This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft File: LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json) Hash identifier: lxrzPIby1zXuIF+hrcdKHvnBp6U8CXwA604fLYW6QP0= Subject key identifier: ED:87:84:B9:8F:FF:9E:80:B6:B6:EE:1D:27:93:8D:A5:21:7E:F6:48 Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D Certificate issuer: /CN=2d909367dbddd1e4866bd89eaf727598a47b583d Certificate serial: 019B59772C719FE537B57A64C71908AC277C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft Manifest number: 024B Signing time: Fri 26 Dec 2025 07:02:20 +0000 Manifest this update: Fri 26 Dec 2025 07:02:20 +0000 Manifest next update: Sat 27 Dec 2025 07:02:20 +0000 Files and hashes: 1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: OxNxmpp6DBTcmSrXTqpi1vuiS6DZjmNtLJXknN56Bj0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:2c:71:9f:e5:37:b5:7a:64:c7:19:08:ac:27:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d Validity Not Before: Dec 26 07:02:20 2025 GMT Not After : Dec 27 07:02:20 2025 GMT Subject: CN=ed8784b98fff9e80b6b6ee1d27938da5217ef648 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1b:81:2d:c1:4b:e4:63:92:54:35:63:b3:b6: 4b:b5:00:19:c0:ff:f3:02:f8:e2:79:02:25:12:30: 91:54:5f:49:cb:49:06:b3:08:5f:bd:57:c4:84:eb: 70:bc:0a:b0:0c:2a:fb:43:08:e9:80:d9:90:57:80: c1:8d:6a:c1:18:6e:65:49:5e:fa:0f:d5:5f:db:d4: 64:78:d6:ca:9d:e2:3f:bd:97:1c:d4:cc:b9:e6:c8: 83:89:d0:48:ed:c9:37:08:6b:32:23:0c:59:91:6c: 70:93:b0:9d:3f:19:e9:3a:3a:c6:9b:76:13:66:40: 32:8c:d9:95:7b:a2:e7:f5:dc:08:39:a3:03:dc:cd: 51:77:3a:2b:b9:64:44:c0:1a:47:57:af:53:57:1d: e2:60:cd:da:10:8e:db:54:16:95:b1:c7:0e:43:f3: 09:9f:42:34:3c:de:92:95:04:d5:43:a9:2f:8d:f2: 1a:96:18:01:ad:34:9a:f5:0a:86:e2:28:6d:f8:a0: 09:ec:b9:da:cc:ba:45:8e:1d:1e:6a:6c:05:1b:f1: c7:90:43:69:ce:75:74:1a:e5:bc:95:10:c8:c2:83: 4e:ca:98:13:98:c9:0e:b4:8e:44:3d:e4:42:07:9c: b3:2a:1c:2e:30:0c:ec:88:fa:1b:10:15:54:5f:7b: d2:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:87:84:B9:8F:FF:9E:80:B6:B6:EE:1D:27:93:8D:A5:21:7E:F6:48 X509v3 Authority Key Identifier: keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:22:41:4c:47:a5:a2:3c:42:c4:09:53:cb:4c:c5:67:e2:da: b1:f1:fc:f7:ee:42:49:d5:96:96:d8:82:cf:c0:6f:94:fc:b0: cc:23:11:ef:e4:3a:ba:42:84:fc:2d:a3:13:37:c2:3e:0a:bb: 2d:0c:34:ce:a2:11:20:56:21:7d:61:37:a8:2c:c5:28:19:a4: af:f7:90:c0:5d:b3:02:cd:83:1c:13:e2:88:c6:8a:f2:59:3e: b3:6c:94:3f:9a:05:58:79:b1:bc:8b:7b:d1:d6:04:c4:e7:1b: 9b:5d:13:d5:5c:66:11:1c:f9:0b:b7:7d:20:ce:9e:15:b4:02: 12:fc:6b:0c:06:0f:b8:8a:66:2c:69:64:3f:7c:59:7e:4b:95: 45:ef:b4:10:e8:99:05:f4:a3:45:76:a8:23:20:40:b9:0c:c3: ff:95:90:00:36:e0:a7:d0:fb:8f:0e:c4:13:83:76:4d:3d:46: e0:45:0e:49:eb:b0:c0:9e:d6:e6:92:85:17:40:e8:b8:b7:76: c6:39:71:d0:7d:61:76:34:45:6a:8f:ea:c0:98:10:f1:6a:91: 64:5a:ef:e1:b9:f0:74:a1:56:5c:22:3a:e6:57:98:6e:39:c3: 88:33:e9:49:db:85:1c:65:7f:e2:f2:24:bf:08:7b:b3:f7:f2: 52:4e:ee:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdyxxn+U3tXpkxxkIrCd8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3 YjU4M2QwHhcNMjUxMjI2MDcwMjIwWhcNMjUxMjI3MDcwMjIwWjAzMTEwLwYDVQQD EyhlZDg3ODRiOThmZmY5ZTgwYjZiNmVlMWQyNzkzOGRhNTIxN2VmNjQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRuBLcFL5GOSVDVjs7ZLtQAZwP/z AvjieQIlEjCRVF9Jy0kGswhfvVfEhOtwvAqwDCr7QwjpgNmQV4DBjWrBGG5lSV76 D9Vf29RkeNbKneI/vZcc1My55siDidBI7ck3CGsyIwxZkWxwk7CdPxnpOjrGm3YT ZkAyjNmVe6Ln9dwIOaMD3M1RdzoruWREwBpHV69TVx3iYM3aEI7bVBaVsccOQ/MJ n0I0PN6SlQTVQ6kvjfIalhgBrTSa9QqG4iht+KAJ7LnazLpFjh0eamwFG/HHkENp znV0GuW8lRDIwoNOypgTmMkOtI5EPeRCB5yzKhwuMAzsiPobEBVUX3vSMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2HhLmP/56AtrbuHSeTjaUhfvZIMB8GA1UdIwQY MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjiJBTEel ojxCxAlTy0zFZ+LasfH89+5CSdWWltiCz8BvlPywzCMR7+Q6ukKE/C2jEzfCPgq7 LQw0zqIRIFYhfWE3qCzFKBmkr/eQwF2zAs2DHBPiiMaK8lk+s2yUP5oFWHmxvIt7 0dYExOcbm10T1VxmERz5C7d9IM6eFbQCEvxrDAYPuIpmLGlkP3xZfkuVRe+0EOiZ BfSjRXaoIyBAuQzD/5WQADbgp9D7jw7EE4N2TT1G4EUOSeuwwJ7W5pKFF0DouLd2 xjlx0H1hdjRFao/qwJgQ8WqRZFrv4bnwdKFWXCI65leYbjnDiDPpSduFHGV/4vIk vwh7s/fyUk7uYA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:24 2025 by rpki-client