This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft File: lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft (raw, json) Hash identifier: b1PkZv4iDfBR5RD+WyrUQ4nkw/0jaPA1J/Ar0zoExoY= Subject key identifier: F2:A2:B2:79:F1:C7:20:09:34:F4:02:C5:11:8E:7D:B4:74:0D:12:4D Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Certificate serial: 019B465D0CD1FC9F3E746DF70A4ABCE1BAF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft Manifest number: 0F45 Signing time: Mon 22 Dec 2025 14:01:01 +0000 Manifest this update: Mon 22 Dec 2025 14:01:01 +0000 Manifest next update: Tue 23 Dec 2025 14:01:01 +0000 Files and hashes: 1: ew1zgYS28PrRo2_vyICjeeeZzZk.roa (hash: Fhi/oH9QUYxK/iP3UryNP+xQPg6T4wc9jRF/RdGEuMY=) 2: lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl (hash: n7ua/72YgUvTub4eVGdg+5bKBrXslt7PuaMWvsTBM5Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 14:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:5d:0c:d1:fc:9f:3e:74:6d:f7:0a:4a:bc:e1:ba:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Validity Not Before: Dec 22 14:01:01 2025 GMT Not After : Dec 23 14:01:01 2025 GMT Subject: CN=f2a2b279f1c7200934f402c5118e7db4740d124d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:2a:36:4d:89:20:be:2a:8e:58:cc:26:4d:96: a6:99:42:41:49:43:3a:78:be:80:83:4f:f0:a8:57: 90:52:e2:8f:74:1a:da:89:62:7e:16:c8:a3:3f:8d: 20:59:f8:40:dc:30:a8:f4:7e:1d:b2:46:b1:04:61: 8f:eb:2c:c1:0f:ef:4a:a6:1d:2c:3c:b1:a9:a6:23: 3c:e7:d9:a1:cd:94:42:5d:55:f9:8b:98:ec:b0:15: 4a:b9:ae:09:49:4b:b3:1e:e3:e7:ba:1d:a2:e3:74: df:e6:fe:e2:9b:e5:f3:6f:df:e4:4d:bf:99:bb:43: 15:63:e6:71:45:20:58:a2:57:7e:f7:a1:91:b5:29: ba:7a:12:e2:42:7a:c3:70:04:70:35:b2:a6:69:17: da:ab:b1:00:da:ca:c4:95:33:67:3d:6e:07:e2:fb: 4b:94:fa:0c:54:64:99:f1:ab:e9:84:5d:46:29:d9: cc:85:49:51:52:da:f4:ee:30:90:cd:82:db:31:a3: 23:96:14:ee:7f:d7:e5:38:50:58:f5:4e:60:56:8c: 4d:e7:7b:03:3d:cd:28:db:26:30:c3:9c:be:c0:f2: 6a:13:b7:e4:27:2d:50:52:24:4b:b7:75:81:f8:1d: d0:2f:74:e3:92:3c:02:da:c2:d4:70:a3:5e:ff:aa: 7e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A2:B2:79:F1:C7:20:09:34:F4:02:C5:11:8E:7D:B4:74:0D:12:4D X509v3 Authority Key Identifier: keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:77:6f:28:d7:ed:a9:5f:00:43:02:44:86:ee:e9:f7:e4:dd: e3:e5:4a:e2:17:66:ed:41:25:30:1f:e9:96:30:fb:31:20:95: 63:4d:e4:f9:08:74:4d:0f:8c:0c:aa:aa:35:73:7e:46:c2:e3: 0f:08:9f:6a:e8:2f:3d:78:ab:11:ed:42:93:86:c9:c3:d3:20: 32:7c:03:eb:b4:3b:93:10:0d:f4:96:94:7f:82:6c:c3:a4:bf: a2:e9:cb:52:d0:af:b4:76:50:16:af:18:96:20:b6:a4:a9:a1: 6a:8e:f4:26:24:79:f5:42:d4:02:80:09:0f:10:bc:ac:6a:2a: 8b:31:e8:46:51:14:a5:f2:e0:1f:54:44:e5:5b:3e:da:a7:91: d4:ab:fa:76:11:90:9e:aa:02:be:d1:4f:55:f9:f4:12:a1:db: ec:f2:03:60:03:4f:91:db:6d:d4:fb:9c:af:ae:14:b3:f9:6f: 3f:68:30:7e:51:aa:cb:c9:68:53:cc:4c:0b:2d:98:b2:2c:1d: a8:42:21:91:f8:80:6f:1c:43:29:1d:38:42:f4:ff:dc:4d:79: 80:6e:4d:c6:c9:db:8f:2a:2b:d7:0c:2c:3e:30:7d:b2:51:5a: 06:88:51:73:d3:f8:9c:99:78:81:b7:21:a0:20:61:d2:50:e2: 4a:71:a5:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGXQzR/J8+dG33Ckq84br0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3 ZDhjZWIwHhcNMjUxMjIyMTQwMTAxWhcNMjUxMjIzMTQwMTAxWjAzMTEwLwYDVQQD EyhmMmEyYjI3OWYxYzcyMDA5MzRmNDAyYzUxMThlN2RiNDc0MGQxMjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyo2TYkgviqOWMwmTZammUJBSUM6 eL6Ag0/wqFeQUuKPdBraiWJ+FsijP40gWfhA3DCo9H4dskaxBGGP6yzBD+9Kph0s PLGppiM859mhzZRCXVX5i5jssBVKua4JSUuzHuPnuh2i43Tf5v7im+Xzb9/kTb+Z u0MVY+ZxRSBYold+96GRtSm6ehLiQnrDcARwNbKmaRfaq7EA2srElTNnPW4H4vtL lPoMVGSZ8avphF1GKdnMhUlRUtr07jCQzYLbMaMjlhTuf9flOFBY9U5gVoxN53sD Pc0o2yYww5y+wPJqE7fkJy1QUiRLt3WB+B3QL3TjkjwC2sLUcKNe/6p+PQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPKisnnxxyAJNPQCxRGOfbR0DRJNMB8GA1UdIwQY MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt NWU3N2ZhMDMzM2EzLzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQndvKNft qV8AQwJEhu7p9+Td4+VK4hdm7UElMB/pljD7MSCVY03k+Qh0TQ+MDKqqNXN+RsLj DwifaugvPXirEe1Ck4bJw9MgMnwD67Q7kxAN9JaUf4Jsw6S/ounLUtCvtHZQFq8Y liC2pKmhao70JiR59ULUAoAJDxC8rGoqizHoRlEUpfLgH1RE5Vs+2qeR1Kv6dhGQ nqoCvtFPVfn0EqHb7PIDYANPkdtt1Pucr64Us/lvP2gwflGqy8loU8xMCy2Ysiwd qEIhkfiAbxxDKR04QvT/3E15gG5Nxsnbjyor1wwsPjB9slFaBohRc9P4nJl4gbch oCBh0lDiSnGl8Q== -----END CERTIFICATE-----Generated at Mon Dec 22 20:22:58 2025 by rpki-client