This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft File: 1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json) Hash identifier: qOVRFsGeVsfa/CAJ5V53thmJ7exAsuuQmDyUMHdruTk= Subject key identifier: F9:51:04:69:6F:B4:54:A3:55:89:C1:3E:04:D5:0D:09:5A:84:25:3D Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58 Certificate issuer: /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558 Certificate serial: 019B337B3222F934924834D88A7906768654 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft Manifest number: 07E4 Signing time: Thu 18 Dec 2025 22:01:10 +0000 Manifest this update: Thu 18 Dec 2025 22:01:10 +0000 Manifest next update: Fri 19 Dec 2025 22:01:10 +0000 Files and hashes: 1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: kCmTMA3n8QGyT/to4mRwavgZ8b8153PlZB5GrT8cw8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:32:22:f9:34:92:48:34:d8:8a:79:06:76:86:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558 Validity Not Before: Dec 18 22:01:10 2025 GMT Not After : Dec 19 22:01:10 2025 GMT Subject: CN=f95104696fb454a35589c13e04d50d095a84253d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:cc:4d:1c:6a:94:20:15:3e:f3:fd:f8:29:fa: 78:6f:e3:b0:e5:fe:ea:dd:a8:97:a1:1f:7a:a5:b5: 1e:90:96:30:a4:a5:cd:54:a7:c2:8c:5d:d0:ac:29: 2e:22:85:53:8b:8f:57:55:1d:3b:6f:18:50:c5:50: 13:ad:25:24:03:99:8d:16:9b:03:8f:ff:26:17:b6: c6:af:2e:29:e4:73:3d:40:19:43:dc:eb:d0:46:37: ab:5b:46:5c:82:05:98:f7:d8:65:9d:fa:17:20:8b: 35:ea:5e:3e:26:5d:4b:58:1b:63:aa:3f:2c:34:56: 46:27:0f:86:c6:48:33:64:c2:ca:73:79:7f:42:b4: 56:a2:c1:65:88:eb:39:30:27:1a:99:a2:70:aa:8c: aa:98:83:3c:d2:ca:0b:5b:65:47:0d:5e:2e:51:fb: 64:0b:b2:00:1f:f0:67:13:bc:47:3e:1a:d6:f2:be: 61:fd:82:e5:51:9a:21:06:05:21:12:35:9f:a6:94: 57:8e:11:99:da:9c:13:6d:15:a2:4d:c8:89:a3:d9: 05:7d:11:e4:bb:93:8d:fe:55:93:3e:43:6f:01:38: c3:aa:6d:1a:e1:85:55:20:5a:cb:56:9f:5f:db:73: ec:1e:91:30:d6:7c:97:3a:79:26:8c:48:2c:07:72: 7d:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:51:04:69:6F:B4:54:A3:55:89:C1:3E:04:D5:0D:09:5A:84:25:3D X509v3 Authority Key Identifier: keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:a1:75:7e:67:a1:d1:d9:79:fb:0f:b7:05:a3:ae:88:ea:be: 62:41:29:f2:6f:e8:64:86:36:83:d2:99:0c:24:a3:c0:a8:42: 4f:ee:48:0e:24:6c:9b:73:55:13:92:92:5d:35:33:f8:5e:4e: 57:51:91:e8:c2:ce:66:6d:50:52:6f:c7:32:26:15:aa:0e:04: d4:95:84:59:9e:f9:27:7a:78:25:44:69:52:8b:bf:ad:f0:8a: 64:ab:fe:61:80:40:6e:45:a9:47:44:e1:13:1b:a9:56:aa:c6: d6:b2:60:90:20:65:c8:a2:a0:07:92:f7:fd:68:c4:1f:9e:9e: f1:21:d0:bd:4f:27:c6:81:50:0c:90:51:b1:38:6e:cc:20:44: 90:2f:3d:53:c6:cb:e7:a7:fa:8e:a4:c5:d2:4d:93:08:80:28: f3:b3:21:d6:5b:4c:29:92:c0:f2:ca:c8:2c:1a:6a:bf:c5:39: 04:a1:65:03:d4:c3:5a:db:e0:f9:51:2e:88:4a:d4:6c:29:48: 25:20:c5:d1:ed:a3:90:5d:e4:13:f7:29:69:29:3f:12:ec:0b: ce:69:37:36:2c:18:b2:10:01:b9:ae:e7:61:e7:ef:e9:5b:63: 7b:1d:5c:da:20:0c:d7:9b:46:30:45:60:ba:db:5e:c6:b6:41: 0c:90:3c:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszezIi+TSSSDTYinkGdoZUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4 ZTA1NTgwHhcNMjUxMjE4MjIwMTEwWhcNMjUxMjE5MjIwMTEwWjAzMTEwLwYDVQQD EyhmOTUxMDQ2OTZmYjQ1NGEzNTU4OWMxM2UwNGQ1MGQwOTVhODQyNTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcxNHGqUIBU+8/34Kfp4b+Ow5f7q 3aiXoR96pbUekJYwpKXNVKfCjF3QrCkuIoVTi49XVR07bxhQxVATrSUkA5mNFpsD j/8mF7bGry4p5HM9QBlD3OvQRjerW0ZcggWY99hlnfoXIIs16l4+Jl1LWBtjqj8s NFZGJw+GxkgzZMLKc3l/QrRWosFliOs5MCcamaJwqoyqmIM80soLW2VHDV4uUftk C7IAH/BnE7xHPhrW8r5h/YLlUZohBgUhEjWfppRXjhGZ2pwTbRWiTciJo9kFfRHk u5ON/lWTPkNvATjDqm0a4YVVIFrLVp9f23PsHpEw1nyXOnkmjEgsB3J9NwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPlRBGlvtFSjVYnBPgTVDQlahCU9MB8GA1UdIwQY MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARaF1fmeh 0dl5+w+3BaOuiOq+YkEp8m/oZIY2g9KZDCSjwKhCT+5IDiRsm3NVE5KSXTUz+F5O V1GR6MLOZm1QUm/HMiYVqg4E1JWEWZ75J3p4JURpUou/rfCKZKv+YYBAbkWpR0Th ExupVqrG1rJgkCBlyKKgB5L3/WjEH56e8SHQvU8nxoFQDJBRsThuzCBEkC89U8bL 56f6jqTF0k2TCIAo87Mh1ltMKZLA8srILBpqv8U5BKFlA9TDWtvg+VEuiErUbClI JSDF0e2jkF3kE/cpaSk/EuwLzmk3NiwYshABua7nYefv6Vtjex1c2iAM15tGMEVg uttexrZBDJA8Mg== -----END CERTIFICATE-----Generated at Fri Dec 19 03:18:12 2025 by rpki-client