM0NWEzNTI4MmQ1 YWMwYWMwHhcNMjUxMjI2MDcwMjIzWhcNMjUxMjI3MDcwMjIzWjAzMTEwLwYDVQQD EyhlOWM1YmRkODg0Y2U3OTg0ODNmMzU4MmY1OTk5ZmE4NTdkYWE1YWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ1aKrb/x7eg8c8x6mFX4SZeBcUD RpWOp7EZwdA8VTIgKiR7vVks7gXfgJUaC/UIYiAemHGuqJswNq6INYWZhzGjPSs+ ObAAKqO/kDmsDpR4W3zUjih69DQt3K8zil9dW3UUx6ZZHfFBbZ6SoGtORMsjO0DA X8PGXFhozuK06Sf99Lc6IqpnZ6j3A6XMPSblpQJydJlnPEavRh0h0Ofkc6DoFfDh 1AgBtRLmSWQezuki8oYwKzwu6bE+wL4YRl315nVO9EIaH31OhsglvQJFz0cL3PLt LYfkKthHKU0AUmGytGdeD7giWJ9XVPwbkO4FdvnNUtmLKWEtkt++sGXmLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOnFvdiEznmEg/NYL1mZ+oV9qlr/MB8GA1UdIwQY MBaAFC/LXrASDQcJCxJiVsRaNSgtWsCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzIt ZTIxNTJlZGY5ZjljLzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzItZTIxNTJlZGY5Zjlj LzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlJ1UbZe4 1ywQ/O47pQW8bsH1mOr0ulVMShQ+WwifMVyvHum2nWOjpVDs68F7o2asmWuHh+UL Z3xQDP2OX6rHlSog8cm85UjC/yF8n8wty1G+W0q84S+ANGD0axnxX3MYsdJhrkoS edS9J2/69zj8rQnK2p2PzhWiFj3nLGrW8lX8HUTRL38Xy1uyC0tXwczcQLeYGGcr UFdwO31eZs2KqcpEnkIv/ZPBWFrIWhRq/mEgxg2YX4MuRXPsW+jOP8i+croMA1/U a3koJi04WWPWuwkv9yWruAMrp3QFoa0jNiQNfgl+fVnI+XtfmyWXw4Ko3qkyxrlJ fb0f3llTb8XgOQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:35 2025 by rpki-client