This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json) Hash identifier: KAeN/wpU+alryDq03lqqfLHZrRxEPJs/yx6nnJPaMr0= Subject key identifier: AD:6C:4F:C7:9B:B1:E2:CD:B1:DB:6A:46:3C:59:1F:9F:65:A8:D7:1B Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66 Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066 Certificate serial: 019B3AFDE8C946AC2B94677E2FC6263D396F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 09:01:17 +0000 Manifest this update: Sat 20 Dec 2025 09:01:17 +0000 Manifest next update: Sun 21 Dec 2025 09:01:17 +0000 Files and hashes: 1: alfL1bRTQjOY-E2KjHP8N4Ulue0.roa (hash: ybSj2AdhAA+9tbRInXwXzkVBfMf3WHllqssGw6/wFUI=) 2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: 5mnxuxTJTMmiw4yxUMw/4g5MRsghtvEHt4CglfCo+co=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:e8:c9:46:ac:2b:94:67:7e:2f:c6:26:3d:39:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066 Validity Not Before: Dec 20 09:01:17 2025 GMT Not After : Dec 21 09:01:17 2025 GMT Subject: CN=ad6c4fc79bb1e2cdb1db6a463c591f9f65a8d71b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:af:cf:c5:ea:76:17:7e:ed:ff:5d:59:8b:5a: 84:62:b0:ce:ce:d2:c0:99:39:cd:b7:fc:f1:bb:9d: 68:d6:6c:bc:73:99:59:5b:9f:1f:3e:b5:30:25:84: b9:a4:c3:ce:31:63:ab:5c:a8:92:3a:af:62:07:d1: 00:04:be:25:92:80:73:89:bf:16:38:0d:7a:40:80: 90:b8:38:8e:33:52:4d:7e:fc:90:53:06:af:b3:ee: 39:80:60:0f:6a:13:9a:a6:82:42:b2:c9:90:0b:90: 48:bf:10:61:c8:84:64:31:c1:50:24:f9:c9:48:b2: 7d:f0:4b:c7:1b:73:3e:01:ae:40:06:7d:e6:88:43: 8e:a2:df:f5:cc:cd:c1:2f:fe:2c:27:b9:44:e1:93: 7a:d9:88:c7:a7:a1:bd:4f:d7:4e:fe:d3:c8:79:d3: d2:b0:47:33:0d:5e:2a:44:a7:e9:88:d6:2d:52:72: 43:8d:f1:56:2d:d7:64:70:00:cc:68:11:37:5b:93: 9b:c8:ff:7e:d2:33:8b:69:21:a6:9a:ef:66:bf:01: b0:a4:69:a2:ac:f8:8c:ef:5b:03:78:70:9c:34:a0: 3d:dc:ad:42:42:12:d3:b6:cd:9c:ed:f3:1e:f3:63: 09:39:ca:cd:04:01:c7:3d:e2:91:c3:5b:ed:c1:9d: 5b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6C:4F:C7:9B:B1:E2:CD:B1:DB:6A:46:3C:59:1F:9F:65:A8:D7:1B X509v3 Authority Key Identifier: keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:ba:52:52:fd:0a:82:3e:b6:17:cd:b9:14:1e:f4:46:2b:af: ce:01:5c:b8:ee:d9:48:78:95:c7:1a:78:47:0c:b9:a6:1b:03: 93:39:98:06:c5:75:12:e8:2a:aa:c9:c2:22:0b:56:1c:a7:da: 32:a1:b5:32:0f:22:c9:2a:69:a5:7e:f8:8b:f2:a5:25:fe:1d: 91:80:e6:30:1b:99:65:b7:d3:aa:8a:e4:e0:77:a1:de:cd:df: 2d:c2:8e:6c:20:3d:d2:11:b5:fd:88:f5:67:a9:9b:62:37:b4: 4e:46:45:05:a1:56:65:08:dd:05:2a:7a:18:b3:e5:61:00:48: a2:80:cd:ac:16:bb:5c:74:4d:d6:94:e6:a6:30:07:bd:f4:d3: 13:2a:4c:19:0b:5d:40:d8:e2:35:3e:7b:9c:4e:6b:69:2b:18: 98:86:a4:da:6a:35:be:9c:84:c0:fe:3f:80:05:8b:d7:75:42: ac:c4:f5:3c:a7:5e:ef:83:96:af:69:d0:ef:c4:07:de:69:d6: 86:01:3d:6a:e7:be:5a:db:50:5a:d7:e2:1c:c2:9e:37:cc:47: 7b:e4:40:9d:39:9a:9c:44:5e:22:ed:98:0f:bc:33:97:9c:8e: 3d:b9:46:10:b6:7c:1b:4e:da:9a:d1:2b:8d:e5:a0:b0:cc:53: 4d:db:cf:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/ejJRqwrlGd+L8YmPTlvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk M2UwNjYwHhcNMjUxMjIwMDkwMTE3WhcNMjUxMjIxMDkwMTE3WjAzMTEwLwYDVQQD EyhhZDZjNGZjNzliYjFlMmNkYjFkYjZhNDYzYzU5MWY5ZjY1YThkNzFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6/Pxep2F37t/11Zi1qEYrDOztLA mTnNt/zxu51o1my8c5lZW58fPrUwJYS5pMPOMWOrXKiSOq9iB9EABL4lkoBzib8W OA16QICQuDiOM1JNfvyQUwavs+45gGAPahOapoJCssmQC5BIvxBhyIRkMcFQJPnJ SLJ98EvHG3M+Aa5ABn3miEOOot/1zM3BL/4sJ7lE4ZN62YjHp6G9T9dO/tPIedPS sEczDV4qRKfpiNYtUnJDjfFWLddkcADMaBE3W5ObyP9+0jOLaSGmmu9mvwGwpGmi rPiM71sDeHCcNKA93K1CQhLTts2c7fMe82MJOcrNBAHHPeKRw1vtwZ1boQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK1sT8ebseLNsdtqRjxZH59lqNcbMB8GA1UdIwQY MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5 LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7pSUv0K gj62F825FB70RiuvzgFcuO7ZSHiVxxp4Rwy5phsDkzmYBsV1EugqqsnCIgtWHKfa MqG1Mg8iySpppX74i/KlJf4dkYDmMBuZZbfTqork4Heh3s3fLcKObCA90hG1/Yj1 Z6mbYje0TkZFBaFWZQjdBSp6GLPlYQBIooDNrBa7XHRN1pTmpjAHvfTTEypMGQtd QNjiNT57nE5raSsYmIak2mo1vpyEwP4/gAWL13VCrMT1PKde74OWr2nQ78QH3mnW hgE9aue+WttQWtfiHMKeN8xHe+RAnTmanEReIu2YD7wzl5yOPblGELZ8G07amtEr jeWgsMxTTdvPJg== -----END CERTIFICATE-----Generated at Sat Dec 20 18:25:09 2025 by rpki-client