This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json) Hash identifier: 0hfm7bY58+sEjAObW9c2MurlpTs2ZzN5KFMwW1P9QB0= Subject key identifier: A4:2D:18:6C:DE:E1:8E:9A:C7:B3:99:1B:AE:0B:B9:D3:7F:01:AC:FF Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Certificate serial: 019B53E14C3EEA10858770F18FFB340291DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft Manifest number: 0ECB Signing time: Thu 25 Dec 2025 05:00:32 +0000 Manifest this update: Thu 25 Dec 2025 05:00:32 +0000 Manifest next update: Fri 26 Dec 2025 05:00:32 +0000 Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=) 2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: EJGdWaRcXObmmLnQlJedsuWe8ov/4oEtdfadnUMuxi4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:e1:4c:3e:ea:10:85:87:70:f1:8f:fb:34:02:91:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67 Validity Not Before: Dec 25 05:00:32 2025 GMT Not After : Dec 26 05:00:32 2025 GMT Subject: CN=a42d186cdee18e9ac7b3991bae0bb9d37f01acff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1e:4a:bd:36:eb:a3:5c:cc:e5:a4:10:2e:d2: 11:e5:04:fa:56:26:ac:aa:70:11:6f:82:65:db:c8: 2b:bf:f8:49:2f:0f:ad:65:4b:9b:bf:26:61:3e:53: 40:c0:ea:27:4e:55:e8:60:26:49:e6:34:bf:75:48: a9:bc:89:aa:58:02:56:2b:03:86:18:96:fa:81:72: eb:24:47:40:da:d2:ac:2b:16:e9:8b:e2:1c:55:9b: d8:f9:a1:91:dc:bc:ac:c0:3d:09:62:11:02:5e:e2: 8e:0c:a2:33:59:ed:ac:61:cc:ae:16:01:1c:41:7e: d2:da:94:cc:8a:54:2b:d8:22:1f:04:58:28:cd:89: 04:b5:e0:1a:7f:d1:fe:f4:3d:b8:0d:a4:00:d6:70: 78:4b:38:8c:1d:b0:e5:2a:3f:a1:f7:2a:ba:c4:7d: de:b5:cf:e5:b4:27:69:39:f4:4c:97:4b:59:84:48: 67:bc:09:d1:c8:52:06:66:d9:df:0b:d3:f5:4e:c6: 6b:a4:83:13:ae:43:30:24:de:bf:63:98:2a:c9:69: c8:e6:4f:35:c1:b6:92:fc:29:b7:14:5e:55:e8:0f: ee:66:bf:ff:0c:cf:70:44:bc:b7:c6:97:bb:f0:a0: 67:f7:01:0f:c6:d7:76:ae:d4:6e:36:d3:8c:0a:d6: 5f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:2D:18:6C:DE:E1:8E:9A:C7:B3:99:1B:AE:0B:B9:D3:7F:01:AC:FF X509v3 Authority Key Identifier: keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:d0:d1:45:dd:12:c1:93:3f:cc:83:08:26:d1:78:95:32:dd: 7e:bb:df:62:96:cd:79:41:6d:04:0e:da:d4:59:09:e6:11:8c: e8:9d:c0:dd:85:87:8b:1d:df:30:c2:e0:87:c4:8c:1c:79:f7: 0f:fa:05:0e:11:9b:04:20:3b:d5:4a:a0:13:60:2f:b0:bf:03: 9b:b9:78:5b:88:ef:59:d0:02:8a:8e:ec:78:e4:d0:12:55:c9: 60:2d:1d:0c:01:2e:6a:28:6c:f2:df:a6:0c:20:a0:9e:21:2d: 16:6b:fd:4d:4b:75:d7:33:bb:08:09:b3:2f:0f:9e:f3:f4:55: b8:53:c1:31:21:fd:ba:a1:de:c6:d1:67:6d:f4:ce:00:13:31: 44:5e:b1:26:ff:dd:74:e1:ab:9a:7c:11:be:57:a2:0e:cf:a6: d7:45:69:50:40:63:25:36:5e:51:ee:03:62:be:6d:b8:8f:5e: 22:5e:a1:60:8b:74:97:62:fd:6c:47:8c:39:d1:93:42:aa:6e: ce:47:1e:b5:78:45:67:bd:2e:3c:82:0b:c7:e4:f5:cb:da:4d: c5:81:17:8b:63:52:65:fd:93:b8:c5:f4:fe:5f:c3:ff:a4:21: bd:2c:7b:53:28:94:74:44:70:7f:fa:e5:bb:52:60:c5:c2:0d: b9:9a:1d:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtT4Uw+6hCFh3Dxj/s0ApHeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj NWNkNjcwHhcNMjUxMjI1MDUwMDMyWhcNMjUxMjI2MDUwMDMyWjAzMTEwLwYDVQQD EyhhNDJkMTg2Y2RlZTE4ZTlhYzdiMzk5MWJhZTBiYjlkMzdmMDFhY2ZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux5KvTbro1zM5aQQLtIR5QT6Vias qnARb4Jl28grv/hJLw+tZUubvyZhPlNAwOonTlXoYCZJ5jS/dUipvImqWAJWKwOG GJb6gXLrJEdA2tKsKxbpi+IcVZvY+aGR3LyswD0JYhECXuKODKIzWe2sYcyuFgEc QX7S2pTMilQr2CIfBFgozYkEteAaf9H+9D24DaQA1nB4SziMHbDlKj+h9yq6xH3e tc/ltCdpOfRMl0tZhEhnvAnRyFIGZtnfC9P1TsZrpIMTrkMwJN6/Y5gqyWnI5k81 wbaS/Cm3FF5V6A/uZr//DM9wRLy3xpe78KBn9wEPxtd2rtRuNtOMCtZfrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKQtGGze4Y6ax7OZG64LudN/Aaz/MB8GA1UdIwQY MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNDRRd0S wZM/zIMIJtF4lTLdfrvfYpbNeUFtBA7a1FkJ5hGM6J3A3YWHix3fMMLgh8SMHHn3 D/oFDhGbBCA71UqgE2AvsL8Dm7l4W4jvWdACio7seOTQElXJYC0dDAEuaihs8t+m DCCgniEtFmv9TUt11zO7CAmzLw+e8/RVuFPBMSH9uqHextFnbfTOABMxRF6xJv/d dOGrmnwRvleiDs+m10VpUEBjJTZeUe4DYr5tuI9eIl6hYIt0l2L9bEeMOdGTQqpu zkcetXhFZ70uPIILx+T1y9pNxYEXi2NSZf2TuMX0/l/D/6QhvSx7UyiUdERwf/rl u1JgxcINuZodmw== -----END CERTIFICATE-----Generated at Thu Dec 25 11:00:31 2025 by rpki-client