This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft File: lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json) Hash identifier: YrU1sT25JQOY9ksJd8ARdFhkcHk+4qvql1RncGya1aU= Subject key identifier: 89:68:0A:10:48:33:22:AA:2E:74:78:FE:10:E7:96:16:E3:E8:F9:64 Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 Certificate issuer: /CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Certificate serial: 019B1FF442B34A8E2A4FC81B14CBD6564C90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft Manifest number: 068D Signing time: Mon 15 Dec 2025 03:00:59 +0000 Manifest this update: Mon 15 Dec 2025 03:00:59 +0000 Manifest next update: Tue 16 Dec 2025 03:00:59 +0000 Files and hashes: 1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: 93ngjZyKlm1yhfiLC6UoTTOq5h90/+6EBmTXTQtvj1Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 03:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:42:b3:4a:8e:2a:4f:c8:1b:14:cb:d6:56:4c:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Validity Not Before: Dec 15 03:00:59 2025 GMT Not After : Dec 16 03:00:59 2025 GMT Subject: CN=89680a10483322aa2e7478fe10e79616e3e8f964 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:7b:04:28:2e:06:fd:ea:fb:6e:2d:f8:82:07: 1a:69:46:35:04:77:08:47:30:a9:5b:cb:c4:94:1b: 22:f8:61:8e:d8:11:f3:2c:c6:ee:1c:a8:ac:35:9e: 4e:d0:a3:e8:c8:80:10:cd:9e:2a:61:75:e0:64:94: 99:aa:c9:08:de:64:9a:30:4a:18:66:c0:39:f9:65: cd:60:74:fa:32:51:30:9e:8c:64:f7:5f:c4:6e:a5: e5:54:da:0c:06:2f:5d:83:11:f1:95:ef:ca:5e:1b: 69:e2:9e:66:b0:f2:d9:25:30:be:4d:49:b8:d0:e7: 8c:56:3f:27:25:30:1b:54:3d:a4:a6:83:f1:e3:41: e3:ac:16:81:bf:5c:ab:6c:98:b2:b4:d4:ed:f6:37: 10:72:92:a7:b3:16:43:2f:3d:ad:e6:61:3e:59:32: 0c:50:c3:84:08:7a:0e:da:93:22:41:a9:a3:96:8e: d8:88:9a:10:7d:41:68:96:18:be:d4:c2:e3:eb:a5: b8:eb:71:e6:86:d3:65:44:aa:d4:12:76:13:ca:61: 59:b3:f1:d9:da:53:5b:94:3f:6a:4e:44:e3:76:04: a7:ce:7d:74:aa:dc:c5:d7:45:be:fd:4f:e3:16:30: 43:7c:f9:f5:ec:d7:a2:6b:47:33:68:1f:bf:42:9f: 65:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:68:0A:10:48:33:22:AA:2E:74:78:FE:10:E7:96:16:E3:E8:F9:64 X509v3 Authority Key Identifier: keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:34:61:26:2f:72:dc:08:ef:b4:f9:23:07:25:85:02:99:cf: 51:d5:26:be:7d:ee:74:95:00:07:ea:38:86:08:0a:a1:10:e7: 96:12:7c:0e:80:da:dc:10:ad:e8:42:f9:e4:e6:1b:9a:40:47: cc:0b:81:5c:af:05:d8:b2:59:5d:7b:90:7f:a5:a6:db:2d:43: bf:f1:b8:2e:bb:59:10:a9:2a:dc:0c:7e:15:9a:79:47:7d:c0: 0a:9d:33:c2:7f:54:a5:77:e5:c7:5f:2f:7d:79:11:36:71:fe: 80:40:1f:ed:62:57:08:7f:ce:20:b0:f3:a7:af:7e:0f:ac:ec: 11:d8:41:34:b5:ae:bf:73:d3:44:e8:6c:46:9b:9f:db:17:96: 9f:ed:26:3e:ba:4a:59:fc:27:c7:47:01:ca:2e:d8:be:ff:07: ca:24:4a:10:b4:c1:ad:4e:78:96:02:f8:6c:91:51:95:e0:4c: 98:3e:92:28:6a:41:55:24:48:9b:e3:74:7e:d3:9e:2a:63:6e: 17:4c:87:55:f3:bf:72:c8:ee:c8:41:2c:c1:00:3f:97:4b:c2: e5:14:f7:b3:43:f4:cf:82:7a:0f:cc:e6:5f:2d:de:1c:ca:5e: c7:9b:c5:50:82:75:7e:d8:82:a8:df:c9:1c:ca:32:37:69:a0: c2:f1:11:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9EKzSo4qT8gbFMvWVkyQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4 NjRhNzIwHhcNMjUxMjE1MDMwMDU5WhcNMjUxMjE2MDMwMDU5WjAzMTEwLwYDVQQD Eyg4OTY4MGExMDQ4MzMyMmFhMmU3NDc4ZmUxMGU3OTYxNmUzZThmOTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HsEKC4G/er7bi34ggcaaUY1BHcI RzCpW8vElBsi+GGO2BHzLMbuHKisNZ5O0KPoyIAQzZ4qYXXgZJSZqskI3mSaMEoY ZsA5+WXNYHT6MlEwnoxk91/EbqXlVNoMBi9dgxHxle/KXhtp4p5msPLZJTC+TUm4 0OeMVj8nJTAbVD2kpoPx40HjrBaBv1yrbJiytNTt9jcQcpKnsxZDLz2t5mE+WTIM UMOECHoO2pMiQamjlo7YiJoQfUFolhi+1MLj66W463HmhtNlRKrUEnYTymFZs/HZ 2lNblD9qTkTjdgSnzn10qtzF10W+/U/jFjBDfPn17Neia0czaB+/Qp9lawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIloChBIMyKqLnR4/hDnlhbj6PlkMB8GA1UdIwQY MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDRhJi9y 3AjvtPkjByWFApnPUdUmvn3udJUAB+o4hggKoRDnlhJ8DoDa3BCt6EL55OYbmkBH zAuBXK8F2LJZXXuQf6Wm2y1Dv/G4LrtZEKkq3Ax+FZp5R33ACp0zwn9UpXflx18v fXkRNnH+gEAf7WJXCH/OILDzp69+D6zsEdhBNLWuv3PTROhsRpuf2xeWn+0mPrpK Wfwnx0cByi7Yvv8HyiRKELTBrU54lgL4bJFRleBMmD6SKGpBVSRIm+N0ftOeKmNu F0yHVfO/csjuyEEswQA/l0vC5RT3s0P0z4J6D8zmXy3eHMpex5vFUIJ1ftiCqN/J HMoyN2mgwvERKA== -----END CERTIFICATE-----Generated at Mon Dec 15 12:06:28 2025 by rpki-client