This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft File: lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft (raw, json) Hash identifier: oPsSfuxcu0CDpvtZBdxb5+OWOooN5d3VWEq6bg9Njqw= Subject key identifier: B7:B9:6D:CB:7F:04:2F:5E:43:AE:5F:01:5D:4B:3A:7B:3C:1C:7F:C8 Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Certificate serial: 019B0A7EEDFC872B5E6B4F2CD8B9F70A790F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft Manifest number: 0F26 Signing time: Wed 10 Dec 2025 23:00:49 +0000 Manifest this update: Wed 10 Dec 2025 23:00:49 +0000 Manifest next update: Thu 11 Dec 2025 23:00:49 +0000 Files and hashes: 1: ew1zgYS28PrRo2_vyICjeeeZzZk.roa (hash: Fhi/oH9QUYxK/iP3UryNP+xQPg6T4wc9jRF/RdGEuMY=) 2: lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl (hash: TooSdYYmCCkkOo/5ThLfteGZ8fdQyct4bqN/vTXB6rc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0a:7e:ed:fc:87:2b:5e:6b:4f:2c:d8:b9:f7:0a:79:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Validity Not Before: Dec 10 23:00:49 2025 GMT Not After : Dec 11 23:00:49 2025 GMT Subject: CN=b7b96dcb7f042f5e43ae5f015d4b3a7b3c1c7fc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:53:bc:d1:f0:91:e0:b3:87:d5:b3:2b:d3:f0: 4d:9d:b0:85:ca:96:86:b4:19:b1:15:8e:6e:61:e6: f7:b5:75:cf:d8:87:bc:e3:7b:66:5d:eb:21:87:6d: 88:37:f3:86:e3:50:c1:5d:7e:6e:71:be:88:3a:b0: 8a:16:57:2e:18:a2:40:48:77:af:f6:94:be:24:b9: f3:f9:ce:37:4a:1d:cd:08:12:cc:a1:9e:ce:1a:42: 2a:a7:97:6b:8a:0e:ab:e0:45:1d:8a:76:3d:6b:fe: b6:46:af:4f:cc:9a:2a:2d:07:e1:73:f8:55:98:72: 3d:18:2b:9f:a8:8c:fa:91:24:d3:30:0e:0c:b3:81: fc:7d:7b:14:e2:ac:cb:be:e4:e8:69:d2:80:de:8d: 78:d5:1f:43:70:ef:cf:8c:ac:eb:7c:78:a7:2c:a1: 07:bf:36:b9:a9:16:08:10:a3:69:2c:96:f1:1d:76: 74:95:bc:5e:85:4c:23:66:8a:b5:0d:2f:0b:2d:6b: d1:f2:da:fe:4d:6a:33:87:d8:51:9a:90:34:2b:31: 41:a7:36:a0:0b:b0:aa:02:f9:80:6d:a8:a8:c6:a9: 6e:8e:3f:6f:8f:fc:ec:ce:f8:b8:26:73:a3:78:c4: 43:96:20:95:da:49:45:d6:51:55:61:54:65:4a:77: 9f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:B9:6D:CB:7F:04:2F:5E:43:AE:5F:01:5D:4B:3A:7B:3C:1C:7F:C8 X509v3 Authority Key Identifier: keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:76:9e:b0:2e:c8:88:b2:f1:3c:b8:ca:d8:37:14:2f:8c:41: 74:c6:8e:47:e1:40:f6:e4:3c:ee:3b:24:0e:4a:62:5c:53:d2: 14:be:ee:4d:99:ba:74:61:51:a0:dd:d6:f1:05:86:84:ad:7e: a9:09:5e:45:1b:61:e9:24:e8:38:04:63:13:1e:eb:f1:5e:62: fa:11:36:2c:fd:39:06:35:ea:82:de:87:9b:39:76:a9:51:0e: aa:cb:97:b5:60:b2:74:27:59:c2:97:dd:fc:b0:cb:b8:d8:97: 14:6f:c3:db:83:ad:1b:b8:36:f2:55:61:dc:06:96:9c:3e:5d: 6e:5d:6c:dd:19:10:28:81:db:36:d6:5b:34:87:ab:42:f3:b2: 41:c8:54:62:8f:4b:74:c8:b4:76:56:89:c2:96:00:10:c9:1b: 75:88:68:10:c7:cc:87:c4:0e:bb:ec:11:8e:f1:fd:36:6c:53: 73:fe:36:9b:4b:e9:e8:48:37:c7:16:50:fa:2e:e0:6b:fa:17: bd:d2:40:d4:b2:af:04:f1:1a:28:75:bc:42:43:59:20:77:ed: 2f:ad:64:07:fa:66:dd:6c:f0:4a:d1:d0:3e:60:b1:6f:f8:f7: 7f:da:d0:f0:22:0e:ab:07:f6:df:24:21:b4:e1:2d:52:44:d4: 03:ca:4c:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsKfu38hytea08s2Ln3CnkPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3 ZDhjZWIwHhcNMjUxMjEwMjMwMDQ5WhcNMjUxMjExMjMwMDQ5WjAzMTEwLwYDVQQD EyhiN2I5NmRjYjdmMDQyZjVlNDNhZTVmMDE1ZDRiM2E3YjNjMWM3ZmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVO80fCR4LOH1bMr0/BNnbCFypaG tBmxFY5uYeb3tXXP2Ie843tmXeshh22IN/OG41DBXX5ucb6IOrCKFlcuGKJASHev 9pS+JLnz+c43Sh3NCBLMoZ7OGkIqp5drig6r4EUdinY9a/62Rq9PzJoqLQfhc/hV mHI9GCufqIz6kSTTMA4Ms4H8fXsU4qzLvuToadKA3o141R9DcO/PjKzrfHinLKEH vza5qRYIEKNpLJbxHXZ0lbxehUwjZoq1DS8LLWvR8tr+TWozh9hRmpA0KzFBpzag C7CqAvmAbaioxqlujj9vj/zszvi4JnOjeMRDliCV2klF1lFVYVRlSnefrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLe5bct/BC9eQ65fAV1LOns8HH/IMB8GA1UdIwQY MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt NWU3N2ZhMDMzM2EzLzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXaesC7I iLLxPLjK2DcUL4xBdMaOR+FA9uQ87jskDkpiXFPSFL7uTZm6dGFRoN3W8QWGhK1+ qQleRRth6SToOARjEx7r8V5i+hE2LP05BjXqgt6Hmzl2qVEOqsuXtWCydCdZwpfd /LDLuNiXFG/D24OtG7g28lVh3AaWnD5dbl1s3RkQKIHbNtZbNIerQvOyQchUYo9L dMi0dlaJwpYAEMkbdYhoEMfMh8QOu+wRjvH9NmxTc/42m0vp6Eg3xxZQ+i7ga/oX vdJA1LKvBPEaKHW8QkNZIHftL61kB/pm3WzwStHQPmCxb/j3f9rQ8CIOqwf23yQh tOEtUkTUA8pMeg== -----END CERTIFICATE-----Generated at Thu Dec 11 05:20:47 2025 by rpki-client