This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft File: LKYTd0lZnAPHtHLxQscZaAAGtuY.mft (raw, json) Hash identifier: v8dUD78M/BbVoRtgpgG6t0OZsVc7md7+1q7WlcKm5sw= Subject key identifier: DD:86:AC:A8:04:4C:2C:BA:3B:7A:94:B3:7D:38:D3:DC:59:03:AC:D6 Authority key identifier: 2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6 Certificate issuer: /CN=2ca6137749599c03c7b472f142c719680006b6e6 Certificate serial: 019B4F294FEEB108FFE21989E9539F9EFF7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft Manifest number: 1425 Signing time: Wed 24 Dec 2025 07:01:06 +0000 Manifest this update: Wed 24 Dec 2025 07:01:06 +0000 Manifest next update: Thu 25 Dec 2025 07:01:06 +0000 Files and hashes: 1: LKYTd0lZnAPHtHLxQscZaAAGtuY.crl (hash: Iw77+8VXMiKF1hv04oSrxSNesMWk88QQ+sXtn/WmINA=) 2: f7aLiKVHyM1OWvHdDt9KjBrOjRc.roa (hash: gXMbVjSWssRl5pUSyy0mfRaHyNZzTR/Z01nmT1EQCvQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 07:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:29:4f:ee:b1:08:ff:e2:19:89:e9:53:9f:9e:ff:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ca6137749599c03c7b472f142c719680006b6e6 Validity Not Before: Dec 24 07:01:06 2025 GMT Not After : Dec 25 07:01:06 2025 GMT Subject: CN=dd86aca8044c2cba3b7a94b37d38d3dc5903acd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:07:85:02:30:bb:91:d0:22:ca:2e:3f:6a:36: c6:b8:f5:bc:f8:4b:24:57:5a:4c:c8:c3:d9:18:01: da:f4:59:e7:f7:9f:f0:93:a2:7d:27:5b:30:14:28: c6:9c:dd:21:64:ac:23:f9:1c:30:82:2b:8f:26:ee: 32:e3:ae:01:9e:86:68:f1:26:e5:64:68:d1:51:28: 30:52:cd:bb:65:1a:9c:85:c1:41:f4:9e:cc:b6:9f: b8:3b:60:24:9d:36:a4:ea:0c:dc:a2:2b:92:e2:39: 10:0a:4a:7d:b2:e1:35:c5:ce:37:d8:c1:55:5a:25: 67:cd:6c:2b:c5:57:0d:81:0a:4a:16:b6:bb:bc:5f: 77:df:f3:8f:d6:de:c3:12:3e:5d:e1:32:b7:9e:2a: 0b:6b:6c:9e:77:c0:c4:a0:42:82:cc:09:44:24:6d: 82:a5:82:40:ab:14:f0:76:b6:f8:00:87:7e:b1:3b: a1:15:c5:9d:89:ab:0b:19:05:24:25:10:90:93:4b: 89:60:34:2a:d3:92:0f:81:dc:70:01:06:ce:dc:42: ef:5d:5d:c1:7b:c6:50:ec:d1:96:a4:54:b6:9f:7b: f3:e7:69:7b:dd:b6:fc:1d:05:ce:f1:71:28:20:46: 70:5a:9b:66:45:54:7b:73:29:61:08:9f:3c:29:57: c1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:86:AC:A8:04:4C:2C:BA:3B:7A:94:B3:7D:38:D3:DC:59:03:AC:D6 X509v3 Authority Key Identifier: keyid:2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:90:c1:f6:cc:fa:56:07:63:21:78:9f:8f:52:6d:36:89:7d: b4:2a:f5:ae:79:b2:4f:c7:86:d1:b4:ad:87:27:5e:15:e4:d5: 2f:d7:0f:bf:13:a8:16:f3:07:73:2a:aa:36:fb:0d:f6:8f:ff: 3d:87:e1:e7:21:46:88:7e:9f:56:e5:4b:3d:37:2f:c4:bf:ac: a3:c2:e6:80:47:39:e8:98:9f:b0:78:61:e4:c8:e2:80:41:fe: 75:f8:eb:91:fc:a7:92:7e:c6:5e:bf:41:5d:0c:de:cc:c9:99: 93:54:b8:e9:29:41:12:18:66:62:c8:b7:84:c8:af:81:ff:04: 76:9c:70:0e:e9:f8:31:54:3e:a9:c9:32:50:9a:35:45:73:e8: db:d9:f8:dc:29:bb:d8:c4:db:6a:fb:0f:07:36:d6:93:44:33: 0e:30:40:91:b0:28:b4:d2:75:30:f6:27:3e:fa:63:f7:7a:0a: 4d:0e:68:ae:b4:43:7e:23:d4:f8:ae:2e:9a:ee:e9:62:8e:bd: a1:07:27:4b:94:d5:80:6d:9b:93:62:d4:e9:a0:9e:7c:72:58: 49:5d:68:fb:6c:8c:26:b1:b0:7a:23:0a:9f:a5:47:e9:5a:1f: de:76:e0:63:3e:dd:f3:90:c1:4c:9a:5c:fd:d9:73:49:01:d7: d3:be:62:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPKU/usQj/4hmJ6VOfnv99MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYTYxMzc3NDk1OTljMDNjN2I0NzJmMTQyYzcxOTY4MDAw NmI2ZTYwHhcNMjUxMjI0MDcwMTA2WhcNMjUxMjI1MDcwMTA2WjAzMTEwLwYDVQQD EyhkZDg2YWNhODA0NGMyY2JhM2I3YTk0YjM3ZDM4ZDNkYzU5MDNhY2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAeFAjC7kdAiyi4/ajbGuPW8+Esk V1pMyMPZGAHa9Fnn95/wk6J9J1swFCjGnN0hZKwj+RwwgiuPJu4y464BnoZo8Sbl ZGjRUSgwUs27ZRqchcFB9J7Mtp+4O2AknTak6gzcoiuS4jkQCkp9suE1xc432MFV WiVnzWwrxVcNgQpKFra7vF933/OP1t7DEj5d4TK3nioLa2yed8DEoEKCzAlEJG2C pYJAqxTwdrb4AId+sTuhFcWdiasLGQUkJRCQk0uJYDQq05IPgdxwAQbO3ELvXV3B e8ZQ7NGWpFS2n3vz52l73bb8HQXO8XEoIEZwWptmRVR7cylhCJ88KVfBwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2GrKgETCy6O3qUs30409xZA6zWMB8GA1UdIwQY MBaAFCymE3dJWZwDx7Ry8ULHGWgABrbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAt NTAxOWQyYzM4OGRiLzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAtNTAxOWQyYzM4OGRi LzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5DB9sz6 VgdjIXifj1JtNol9tCr1rnmyT8eG0bSthydeFeTVL9cPvxOoFvMHcyqqNvsN9o// PYfh5yFGiH6fVuVLPTcvxL+so8LmgEc56JifsHhh5MjigEH+dfjrkfynkn7GXr9B XQzezMmZk1S46SlBEhhmYsi3hMivgf8EdpxwDun4MVQ+qckyUJo1RXPo29n43Cm7 2MTbavsPBzbWk0QzDjBAkbAotNJ1MPYnPvpj93oKTQ5orrRDfiPU+K4umu7pYo69 oQcnS5TVgG2bk2LU6aCefHJYSV1o+2yMJrGweiMKn6VH6Vof3nbgYz7d85DBTJpc /dlzSQHX075iCg== -----END CERTIFICATE-----Generated at Wed Dec 24 13:08:34 2025 by rpki-client