This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft File: Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft (raw, json) Hash identifier: I7/yN3Dg8Hr5MsXoRO1EeML1gP3WoR2J6+0EP/7zFe0= Subject key identifier: 4B:8F:B7:55:2C:E7:C6:34:E4:03:DD:EA:F6:4D:0C:29:5F:9E:12:2B Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e Certificate serial: 019B0FA55D93C69DFA98E57ED9681CBDC803 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft Manifest number: 1774 Signing time: Thu 11 Dec 2025 23:00:54 +0000 Manifest this update: Thu 11 Dec 2025 23:00:54 +0000 Manifest next update: Fri 12 Dec 2025 23:00:54 +0000 Files and hashes: 1: LDfn0M5v99IHnOQFUNXp12Nf90k.roa (hash: do0pH7tAz4W21wYBRY5jEznU82Zdd3DteyiFEbjbCqA=) 2: Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl (hash: 9vweAgUYTIAIzhGvWPVjMxabmOoI9hk5Wb2XsR/iKik=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a5:5d:93:c6:9d:fa:98:e5:7e:d9:68:1c:bd:c8:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e Validity Not Before: Dec 11 23:00:54 2025 GMT Not After : Dec 12 23:00:54 2025 GMT Subject: CN=4b8fb7552ce7c634e403ddeaf64d0c295f9e122b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:79:1a:3e:f3:75:7d:ba:4f:62:45:0a:cc:f9: 4e:00:86:13:14:a3:ee:7e:1a:df:1f:e9:f6:e6:43: 62:fd:5c:19:cf:88:8a:e5:3c:1a:31:3e:fa:29:a1: d5:1d:9a:ea:d1:55:61:7b:df:31:0a:30:b0:26:ea: 48:4c:00:1d:c9:8f:08:70:51:64:b3:3c:a8:92:0d: bb:7a:5c:a1:e3:9b:23:04:7c:44:f9:d2:0b:70:c6: e5:84:c8:99:26:48:22:3e:48:41:3d:2d:5a:9a:d6: 26:d8:96:9e:35:81:b3:d6:7e:a6:e1:a9:2f:d9:dc: 93:10:8e:9e:3e:f0:38:28:0d:f1:20:2d:2a:a7:0c: 0e:56:09:9e:b2:a6:7b:c6:b1:b6:d6:ba:5f:52:6c: a8:97:dc:f9:c8:fa:b0:5a:94:f2:d2:e3:aa:22:e0: d4:0a:3a:53:12:8b:34:4d:dd:d7:93:1e:4e:63:3d: 49:cb:d1:b2:95:d9:d8:55:4b:8e:2f:8a:9e:7b:27: 73:2f:80:86:6c:17:85:14:c2:e4:eb:79:d1:af:d8: b9:9c:c2:77:d8:5f:bd:4a:a9:5e:04:e2:ce:08:da: 86:c4:fd:31:36:99:cb:eb:bb:e0:ff:db:78:de:ca: 38:a8:12:c8:73:f9:71:38:25:39:96:09:60:1c:fa: 2c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:8F:B7:55:2C:E7:C6:34:E4:03:DD:EA:F6:4D:0C:29:5F:9E:12:2B X509v3 Authority Key Identifier: keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:c2:fe:45:30:b9:45:8f:5a:8d:60:97:58:6d:19:c0:55:00: 12:2b:9b:32:b1:c1:c2:a6:0e:24:71:ce:f7:db:5c:96:12:9b: 44:b7:83:19:3e:fe:69:fd:86:d0:00:3b:29:92:f5:8e:cd:fc: 82:26:43:4a:c5:f1:80:36:72:5c:d3:7c:42:bd:70:78:89:81: 25:e6:01:2d:4f:f9:6a:f9:0a:14:2f:8c:a4:af:ce:1d:6b:a8: 20:e8:c9:4f:93:3a:19:d9:f7:27:09:67:81:dc:84:0d:67:15: fd:e8:0d:cc:c7:15:03:1c:ed:15:9b:c0:f6:77:4a:a5:ac:52: e0:bd:f8:45:b5:66:59:24:86:14:74:3b:a0:8f:3e:51:68:49: 54:45:92:88:53:58:a1:3e:22:be:85:d5:3d:66:37:80:c7:85: 08:79:c4:a5:85:6a:e0:67:d8:87:8f:ae:16:e9:f1:c6:59:28: 95:b1:f5:46:6a:e8:5e:58:55:f5:c2:1f:d8:ca:a6:a2:3f:e6: 92:50:1c:71:3a:3a:52:e4:c5:8a:b0:82:53:53:b4:7e:39:b4: 21:d0:01:61:fe:bf:70:01:c1:31:d4:24:c9:91:12:d9:1c:7e: 48:d8:1d:8e:34:10:7e:82:db:17:9d:35:f3:88:be:65:71:45: f2:bf:f3:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpV2Txp36mOV+2WgcvcgDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk ODIwNGUwHhcNMjUxMjExMjMwMDU0WhcNMjUxMjEyMjMwMDU0WjAzMTEwLwYDVQQD Eyg0YjhmYjc1NTJjZTdjNjM0ZTQwM2RkZWFmNjRkMGMyOTVmOWUxMjJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXkaPvN1fbpPYkUKzPlOAIYTFKPu fhrfH+n25kNi/VwZz4iK5TwaMT76KaHVHZrq0VVhe98xCjCwJupITAAdyY8IcFFk szyokg27elyh45sjBHxE+dILcMblhMiZJkgiPkhBPS1amtYm2JaeNYGz1n6m4akv 2dyTEI6ePvA4KA3xIC0qpwwOVgmesqZ7xrG21rpfUmyol9z5yPqwWpTy0uOqIuDU CjpTEos0Td3Xkx5OYz1Jy9GyldnYVUuOL4qeeydzL4CGbBeFFMLk63nRr9i5nMJ3 2F+9SqleBOLOCNqGxP0xNpnL67vg/9t43so4qBLIc/lxOCU5lglgHPosswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEuPt1Us58Y05APd6vZNDClfnhIrMB8GA1UdIwQY MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct ZTJhZTA1NWVjZWQxLzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcL+RTC5 RY9ajWCXWG0ZwFUAEiubMrHBwqYOJHHO99tclhKbRLeDGT7+af2G0AA7KZL1js38 giZDSsXxgDZyXNN8Qr1weImBJeYBLU/5avkKFC+MpK/OHWuoIOjJT5M6Gdn3Jwln gdyEDWcV/egNzMcVAxztFZvA9ndKpaxS4L34RbVmWSSGFHQ7oI8+UWhJVEWSiFNY oT4ivoXVPWY3gMeFCHnEpYVq4GfYh4+uFunxxlkolbH1RmroXlhV9cIf2Mqmoj/m klAccTo6UuTFirCCU1O0fjm0IdABYf6/cAHBMdQkyZES2Rx+SNgdjjQQfoLbF501 84i+ZXFF8r/zcg== -----END CERTIFICATE-----Generated at Fri Dec 12 01:41:05 2025 by rpki-client