This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft File: LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json) Hash identifier: XT999jzU1zAGbIQb0iwQ7Ob2pFZz9cOH3XZgaEBT8vI= Subject key identifier: 9B:E5:A1:BC:BB:6E:83:A7:A2:B8:EA:86:D7:AA:BA:0A:35:D5:03:68 Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79 Certificate issuer: /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979 Certificate serial: 019B3F7F66BC81A91D9BE38E1A630756C024 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft Manifest number: 0761 Signing time: Sun 21 Dec 2025 06:01:12 +0000 Manifest this update: Sun 21 Dec 2025 06:01:12 +0000 Manifest next update: Mon 22 Dec 2025 06:01:12 +0000 Files and hashes: 1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: cwYpJms+zYXHajfXtHq5XN0cmvdaua2pyzOHvQ46obY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 06:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:66:bc:81:a9:1d:9b:e3:8e:1a:63:07:56:c0:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979 Validity Not Before: Dec 21 06:01:12 2025 GMT Not After : Dec 22 06:01:12 2025 GMT Subject: CN=9be5a1bcbb6e83a7a2b8ea86d7aaba0a35d50368 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:86:a4:31:a5:3b:f0:c7:08:b1:c9:74:c4:13: bf:7b:2c:dd:24:ea:25:02:b9:04:59:09:65:b7:26: ea:fa:82:2b:38:d7:7f:2f:8a:1f:15:60:59:a9:80: f3:6e:3c:bc:66:7b:1e:b6:0c:55:e9:b8:37:f2:12: 0c:f3:33:4a:ee:e5:77:68:71:b5:90:0a:9a:41:d4: 11:14:ea:b9:be:9f:7d:f0:d8:a2:8f:88:f3:2e:b5: cb:e4:60:85:e6:60:c3:bf:9d:03:d3:cc:37:f3:a4: 5e:8d:25:f5:32:7e:1d:98:08:af:c8:4f:64:e9:d3: e4:2b:e5:89:d6:0f:e2:fc:60:4f:5e:9b:32:6b:11: 0c:e8:18:f4:2a:87:33:8e:1d:df:2b:12:da:51:c5: 8b:35:a4:b0:f5:e9:0e:f4:87:98:de:f1:67:f9:35: ed:aa:d0:f9:3b:df:13:95:19:28:cc:16:31:8f:ab: c4:f2:75:e0:54:2e:52:75:81:e7:1f:d5:2f:66:7e: 3a:3d:71:71:a9:31:3a:30:de:3e:ce:1b:55:82:40: 01:3b:70:54:0f:da:a4:fa:bc:89:04:2d:a7:3d:5a: 9f:06:86:8b:4c:85:33:fb:93:e4:a6:d2:ec:38:93: ec:44:fb:bb:94:5e:bb:c9:4b:f9:da:61:58:4a:b7: f0:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:E5:A1:BC:BB:6E:83:A7:A2:B8:EA:86:D7:AA:BA:0A:35:D5:03:68 X509v3 Authority Key Identifier: keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:3c:c9:59:ed:94:71:8d:33:6e:93:77:db:0b:3b:1e:71:4e: fc:55:21:28:f6:17:05:6d:51:12:4c:f4:1b:57:de:27:54:4e: 06:1a:41:a9:23:c2:a9:d2:79:10:16:37:2e:54:d5:bd:52:56: f3:70:d8:39:bd:1a:b5:1a:fc:b4:b4:7d:6d:4c:7e:39:f4:3c: 81:3d:ea:8f:5d:13:78:a1:bf:3e:6c:06:1b:43:71:09:15:91: 0a:f9:40:75:d8:a9:b3:46:e1:f9:05:20:70:e3:51:11:a8:77: c4:91:d1:53:5b:20:33:15:c3:b0:0e:01:3b:e9:41:49:b6:41: a7:15:4d:72:b9:7a:bf:11:d3:af:15:e9:96:5c:6b:a5:29:91: ce:4b:ba:fc:93:c8:21:f0:25:2b:52:66:90:5e:c6:4a:f9:e7: 1a:a8:32:01:0f:4a:0b:6b:b8:50:61:af:f7:25:63:37:a7:6e: 98:37:42:2d:90:3d:a6:4d:d5:94:71:45:52:91:8d:9a:5b:06: 18:c5:26:97:ef:e9:d5:e5:db:b7:58:d0:39:7c:4f:75:c8:e2: a6:7a:dd:15:0d:8e:64:cc:64:38:42:98:39:29:54:23:5e:31: 60:08:40:53:ee:56:db:cd:f8:54:d4:87:bd:de:39:24:3a:d3: 17:72:2e:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/f2a8gakdm+OOGmMHVsAkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2 Yjc5NzkwHhcNMjUxMjIxMDYwMTEyWhcNMjUxMjIyMDYwMTEyWjAzMTEwLwYDVQQD Eyg5YmU1YTFiY2JiNmU4M2E3YTJiOGVhODZkN2FhYmEwYTM1ZDUwMzY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYakMaU78McIscl0xBO/eyzdJOol ArkEWQlltybq+oIrONd/L4ofFWBZqYDzbjy8ZnsetgxV6bg38hIM8zNK7uV3aHG1 kAqaQdQRFOq5vp998Niij4jzLrXL5GCF5mDDv50D08w386RejSX1Mn4dmAivyE9k 6dPkK+WJ1g/i/GBPXpsyaxEM6Bj0Koczjh3fKxLaUcWLNaSw9ekO9IeY3vFn+TXt qtD5O98TlRkozBYxj6vE8nXgVC5SdYHnH9UvZn46PXFxqTE6MN4+zhtVgkABO3BU D9qk+ryJBC2nPVqfBoaLTIUz+5PkptLsOJPsRPu7lF67yUv52mFYSrfwOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJvloby7boOnorjqhtequgo11QNoMB8GA1UdIwQY MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2 LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzzJWe2U cY0zbpN32ws7HnFO/FUhKPYXBW1REkz0G1feJ1ROBhpBqSPCqdJ5EBY3LlTVvVJW 83DYOb0atRr8tLR9bUx+OfQ8gT3qj10TeKG/PmwGG0NxCRWRCvlAddips0bh+QUg cONREah3xJHRU1sgMxXDsA4BO+lBSbZBpxVNcrl6vxHTrxXpllxrpSmRzku6/JPI IfAlK1JmkF7GSvnnGqgyAQ9KC2u4UGGv9yVjN6dumDdCLZA9pk3VlHFFUpGNmlsG GMUml+/p1eXbt1jQOXxPdcjipnrdFQ2OZMxkOEKYOSlUI14xYAhAU+5W2834VNSH vd45JDrTF3IuMg== -----END CERTIFICATE-----Generated at Sun Dec 21 15:40:47 2025 by rpki-client