This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft File: lsgslDmkFHsuorWXz_xRALqNMnw.mft (raw, json) Hash identifier: KBNOvxd2vJuEDWPhnH0viZduVp1uhToSzzptCi+2hcY= Subject key identifier: 76:F9:EE:78:BD:2F:A4:49:EE:6E:80:2C:84:C5:CD:E5:2A:07:03:89 Authority key identifier: 96:C8:2C:94:39:A4:14:7B:2E:A2:B5:97:CF:FC:51:00:BA:8D:32:7C Certificate issuer: /CN=96c82c9439a4147b2ea2b597cffc5100ba8d327c Certificate serial: 019B5977771917FC00691A93B45D03680627 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft Manifest number: 1357 Signing time: Fri 26 Dec 2025 07:02:40 +0000 Manifest this update: Fri 26 Dec 2025 07:02:40 +0000 Manifest next update: Sat 27 Dec 2025 07:02:40 +0000 Files and hashes: 1: lsgslDmkFHsuorWXz_xRALqNMnw.crl (hash: VJUEJWnCTjOhSMU33cBYqfwEESHnRdKqzNuK/CWJND8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:77:19:17:fc:00:69:1a:93:b4:5d:03:68:06:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96c82c9439a4147b2ea2b597cffc5100ba8d327c Validity Not Before: Dec 26 07:02:40 2025 GMT Not After : Dec 27 07:02:40 2025 GMT Subject: CN=76f9ee78bd2fa449ee6e802c84c5cde52a070389 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:9e:a1:40:42:25:06:d3:9d:30:b4:ee:c5:97: 04:31:d2:9b:4e:02:0d:42:09:c3:fa:02:a6:e8:1b: 69:29:07:5c:e0:cd:87:a9:89:79:bc:0b:67:29:f7: a3:3f:c6:79:04:b9:45:b5:e1:b9:d9:bc:a0:67:09: d8:1e:4c:0a:47:79:d1:e3:78:21:c3:ca:00:a5:9f: e1:6a:64:a4:ec:d9:62:36:ce:f9:49:11:c3:29:62: b0:3b:62:9c:e6:7b:61:8a:d8:59:4d:98:a0:31:6e: 7b:37:98:df:5a:8a:9e:9c:32:87:0e:f4:73:06:72: e3:73:33:7e:9d:8e:34:99:dc:88:11:e9:c9:2a:a8: df:e0:9c:c3:71:4b:82:79:55:c7:2f:38:9a:15:49: d5:a8:e4:dd:40:86:04:18:8a:9e:4f:4d:d9:67:c5: 22:80:a1:be:54:5d:fa:76:63:a3:34:56:f8:91:90: 83:15:85:3c:5f:b3:e8:75:94:19:a0:86:3e:f3:82: 74:ef:29:f5:5b:4a:e2:1a:2c:43:36:18:82:df:50: 39:9c:99:a5:91:97:02:f0:4f:40:2b:77:af:ec:42: 0d:46:1b:f3:27:80:4f:3e:72:8e:c0:c4:74:29:92: 21:a5:53:71:29:e6:d6:ee:d7:ad:4f:b2:8c:b8:25: a5:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:F9:EE:78:BD:2F:A4:49:EE:6E:80:2C:84:C5:CD:E5:2A:07:03:89 X509v3 Authority Key Identifier: keyid:96:C8:2C:94:39:A4:14:7B:2E:A2:B5:97:CF:FC:51:00:BA:8D:32:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsgslDmkFHsuorWXz_xRALqNMnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b3c41a-492c-45e4-89d6-dcc4c45bf162/1/lsgslDmkFHsuorWXz_xRALqNMnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:dc:8b:96:09:27:5f:1a:d4:38:73:fe:23:f1:0d:50:09:99: