This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft File: LKYTd0lZnAPHtHLxQscZaAAGtuY.mft (raw, json) Hash identifier: 91P+YdzehmTgPz5veItk3i7f0wJKZ8IUhFyE0AXvk34= Subject key identifier: 55:2E:1C:87:F5:74:AE:F8:49:D0:28:71:CE:2F:69:23:78:79:E4:A6 Authority key identifier: 2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6 Certificate issuer: /CN=2ca6137749599c03c7b472f142c719680006b6e6 Certificate serial: 019B4581AE5B30EC1FDCF4525C9913F1EB82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft Manifest number: 1420 Signing time: Mon 22 Dec 2025 10:01:25 +0000 Manifest this update: Mon 22 Dec 2025 10:01:25 +0000 Manifest next update: Tue 23 Dec 2025 10:01:25 +0000 Files and hashes: 1: LKYTd0lZnAPHtHLxQscZaAAGtuY.crl (hash: QgNI+RMyp1axJC/UWXVZ4t89eW+nuVoH22v+UHg6204=) 2: f7aLiKVHyM1OWvHdDt9KjBrOjRc.roa (hash: gXMbVjSWssRl5pUSyy0mfRaHyNZzTR/Z01nmT1EQCvQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:81:ae:5b:30:ec:1f:dc:f4:52:5c:99:13:f1:eb:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ca6137749599c03c7b472f142c719680006b6e6 Validity Not Before: Dec 22 10:01:25 2025 GMT Not After : Dec 23 10:01:25 2025 GMT Subject: CN=552e1c87f574aef849d02871ce2f69237879e4a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:dd:04:33:d2:6a:bb:c3:a0:d5:73:ff:53:fb: 09:5a:f7:01:e9:41:4b:7f:e5:9d:c8:72:12:4c:b3: de:75:3a:3d:1b:85:86:17:f0:b7:81:5f:21:41:90: 05:39:5c:df:ec:28:30:2d:ac:06:bd:d3:e8:28:de: a2:c7:1e:c9:4f:14:67:39:32:1a:0d:ae:96:b6:82: b2:96:59:83:24:9b:dd:15:37:1e:12:96:b9:89:c5: ab:02:c0:fd:0c:3e:db:92:f7:a1:b3:1d:d6:40:18: ec:6b:5c:44:f1:a4:5e:a6:4c:55:94:83:83:52:35: c3:37:3e:8d:96:37:ac:41:ca:d0:73:2d:ae:26:48: 03:8c:13:88:4b:3f:3e:8d:7c:33:fc:aa:3c:07:a6: 90:00:f5:5d:d8:ca:3f:09:81:31:df:c2:4f:95:f9: 70:9d:15:26:11:ad:26:19:7f:69:b6:f0:9b:1f:f5: b5:05:47:b8:79:95:f5:03:d3:40:e5:62:e8:e5:8f: 90:8a:b3:52:9b:8c:19:db:ea:f2:6b:4c:f9:de:c6: 30:75:56:a4:31:36:c1:df:9d:ee:01:b1:98:62:b1: 08:5a:13:fa:37:5a:65:10:b2:11:df:6f:c6:99:49: b9:67:a2:06:18:35:ef:41:6d:de:6d:c5:ff:e3:18: a7:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:2E:1C:87:F5:74:AE:F8:49:D0:28:71:CE:2F:69:23:78:79:E4:A6 X509v3 Authority Key Identifier: keyid:2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:21:aa:38:e0:9b:13:1c:de:72:e4:34:6e:6a:29:24:98:43: b4:ba:ab:77:35:98:54:f7:02:d4:47:03:18:ba:71:a2:e8:72: 82:20:e8:bd:39:fc:67:5a:d2:4f:31:0a:b5:67:a5:e0:77:97: c8:56:a7:f5:6f:a4:92:31:26:d2:aa:e9:4b:4c:eb:4f:e9:d0: e3:58:1c:e4:3a:3c:6b:ce:8e:3f:3a:5d:5a:4f:22:63:b8:82: 1b:7e:5a:1d:f6:42:6e:84:ad:9d:ad:cd:fc:2a:23:06:af:4f: b8:cf:a7:83:d9:01:54:5c:0f:12:f3:00:7a:49:57:93:4a:d0: e8:f2:3a:6f:98:e9:03:d9:98:53:81:aa:b3:29:2f:18:1c:25: 24:15:dc:f8:dc:74:80:38:b8:2a:d3:60:ac:aa:bc:77:c0:a8: 95:6e:e1:7a:1e:62:a2:91:66:bd:12:a2:4f:03:f8:c7:c9:1e: e5:2c:23:1b:ed:ee:dc:3f:9f:e8:f5:47:91:f4:32:65:5c:26: 41:40:77:bc:ed:c7:b1:06:a9:b8:91:d1:37:54:b8:a4:52:37: 96:df:e2:88:a6:10:44:8c:b3:2a:10:c6:17:10:3d:cc:87:e9: d0:a0:fd:e7:ca:7d:03:6a:e9:73:db:5c:b1:24:0d:88:4b:f2: 89:c1:59:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFga5bMOwf3PRSXJkT8euCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYTYxMzc3NDk1OTljMDNjN2I0NzJmMTQyYzcxOTY4MDAw NmI2ZTYwHhcNMjUxMjIyMTAwMTI1WhcNMjUxMjIzMTAwMTI1WjAzMTEwLwYDVQQD Eyg1NTJlMWM4N2Y1NzRhZWY4NDlkMDI4NzFjZTJmNjkyMzc4NzllNGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt0EM9Jqu8Og1XP/U/sJWvcB6UFL f+WdyHISTLPedTo9G4WGF/C3gV8hQZAFOVzf7CgwLawGvdPoKN6ixx7JTxRnOTIa Da6WtoKyllmDJJvdFTceEpa5icWrAsD9DD7bkvehsx3WQBjsa1xE8aRepkxVlIOD UjXDNz6NljesQcrQcy2uJkgDjBOISz8+jXwz/Ko8B6aQAPVd2Mo/CYEx38JPlflw nRUmEa0mGX9ptvCbH/W1BUe4eZX1A9NA5WLo5Y+QirNSm4wZ2+rya0z53sYwdVak MTbB353uAbGYYrEIWhP6N1plELIR32/GmUm5Z6IGGDXvQW3ebcX/4xinkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFUuHIf1dK74SdAocc4vaSN4eeSmMB8GA1UdIwQY MBaAFCymE3dJWZwDx7Ry8ULHGWgABrbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAt NTAxOWQyYzM4OGRiLzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAtNTAxOWQyYzM4OGRi LzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSGqOOCb ExzecuQ0bmopJJhDtLqrdzWYVPcC1EcDGLpxouhygiDovTn8Z1rSTzEKtWel4HeX yFan9W+kkjEm0qrpS0zrT+nQ41gc5Do8a86OPzpdWk8iY7iCG35aHfZCboStna3N /CojBq9PuM+ng9kBVFwPEvMAeklXk0rQ6PI6b5jpA9mYU4GqsykvGBwlJBXc+Nx0 gDi4KtNgrKq8d8ColW7heh5iopFmvRKiTwP4x8ke5SwjG+3u3D+f6PVHkfQyZVwm QUB3vO3HsQapuJHRN1S4pFI3lt/iiKYQRIyzKhDGFxA9zIfp0KD958p9A2rpc9tc sSQNiEvyicFZDA== -----END CERTIFICATE-----Generated at Mon Dec 22 12:58:01 2025 by rpki-client