This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft File: lcGSBnFsXHnTW_FZJNszI6TsGMg.mft (raw, json) Hash identifier: s6Oa8kR2bEqiauWwXx4Bgt/eopInowSx+LNCHc+1alg= Subject key identifier: 64:9F:A1:BB:32:69:8D:A0:EB:30:8D:71:C8:73:A4:56:30:9B:88:A8 Authority key identifier: 95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8 Certificate issuer: /CN=95c19206716c5c79d35bf15924db3323a4ec18c8 Certificate serial: 019B202AE9469023AE39352338D3C6D3BDF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft Manifest number: 1349 Signing time: Mon 15 Dec 2025 04:00:41 +0000 Manifest this update: Mon 15 Dec 2025 04:00:41 +0000 Manifest next update: Tue 16 Dec 2025 04:00:41 +0000 Files and hashes: 1: lcGSBnFsXHnTW_FZJNszI6TsGMg.crl (hash: YUnc67greq9gmZyfJEnjaqT9U+LF9CbdS3JeInlr/Xo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2a:e9:46:90:23:ae:39:35:23:38:d3:c6:d3:bd:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95c19206716c5c79d35bf15924db3323a4ec18c8 Validity Not Before: Dec 15 04:00:41 2025 GMT Not After : Dec 16 04:00:41 2025 GMT Subject: CN=649fa1bb32698da0eb308d71c873a456309b88a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:55:80:53:4e:64:48:18:d2:12:b8:eb:73:bd: e9:bf:bd:60:04:bb:ed:ec:72:87:c5:42:b9:98:71: a4:fa:f1:02:00:a1:6e:9f:35:89:58:82:78:70:94: e3:c8:f8:61:01:5e:12:48:0b:73:4a:8b:82:7d:75: 99:6d:70:3a:40:07:3b:a9:33:9a:49:d5:20:10:5f: 6a:ac:b1:b4:7b:8a:74:d9:3e:60:68:64:bc:04:b9: 1c:2e:d5:bc:a6:4b:ef:00:21:03:9a:3d:80:2d:b3: fa:b2:1c:fc:a7:02:75:9b:5f:a9:ea:f1:9c:fe:26: 27:41:0c:ca:35:42:9f:cd:27:77:0d:96:f6:d6:34: 63:dd:e5:6d:96:b0:ac:45:d4:34:ad:95:d4:f1:71: 19:90:e0:7c:ad:23:a4:27:e7:38:f4:3f:b6:3b:8f: 46:f9:2b:77:36:17:be:98:6f:f6:c2:fe:9d:e7:3d: da:ba:eb:3c:e5:c4:d4:9f:df:2f:aa:bc:df:7e:57: f2:53:10:7d:f3:3a:3f:7c:79:70:4f:67:cb:16:0e: f4:cf:ac:90:dc:3e:75:69:8e:e3:45:48:3f:2f:c9: 87:d1:52:96:d7:af:ac:d1:e9:e2:75:1d:62:5e:68: fb:e8:3b:93:55:29:39:9a:03:11:58:54:0a:17:88: f3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:9F:A1:BB:32:69:8D:A0:EB:30:8D:71:C8:73:A4:56:30:9B:88:A8 X509v3 Authority Key Identifier: keyid:95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:b6:72:08:ad:90:38:81:2e:08:5a:5b:bb:c6:76:78:83:43: 1f:28:36:06:bf:3b:ea:1e:93:d1:67:71:1f:a6:2b:b7:b5:69: 0d:f4:70:77:62:90:43:dc:1d:87:d7:12:ff:f6:9f:78:a3:5b: ee:c0:10:a3:40:79:09:43:f2:c7:63:20:77:6e:ac:d3:e2:3f: 0c:4c:df:1f:72:0f:03:87:1f:fc:18:d8:32:bb:b3:94:1d:aa: 2b:3e:8f:55:12:45:94:ea:92:90:06:66:74:a0:37:c7:69:23: f9:6b:98:7f:ab:2b:26:0b:95:39:aa:b8:02:25:9f:8f:d3:61: be:3d:97:49:22:12:41:73:aa:a7:37:fc:f5:b1:57:e2:25:08: 1c:18:5b:54:f1:40:46:80:58:e8:dd:83:0f:f7:fa:69:54:07: 85:5c:66:6e:68:27:9d:ed:3b:3f:c4:da:24:03:8d:fc:f1:85: 83:ea:ae:f7:94:10:44:36:0f:09:3e:a0:c1:59:d6:22:4e:05: 98:ee:e3:11:ac:53:a7:8b:ea:e0:6b:2f:f2:2b:85:20:b0:a3: cb:fb:ab:d6:24:35:0a:cd:ad:05:a4:5b:37:48:b4:13:16:7e: 11:22:49:d4:c2:e4:ef:f0:72:d6:d8:bd:85:a4:32:23:c5:42: ee:71:5f:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgKulGkCOuOTUjONPG0730MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YzE5MjA2NzE2YzVjNzlkMzViZjE1OTI0ZGIzMzIzYTRl YzE4YzgwHhcNMjUxMjE1MDQwMDQxWhcNMjUxMjE2MDQwMDQxWjAzMTEwLwYDVQQD Eyg2NDlmYTFiYjMyNjk4ZGEwZWIzMDhkNzFjODczYTQ1NjMwOWI4OGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31WAU05kSBjSErjrc73pv71gBLvt 7HKHxUK5mHGk+vECAKFunzWJWIJ4cJTjyPhhAV4SSAtzSouCfXWZbXA6QAc7qTOa SdUgEF9qrLG0e4p02T5gaGS8BLkcLtW8pkvvACEDmj2ALbP6shz8pwJ1m1+p6vGc /iYnQQzKNUKfzSd3DZb21jRj3eVtlrCsRdQ0rZXU8XEZkOB8rSOkJ+c49D+2O49G +St3Nhe+mG/2wv6d5z3auus85cTUn98vqrzfflfyUxB98zo/fHlwT2fLFg70z6yQ 3D51aY7jRUg/L8mH0VKW16+s0enidR1iXmj76DuTVSk5mgMRWFQKF4jz9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGSfobsyaY2g6zCNcchzpFYwm4ioMB8GA1UdIwQY MBaAFJXBkgZxbFx501vxWSTbMyOk7BjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5Yjkt YTRhOWNjNDcxNTk5LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5YjktYTRhOWNjNDcxNTk5 LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbZyCK2Q OIEuCFpbu8Z2eINDHyg2Br876h6T0WdxH6Yrt7VpDfRwd2KQQ9wdh9cS//afeKNb 7sAQo0B5CUPyx2Mgd26s0+I/DEzfH3IPA4cf/BjYMruzlB2qKz6PVRJFlOqSkAZm dKA3x2kj+WuYf6srJguVOaq4AiWfj9Nhvj2XSSISQXOqpzf89bFX4iUIHBhbVPFA RoBY6N2DD/f6aVQHhVxmbmgnne07P8TaJAON/PGFg+qu95QQRDYPCT6gwVnWIk4F mO7jEaxTp4vq4Gsv8iuFILCjy/ur1iQ1Cs2tBaRbN0i0ExZ+ESJJ1MLk7/By1ti9 haQyI8VC7nFf7A== -----END CERTIFICATE-----Generated at Mon Dec 15 13:29:04 2025 by rpki-client