This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.mft File: LofD1fRf7zjBBbk91E3ST1vuYOc.mft (raw, json) Hash identifier: BYvKkKt4AYNDlEI8yEv4KavfMkZfbZigFtM5shAFVW4= Subject key identifier: 91:41:8F:4C:EA:51:E4:5E:75:9E:F2:AE:AF:50:8F:AC:C2:EE:8D:24 Authority key identifier: 2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7 Certificate issuer: /CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7 Certificate serial: 019B53ABB698190C9DEFDF9719FBD345306B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.mft Manifest number: 0FE4 Signing time: Thu 25 Dec 2025 04:02:00 +0000 Manifest this update: Thu 25 Dec 2025 04:02:00 +0000 Manifest next update: Fri 26 Dec 2025 04:02:00 +0000 Files and hashes: 1: LofD1fRf7zjBBbk91E3ST1vuYOc.crl (hash: 6XHyyuyrFFihQqB/eAxFreTbxJCuY+IifBGtmK9kqps=) 2: QDqzI6mtk0OSKHPd6aEPhi6zaB8.roa (hash: EsH+qC6DrpZNrpMwjRlDLqXBAg493TRAVaOfxpJfUMU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.mft rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:b6:98:19:0c:9d:ef:df:97:19:fb:d3:45:30:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7 Validity Not Before: Dec 25 04:02:00 2025 GMT Not After : Dec 26 04:02:00 2025 GMT Subject: CN=91418f4cea51e45e759ef2aeaf508facc2ee8d24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:37:61:ac:f0:52:21:68:a8:26:fa:5b:d8:35: d2:70:18:a5:ff:1c:23:a3:b3:f5:30:02:5a:23:46: d3:c6:12:87:44:d5:5a:c4:18:7b:bb:c9:33:5d:b6: 62:76:8d:48:66:70:49:77:89:e9:ac:8a:c0:3b:35: 3c:42:9c:13:fe:d2:5e:36:7c:ef:7d:88:37:33:09: ed:a7:21:9d:d0:23:c0:37:47:4f:cd:37:c0:1d:02: b2:ba:ba:2e:67:99:4a:06:88:b4:eb:80:ba:26:56: 0e:bd:cb:cf:f2:f8:59:38:a9:35:2b:78:4e:ea:44: f5:fe:b9:34:a7:b0:0d:2e:3c:0e:ba:3b:f7:de:57: 1c:45:e2:70:66:1e:1e:b8:f3:78:b2:09:a4:95:84: e5:28:b4:39:1f:96:64:b5:3e:ec:80:75:eb:3d:89: eb:62:0b:48:a7:b7:a9:a9:22:31:6c:f2:4c:47:94: f5:2b:18:c6:7d:57:b3:ee:d0:3e:21:4f:8e:3e:04: a8:83:94:4e:cc:d1:22:d4:ad:af:da:c2:0d:d2:b4: 31:7b:46:b4:17:e8:3c:93:ba:f6:96:34:6e:b3:81: 26:d0:53:17:5c:d1:a1:4c:6f:54:f5:49:d8:bf:91: c8:dd:9c:62:a3:44:ec:02:39:e4:e3:23:78:13:2a: 6d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:41:8F:4C:EA:51:E4:5E:75:9E:F2:AE:AF:50:8F:AC:C2:EE:8D:24 X509v3 Authority Key Identifier: keyid:2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:38:8e:3b:59:49:a9:20:d6:cd:b3:e7:eb:c5:3a:46:50:c6: 77:5e:0e:f5:0a:0a:c7:48:d1:4b:34:2c:c5:1b:85:7e:31:c2: 88:c2:91:22:02:4a:f6:b2:a6:91:58:d9:07:80:2b:5d:36:4f: ed:b2:b1:15:bf:fc:0c:53:10:52:28:5f:fd:c4:5c:63:a5:13: 39:a5:7c:8e:9a:54:27:08:ae:ac:8c:e8:c0:69:0a:6b:06:9e: b5:cb:d8:24:a6:ea:d7:0b:26:64:f7:32:d5:6e:d7:db:21:ac: 55:af:de:cf:15:9b:8c:57:1f:50:6e:be:d6:5a:f8:31:00:bc: c2:1a:10:00:0e:7a:7a:63:55:d4:4b:5b:45:da:b2:a6:0b:37: 54:8e:ff:ca:ec:33:e7:2d:82:a4:44:4a:f6:58:6e:a2:8c:6c: fe:e4:61:37:d0:de:2f:de:29:7b:39:c3:dc:8e:d4:79:e0:7e: 35:f9:0c:15:e0:60:d6:0c:0b:02:9b:ba:bb:20:0a:c6:b0:f0: 25:cf:88:40:5a:ce:6c:bf:e3:5f:f8:c3:a1:f9:df:97:e9:df: 6f:28:fa:08:72:df:de:29:94:72:2a:81:01:61:21:aa:c8:f8: d5:95:41:b9:50:d8:6d:b6:52:6d:68:2c:22:a1:58:2e:dc:9c: ca:35:55:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq7aYGQyd79+XGfvTRTBrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlODdjM2Q1ZjQ1ZmVmMzhjMTA1YjkzZGQ0NGRkMjRmNWJl ZTYwZTcwHhcNMjUxMjI1MDQwMjAwWhcNMjUxMjI2MDQwMjAwWjAzMTEwLwYDVQQD Eyg5MTQxOGY0Y2VhNTFlNDVlNzU5ZWYyYWVhZjUwOGZhY2MyZWU4ZDI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDdhrPBSIWioJvpb2DXScBil/xwj o7P1MAJaI0bTxhKHRNVaxBh7u8kzXbZido1IZnBJd4nprIrAOzU8QpwT/tJeNnzv fYg3MwntpyGd0CPAN0dPzTfAHQKyurouZ5lKBoi064C6JlYOvcvP8vhZOKk1K3hO 6kT1/rk0p7ANLjwOujv33lccReJwZh4euPN4sgmklYTlKLQ5H5ZktT7sgHXrPYnr YgtIp7epqSIxbPJMR5T1KxjGfVez7tA+IU+OPgSog5ROzNEi1K2v2sIN0rQxe0a0 F+g8k7r2ljRus4Em0FMXXNGhTG9U9UnYv5HI3Zxio0TsAjnk4yN4EyptOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJFBj0zqUeRedZ7yrq9Qj6zC7o0kMB8GA1UdIwQY MBaAFC6Hw9X0X+84wQW5PdRN0k9b7mDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEt N2MyYmQ5ODRkNzM1LzEvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEtN2MyYmQ5ODRkNzM1 LzEvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASziOO1lJ qSDWzbPn68U6RlDGd14O9QoKx0jRSzQsxRuFfjHCiMKRIgJK9rKmkVjZB4ArXTZP 7bKxFb/8DFMQUihf/cRcY6UTOaV8jppUJwiurIzowGkKawaetcvYJKbq1wsmZPcy 1W7X2yGsVa/ezxWbjFcfUG6+1lr4MQC8whoQAA56emNV1EtbRdqypgs3VI7/yuwz 5y2CpERK9lhuooxs/uRhN9DeL94peznD3I7UeeB+NfkMFeBg1gwLApu6uyAKxrDw Jc+IQFrObL/jX/jDofnfl+nfbyj6CHLf3imUciqBAWEhqsj41ZVBuVDYbbZSbWgs IqFYLtycyjVVtw== -----END CERTIFICATE-----Generated at Thu Dec 25 07:11:59 2025 by rpki-client