This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft File: ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json) Hash identifier: UnmmrUBZWKkmPf6pNc3igHzw3092pINMcWlP6QkEL1U= Subject key identifier: F4:F2:CD:AB:F2:95:F0:D6:B2:61:72:1A:4A:06:13:97:C6:66:D9:3B Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A Certificate issuer: /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a Certificate serial: 019B5977091A4AC11D519FEA13983AE8FB78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft Manifest number: 1407 Signing time: Fri 26 Dec 2025 07:02:11 +0000 Manifest this update: Fri 26 Dec 2025 07:02:11 +0000 Manifest next update: Sat 27 Dec 2025 07:02:11 +0000 Files and hashes: 1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: xVYJL6xdMzx4tzSriTJyuBL6T4jvzNKxpo5vZGN7OPg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:09:1a:4a:c1:1d:51:9f:ea:13:98:3a:e8:fb:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a Validity Not Before: Dec 26 07:02:11 2025 GMT Not After : Dec 27 07:02:11 2025 GMT Subject: CN=f4f2cdabf295f0d6b261721a4a061397c666d93b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:31:54:9e:33:61:cb:49:b9:74:ae:59:33:6d: 1f:e2:a4:3c:d6:fc:a4:c1:ab:13:24:6d:b8:a1:0b: 55:98:60:24:ad:25:e4:57:d0:d5:78:ff:f2:1c:6b: bb:22:3a:41:08:ed:91:94:a1:bb:05:a4:78:bb:2d: a3:da:c0:65:a1:d8:47:dc:37:67:c4:67:d3:56:18: 48:c8:8a:47:0e:2b:da:20:cf:c6:ff:37:7b:85:7e: 63:5e:6b:1b:b5:e3:ac:4f:c0:e3:7d:67:18:d7:0b: 24:c4:7d:38:cf:97:e6:3f:af:24:e8:47:7b:73:a3: c1:1a:a3:b8:09:de:38:ee:3f:82:e3:bd:f0:b5:53: dc:a4:c8:f3:3b:65:5c:f8:3c:e3:db:7e:5b:40:7b: d7:0b:45:cd:ef:1e:85:fb:e5:d0:50:15:91:76:f6: db:48:1f:6a:99:7c:65:82:72:5f:f7:6b:ca:d0:56: e2:4c:c5:59:9b:9f:c7:27:09:1a:dd:26:ac:4b:2a: 35:93:95:a9:d9:00:7e:f8:80:93:90:2c:e0:24:ce: 66:a7:1e:13:1b:32:95:6e:3f:2c:f9:dd:a0:6c:de: 09:17:71:ba:b0:73:2e:b0:b1:dd:e5:f0:4b:9a:2f: 4a:3e:d8:b8:1b:6d:99:bb:fa:0e:95:2b:c0:a1:fd: c8:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:F2:CD:AB:F2:95:F0:D6:B2:61:72:1A:4A:06:13:97:C6:66:D9:3B X509v3 Authority Key Identifier: keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:f5:37:7a:06:c6:2a:eb:79:a8:b7:3b:c2:43:02:2e:88:ab: e6:75:af:3e:25:39:9c:0b:81:43:a3:23:db:99:cf:04:1d:65: 2b:1e:70:5c:5d:03:35:ab:8e:ae:b4:9c:2a:72:58:62:7f:17: 2e:f6:78:01:dc:3b:32:d1:13:d6:9d:b1:e8:87:bc:ce:f0:11: 37:99:1d:ca:dd:0e:5c:df:4b:7e:28:a4:d5:f7:ba:9c:bf:f9: a7:fd:d8:84:8d:db:6e:a8:63:5d:6d:f7:c6:08:38:34:63:be: fd:99:ae:57:12:b4:9f:c1:fc:94:8f:ea:62:49:1f:c1:51:8e: 3a:56:a9:40:2f:52:c2:48:21:dc:a5:af:48:1e:b9:06:52:92: d6:f6:88:01:9e:5e:11:4f:cb:48:69:0b:59:be:71:48:d9:7f: e2:fb:44:52:e4:ba:26:6f:eb:0f:8e:ba:c4:66:e0:47:dc:35: 46:cb:6d:57:38:55:14:e7:7a:f0:88:62:b1:d6:16:c0:b5:04: d4:a9:73:ba:2e:e0:6d:4b:18:4d:c2:cf:38:e0:a5:c1:bb:e7: 07:d2:ee:ed:f5:cc:49:e4:ae:78:8e:ee:0a:bf:1c:00:0b:ca: 45:20:df:ed:b3:68:9e:67:e7:10:e0:3e:83:a7:3e:c6:b4:76: 5c:bc:6f:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdwkaSsEdUZ/qE5g66Pt4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi NzgzOWEwHhcNMjUxMjI2MDcwMjExWhcNMjUxMjI3MDcwMjExWjAzMTEwLwYDVQQD EyhmNGYyY2RhYmYyOTVmMGQ2YjI2MTcyMWE0YTA2MTM5N2M2NjZkOTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTFUnjNhy0m5dK5ZM20f4qQ81vyk wasTJG24oQtVmGAkrSXkV9DVeP/yHGu7IjpBCO2RlKG7BaR4uy2j2sBlodhH3Ddn xGfTVhhIyIpHDivaIM/G/zd7hX5jXmsbteOsT8DjfWcY1wskxH04z5fmP68k6Ed7 c6PBGqO4Cd447j+C473wtVPcpMjzO2Vc+Dzj235bQHvXC0XN7x6F++XQUBWRdvbb SB9qmXxlgnJf92vK0FbiTMVZm5/HJwka3SasSyo1k5Wp2QB++ICTkCzgJM5mpx4T GzKVbj8s+d2gbN4JF3G6sHMusLHd5fBLmi9KPti4G22Zu/oOlSvAof3IkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPTyzavylfDWsmFyGkoGE5fGZtk7MB8GA1UdIwQY MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARvU3egbG Kut5qLc7wkMCLoir5nWvPiU5nAuBQ6Mj25nPBB1lKx5wXF0DNauOrrScKnJYYn8X LvZ4Adw7MtET1p2x6Ie8zvARN5kdyt0OXN9Lfiik1fe6nL/5p/3YhI3bbqhjXW33 xgg4NGO+/ZmuVxK0n8H8lI/qYkkfwVGOOlapQC9Swkgh3KWvSB65BlKS1vaIAZ5e EU/LSGkLWb5xSNl/4vtEUuS6Jm/rD466xGbgR9w1RsttVzhVFOd68IhisdYWwLUE 1Klzui7gbUsYTcLPOOClwbvnB9Lu7fXMSeSueI7uCr8cAAvKRSDf7bNonmfnEOA+ g6c+xrR2XLxvdQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:54 2025 by rpki-client