This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft File: Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json) Hash identifier: m61LJ8uAweAqswDYqaLgBf3VKFmerVzF5ADGWHapvs8= Subject key identifier: 4C:85:A9:C6:9A:1F:41:92:1E:3F:05:5A:EF:F6:29:06:59:EE:03:2F Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD Certificate issuer: /CN=2ebff6cfb8326b447295a11b107868212e665fdd Certificate serial: 019B4324F11C8BD9B699BC2C5B195EC9D106 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft Manifest number: 086B Signing time: Sun 21 Dec 2025 23:00:52 +0000 Manifest this update: Sun 21 Dec 2025 23:00:52 +0000 Manifest next update: Mon 22 Dec 2025 23:00:52 +0000 Files and hashes: 1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=) 2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: KFHRph7hsfjOhMgku3o56mQ3NkHWM5S9ZIb6D8Vby0M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:24:f1:1c:8b:d9:b6:99:bc:2c:5b:19:5e:c9:d1:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd Validity Not Before: Dec 21 23:00:52 2025 GMT Not After : Dec 22 23:00:52 2025 GMT Subject: CN=4c85a9c69a1f41921e3f055aeff6290659ee032f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:75:4a:67:86:71:d7:96:49:f2:0e:22:6e:27: ff:a8:28:df:40:1b:77:f8:21:2c:b0:4d:d7:04:2a: 31:af:c5:e5:ca:a1:a8:10:62:9d:48:c9:54:00:43: 52:c9:13:bd:ff:be:61:c6:17:55:cb:91:92:31:e3: cc:40:05:c1:b5:ac:32:c5:a0:6c:a5:89:d1:5c:b0: 5c:80:4f:9a:3b:15:f5:fe:75:71:21:4b:47:9c:13: 7f:a0:bf:1a:8a:e5:db:7b:f5:a0:af:81:58:04:cd: 88:09:c5:03:35:68:ac:9d:b4:63:6f:63:68:8c:25: a5:ee:01:c1:8b:80:6b:0a:7d:a4:8f:0a:4d:90:57: 4a:7d:c8:83:7e:af:d9:69:2e:07:96:d4:83:6e:e6: aa:f0:c7:4d:da:4e:1c:43:00:15:2b:ac:89:7c:2c: 4c:00:b0:87:65:a2:81:67:12:1f:af:73:68:e3:03: e3:4f:28:07:4f:28:10:d8:de:e4:15:f4:ea:48:51: 9f:9b:b1:c4:34:35:7f:25:0a:ca:0d:08:e8:fc:ff: 6d:e2:76:10:c0:e2:2a:12:01:d3:8c:68:1b:8a:31: 94:b2:fd:c2:4c:76:33:f1:5a:dc:99:3c:cc:6b:ec: 4f:43:79:24:fe:19:69:f3:5c:b3:3f:ec:44:47:08: 78:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:85:A9:C6:9A:1F:41:92:1E:3F:05:5A:EF:F6:29:06:59:EE:03:2F X509v3 Authority Key Identifier: keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:25:ea:c9:99:e4:c5:6c:af:9d:38:95:00:96:2d:c7:96:de: fc:1e:82:a7:e6:51:af:ca:81:9b:a9:93:45:26:d8:5b:a3:fc: d9:ff:fb:ca:1f:1b:e2:03:81:c4:32:c6:82:7b:05:2b:e7:67: 6a:b6:2c:08:53:30:47:4d:0a:64:ee:aa:c6:31:17:20:12:e4: 8a:64:9c:14:82:1d:19:6b:e1:49:ad:29:a4:45:10:b6:f2:e4: dd:a4:55:06:09:96:16:ee:d3:fd:ea:e5:40:cb:cf:bd:9e:13: 0e:97:a0:c8:c9:e5:e3:52:82:fc:19:07:41:bc:f7:7d:fa:7b: 4f:49:9a:74:4c:27:d9:f0:38:f0:0e:19:e5:06:8e:2e:15:a1: 34:2e:9e:b7:20:a7:8a:27:69:e6:ed:60:77:c5:8c:b0:31:6b: 9b:76:b2:91:1e:c5:53:a4:c5:32:77:05:a2:79:bf:44:8a:37: 74:6c:e1:ee:3c:0e:f7:41:92:63:59:38:8e:ef:b0:9b:97:08: ae:1c:98:65:6b:fc:4e:f2:03:5d:d6:b2:88:e9:e8:c9:d0:47: 41:b1:ae:9c:91:e5:d3:47:37:92:ef:88:da:6f:71:54:41:ac: 0d:b8:e4:ef:08:4f:4d:8c:e4:d2:de:95:41:ae:86:c9:54:55: 2b:13:76:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJPEci9m2mbwsWxleydEGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2 NjVmZGQwHhcNMjUxMjIxMjMwMDUyWhcNMjUxMjIyMjMwMDUyWjAzMTEwLwYDVQQD Eyg0Yzg1YTljNjlhMWY0MTkyMWUzZjA1NWFlZmY2MjkwNjU5ZWUwMzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nVKZ4Zx15ZJ8g4ibif/qCjfQBt3 +CEssE3XBCoxr8XlyqGoEGKdSMlUAENSyRO9/75hxhdVy5GSMePMQAXBtawyxaBs pYnRXLBcgE+aOxX1/nVxIUtHnBN/oL8aiuXbe/Wgr4FYBM2ICcUDNWisnbRjb2No jCWl7gHBi4BrCn2kjwpNkFdKfciDfq/ZaS4HltSDbuaq8MdN2k4cQwAVK6yJfCxM ALCHZaKBZxIfr3No4wPjTygHTygQ2N7kFfTqSFGfm7HENDV/JQrKDQjo/P9t4nYQ wOIqEgHTjGgbijGUsv3CTHYz8VrcmTzMa+xPQ3kk/hlp81yzP+xERwh4qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEyFqcaaH0GSHj8FWu/2KQZZ7gMvMB8GA1UdIwQY MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVSXqyZnk xWyvnTiVAJYtx5be/B6Cp+ZRr8qBm6mTRSbYW6P82f/7yh8b4gOBxDLGgnsFK+dn arYsCFMwR00KZO6qxjEXIBLkimScFIIdGWvhSa0ppEUQtvLk3aRVBgmWFu7T/erl QMvPvZ4TDpegyMnl41KC/BkHQbz3ffp7T0madEwn2fA48A4Z5QaOLhWhNC6etyCn iidp5u1gd8WMsDFrm3aykR7FU6TFMncFonm/RIo3dGzh7jwO90GSY1k4ju+wm5cI rhyYZWv8TvIDXdayiOnoydBHQbGunJHl00c3ku+I2m9xVEGsDbjk7whPTYzk0t6V Qa6GyVRVKxN2Hw== -----END CERTIFICATE-----Generated at Mon Dec 22 04:22:49 2025 by rpki-client