d1:29:b0:2c:c2:57:15:01:7d:cd:ba:4b:56:12:f7:a4:e9:0b: a2:64:76:26:9a:5f:e9:ab:b0:01:71:cd:28:b6:17:dd:26:02: aa:18:d9:f5:bc:3c:04:2c:c7:48:fe:92:f7:79:ed:e5:86:91: 5d:2c:03:63:a1:fa:46:db:cf:e7:27:ed:c2:59:e7:c0:ab:60: a2:4a:42:79:d5:65:b8:2d:dd:94:78:76:6f:9b:51:bc:4e:19: d3:a6:18:ca:cb:e1:a5:29:cd:67:45:53:2a:14:45:21:b6:57: 48:de:ae:a2:53:66:88:67:fb:8d:c6:00:98:57:a8:4c:9b:ee: 66:1a:c1:8e:89:a0:fc:2f:ca:9b:08:d2:78:9a:e9:87:14:1f: 62:9a:50:4d:23:4e:11:29:66:6f:f7:03:88:77:e6:cb:bb:53: 79:ac:c7:ec:a3:d9:0e:f0:a6:9e:c6:52:94:ab:e2:73:5a:dd: bb:3f:b3:b4:04:be:f1:1c:ee:0d:b7:f6:e6:f4:3e:f9:77:34: 19:c5:c9:ab:51:28:95:33:aa:aa:29:bf:76:a3:83:57:71:8c: 86:62:1b:e2:31:82:e3:af:5d:94:ed:b7:df:57:a7:8e:10:56: d5:a2:aa:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd3cZF/wAaRqTtF0DaAYnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YzgyYzk0MzlhNDE0N2IyZWEyYjU5N2NmZmM1MTAwYmE4 ZDMyN2MwHhcNMjUxMjI2MDcwMjQwWhcNMjUxMjI3MDcwMjQwWjAzMTEwLwYDVQQD Eyg3NmY5ZWU3OGJkMmZhNDQ5ZWU2ZTgwMmM4NGM1Y2RlNTJhMDcwMzg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ6hQEIlBtOdMLTuxZcEMdKbTgIN QgnD+gKm6BtpKQdc4M2HqYl5vAtnKfejP8Z5BLlFteG52bygZwnYHkwKR3nR43gh w8oApZ/hamSk7NliNs75SRHDKWKwO2Kc5nthithZTZigMW57N5jfWoqenDKHDvRz BnLjczN+nY40mdyIEenJKqjf4JzDcUuCeVXHLziaFUnVqOTdQIYEGIqeT03ZZ8Ui gKG+VF36dmOjNFb4kZCDFYU8X7PodZQZoIY+84J07yn1W0riGixDNhiC31A5nJml kZcC8E9AK3ev7EINRhvzJ4BPPnKOwMR0KZIhpVNxKebW7tetT7KMuCWlZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHb57ni9L6RJ7m6ALITFzeUqBwOJMB8GA1UdIwQY MBaAFJbILJQ5pBR7LqK1l8/8UQC6jTJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9iM2M0MWEtNDkyYy00NWU0LTg5ZDYt ZGNjNGM0NWJmMTYyLzEvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9iM2M0MWEtNDkyYy00NWU0LTg5ZDYtZGNjNGM0NWJmMTYy LzEvbHNnc2xEbWtGSHN1b3JXWHpfeFJBTHFOTW53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtyLlgkn XxrUOHP+I/ENUAmZ0SmwLMJXFQF9zbpLVhL3pOkLomR2Jppf6auwAXHNKLYX3SYC qhjZ9bw8BCzHSP6S93nt5YaRXSwDY6H6RtvP5yftwlnnwKtgokpCedVluC3dlHh2 b5tRvE4Z06YYysvhpSnNZ0VTKhRFIbZXSN6uolNmiGf7jcYAmFeoTJvuZhrBjomg /C/KmwjSeJrphxQfYppQTSNOESlmb/cDiHfmy7tTeazH7KPZDvCmnsZSlKvic1rd uz+ztAS+8RzuDbf25vQ++Xc0GcXJq1EolTOqqim/dqODV3GMhmIb4jGC469dlO23 31enjhBW1aKqcw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:18 2025 by rpki-client