This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json) Hash identifier: PU8vb8wfayba/NQ8+/9f2sssQNixMw1zEsknPiXMkUk= Subject key identifier: EE:86:C4:E6:0C:D0:5C:B4:4F:4A:70:73:9E:8E:84:5D:47:E0:7A:8F Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac Certificate serial: 019B5486D13BA82F0E7DF5FF945226FE67DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft Manifest number: 14FD Signing time: Thu 25 Dec 2025 08:01:20 +0000 Manifest this update: Thu 25 Dec 2025 08:01:20 +0000 Manifest next update: Fri 26 Dec 2025 08:01:20 +0000 Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=) 2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: Y4GuXqOOaeK/O5rEbcSvvK0iQ0zuOMnE4WTlpxvhavA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 08:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:86:d1:3b:a8:2f:0e:7d:f5:ff:94:52:26:fe:67:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac Validity Not Before: Dec 25 08:01:20 2025 GMT Not After : Dec 26 08:01:20 2025 GMT Subject: CN=ee86c4e60cd05cb44f4a70739e8e845d47e07a8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:db:6f:d3:43:3e:8e:58:37:af:f1:2e:ed:a0: b3:e2:88:a9:2b:cb:85:e2:79:fc:1c:d4:a6:84:ce: 4d:96:a5:c4:aa:36:fc:36:50:5e:3b:f4:f8:73:11: 09:06:ba:66:65:62:8a:d2:f5:d7:da:97:21:94:60: eb:2e:9a:b9:15:6f:6b:4c:d7:18:19:db:99:64:dc: 37:04:56:e8:d1:b6:f9:0d:6c:a4:1c:62:de:5c:e8: fd:05:7e:76:09:aa:51:4d:f4:57:d5:aa:14:8f:7f: 00:06:90:8a:40:9c:b3:d9:6c:94:6a:28:48:d1:a6: 92:e4:3d:92:f7:e3:de:b9:f9:33:2b:9f:95:df:a1: 15:3f:91:3e:98:8d:05:0b:8a:9a:55:0c:e9:a8:6a: 06:17:d0:12:42:8c:3a:c5:b4:76:b6:20:5b:b5:af: 9b:d8:0b:8c:91:fb:ca:6e:c8:82:fc:cd:b3:ed:51: f8:82:4a:3f:6a:c0:c7:f6:bf:80:b8:f9:6d:e1:6e: 4a:48:b4:b5:96:e2:98:ad:cb:85:bc:39:6c:79:5f: 16:8f:d6:52:1c:cf:c5:5e:f0:55:8b:9d:05:72:59: e3:01:ae:7b:4d:b9:a4:aa:87:16:03:ff:88:9d:42: 58:69:73:a7:73:89:b5:f9:b8:8c:39:50:7a:48:d6: 38:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:86:C4:E6:0C:D0:5C:B4:4F:4A:70:73:9E:8E:84:5D:47:E0:7A:8F X509v3 Authority Key Identifier: keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:7a:29:8a:2c:4a:aa:b9:08:31:83:51:c5:ae:97:18:4f:0d: 94:33:25:88:6a:2a:0b:3e:09:7b:b5:bd:a2:5c:4f:4e:1f:a2: d2:28:4c:64:a2:b3:05:8b:b3:2e:5c:77:a5:25:ec:8d:f2:d4: 7e:93:ab:09:67:04:86:f3:7e:4f:5c:e4:31:f6:27:e7:df:b3: 7a:49:a3:df:ff:a2:17:25:f4:07:bb:cb:aa:a9:4e:13:fa:79: 11:1c:d4:d8:ed:41:dc:91:e4:f8:92:5b:08:94:a0:e2:22:cf: 55:e8:9f:9c:58:67:44:38:35:7e:31:3f:4c:29:14:93:ee:ff: 6b:aa:39:81:45:1b:76:b1:93:c6:c9:82:81:ad:e1:d6:89:95: 9c:18:98:4e:e5:5e:90:83:b3:0e:06:6e:ca:6b:5d:15:38:30: 0c:87:d5:44:51:b6:e2:d1:41:38:c0:8d:46:40:03:d3:11:e2: d1:26:9f:87:d6:df:9d:ed:fa:7e:70:61:df:8d:aa:79:e2:6e: 1a:e9:39:c4:31:6b:6d:ba:12:8d:79:2b:76:84:a9:4f:42:43: 9f:3d:cd:29:ef:b2:f7:53:af:2f:3c:ad:24:8e:ef:fb:0c:1f: 07:cf:79:44:09:d5:a6:2d:38:fa:61:43:ed:4e:f3:ad:87:ae: d7:8c:ba:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUhtE7qC8OffX/lFIm/mfcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4 MzQxYWMwHhcNMjUxMjI1MDgwMTIwWhcNMjUxMjI2MDgwMTIwWjAzMTEwLwYDVQQD EyhlZTg2YzRlNjBjZDA1Y2I0NGY0YTcwNzM5ZThlODQ1ZDQ3ZTA3YThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtttv00M+jlg3r/Eu7aCz4oipK8uF 4nn8HNSmhM5NlqXEqjb8NlBeO/T4cxEJBrpmZWKK0vXX2pchlGDrLpq5FW9rTNcY GduZZNw3BFbo0bb5DWykHGLeXOj9BX52CapRTfRX1aoUj38ABpCKQJyz2WyUaihI 0aaS5D2S9+PeufkzK5+V36EVP5E+mI0FC4qaVQzpqGoGF9ASQow6xbR2tiBbta+b 2AuMkfvKbsiC/M2z7VH4gko/asDH9r+AuPlt4W5KSLS1luKYrcuFvDlseV8Wj9ZS HM/FXvBVi50FclnjAa57TbmkqocWA/+InUJYaXOnc4m1+biMOVB6SNY4nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6GxOYM0Fy0T0pwc56OhF1H4HqPMB8GA1UdIwQY MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3opiixK qrkIMYNRxa6XGE8NlDMliGoqCz4Je7W9olxPTh+i0ihMZKKzBYuzLlx3pSXsjfLU fpOrCWcEhvN+T1zkMfYn59+zekmj3/+iFyX0B7vLqqlOE/p5ERzU2O1B3JHk+JJb CJSg4iLPVeifnFhnRDg1fjE/TCkUk+7/a6o5gUUbdrGTxsmCga3h1omVnBiYTuVe kIOzDgZuymtdFTgwDIfVRFG24tFBOMCNRkAD0xHi0Safh9bfne36fnBh342qeeJu Guk5xDFrbboSjXkrdoSpT0JDnz3NKe+y91OvLzytJI7v+wwfB895RAnVpi04+mFD 7U7zrYeu14y6BQ== -----END CERTIFICATE-----Generated at Thu Dec 25 15:42:39 2025 by rpki-client