This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft File: lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json) Hash identifier: DNmOmvHMX4HdgvF48zX6DXYisKz/5t2/kOn7Kl/NC3I= Subject key identifier: E7:01:70:79:8A:A1:C2:C5:07:C8:AE:B0:98:D9:F7:93:06:C2:88:43 Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B Certificate issuer: /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b Certificate serial: 019B597714900D7270369EB154B5526CD046 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft Manifest number: 1497 Signing time: Fri 26 Dec 2025 07:02:14 +0000 Manifest this update: Fri 26 Dec 2025 07:02:14 +0000 Manifest next update: Sat 27 Dec 2025 07:02:14 +0000 Files and hashes: 1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: 3/fPRgAoQ9+J6B8x4SdCBodwlnYzYNuLiCDFuc8nzfA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:14:90:0d:72:70:36:9e:b1:54:b5:52:6c:d0:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b Validity Not Before: Dec 26 07:02:14 2025 GMT Not After : Dec 27 07:02:14 2025 GMT Subject: CN=e70170798aa1c2c507c8aeb098d9f79306c28843 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6e:b2:db:3b:dc:c0:5e:eb:34:0b:dc:02:5a: 29:74:90:9a:0d:85:bc:5a:9e:8b:0c:35:0f:3e:9d: a8:c7:ba:b0:76:51:29:fc:25:ac:96:39:a1:e9:40: 4d:a5:17:9c:4b:c8:0a:04:45:7b:af:ca:8b:10:94: 30:aa:84:35:3e:d7:02:7e:47:5e:27:ce:c5:a1:98: 7d:87:2a:a7:8d:3b:a2:6a:58:e2:98:ad:d8:98:1a: 3c:3e:03:ae:df:d1:ef:61:73:e8:fb:5d:78:b1:e1: ed:6f:46:1d:c0:d7:53:7c:11:88:56:44:2a:b2:2d: d9:f5:e8:19:69:75:f2:91:46:24:d5:95:0a:54:9b: 91:90:30:77:0e:e7:1f:81:d3:5b:41:fa:33:b7:36: 2d:2d:a3:77:4f:7c:e4:d9:1a:b8:c7:01:ef:2a:7a: 15:d6:a1:b8:a3:e6:5a:37:5d:8c:38:41:92:c2:47: 8a:28:cf:4b:e4:ff:2b:d9:7c:dd:fb:1e:00:56:d6: ef:8a:60:2a:59:9e:a6:02:2b:46:ed:4e:ca:80:4e: f1:0b:ff:3b:49:b0:ce:44:d8:84:9c:e0:04:4f:33: b7:9a:79:5a:a4:52:ed:92:4c:e7:25:80:e2:32:5b: 32:57:6d:cf:1b:61:de:ab:d6:b8:af:d4:a7:52:47: ff:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:01:70:79:8A:A1:C2:C5:07:C8:AE:B0:98:D9:F7:93:06:C2:88:43 X509v3 Authority Key Identifier: keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:8e:00:6b:8c:06:19:58:f4:cc:4f:01:6a:02:54:7b:f4:5a: 96:66:05:fe:0e:08:ff:59:74:88:4b:55:01:83:41:a8:e3:c8: 00:d5:67:16:2f:08:cb:09:97:1f:41:2f:cc:d1:0d:0d:d2:f3: 3d:35:d4:3e:f3:d0:de:be:ae:34:a4:af:80:27:de:39:13:a3: e8:cd:c6:bd:88:0b:21:02:a7:c0:2e:2b:3f:31:f5:d2:ea:c5: 97:01:c0:97:cc:88:e2:e6:06:65:40:d8:04:44:86:06:d9:b2: 53:3d:15:65:74:4c:f7:02:b4:5e:d5:2c:f3:04:a0:6c:cb:16: 79:2d:ab:68:61:fa:6d:c1:7d:fb:15:d0:74:80:ed:fa:44:d2: 8c:64:68:fb:b4:4f:ea:92:1e:97:fd:c7:f9:32:1a:3d:11:b5: 1a:62:6c:44:59:c0:1c:7c:d6:88:c6:94:aa:05:9b:e5:7c:4d: ec:ea:15:0d:bb:34:ae:50:8d:54:bd:7f:e3:a0:a2:07:b5:4b: ca:7f:cf:d3:b9:0d:d2:18:bc:41:6d:b7:74:d4:26:72:09:d5: 34:6b:29:e5:04:86:8f:f0:92:c4:39:14:5b:ab:59:39:2b:25: 3a:da:fd:b6:96:ac:ef:eb:e4:f2:5a:9e:01:c9:eb:0a:5b:2b: 42:9e:8d:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdxSQDXJwNp6xVLVSbNBGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw Y2FhM2IwHhcNMjUxMjI2MDcwMjE0WhcNMjUxMjI3MDcwMjE0WjAzMTEwLwYDVQQD EyhlNzAxNzA3OThhYTFjMmM1MDdjOGFlYjA5OGQ5Zjc5MzA2YzI4ODQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW6y2zvcwF7rNAvcAlopdJCaDYW8 Wp6LDDUPPp2ox7qwdlEp/CWsljmh6UBNpRecS8gKBEV7r8qLEJQwqoQ1PtcCfkde J87FoZh9hyqnjTuialjimK3YmBo8PgOu39HvYXPo+114seHtb0YdwNdTfBGIVkQq si3Z9egZaXXykUYk1ZUKVJuRkDB3DucfgdNbQfoztzYtLaN3T3zk2Rq4xwHvKnoV 1qG4o+ZaN12MOEGSwkeKKM9L5P8r2Xzd+x4AVtbvimAqWZ6mAitG7U7KgE7xC/87 SbDORNiEnOAETzO3mnlapFLtkkznJYDiMlsyV23PG2Heq9a4r9SnUkf/UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOcBcHmKocLFB8iusJjZ95MGwohDMB8GA1UdIwQY MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADY4Aa4wG GVj0zE8BagJUe/RalmYF/g4I/1l0iEtVAYNBqOPIANVnFi8IywmXH0EvzNENDdLz PTXUPvPQ3r6uNKSvgCfeOROj6M3GvYgLIQKnwC4rPzH10urFlwHAl8yI4uYGZUDY BESGBtmyUz0VZXRM9wK0XtUs8wSgbMsWeS2raGH6bcF9+xXQdIDt+kTSjGRo+7RP 6pIel/3H+TIaPRG1GmJsRFnAHHzWiMaUqgWb5XxN7OoVDbs0rlCNVL1/46CiB7VL yn/P07kN0hi8QW23dNQmcgnVNGsp5QSGj/CSxDkUW6tZOSslOtr9tpas7+vk8lqe AcnrClsrQp6NXg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:15 2025 by rpki-client