This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft File: LKw-jWOxw6_HxsC_2p1ayBe27m0.mft (raw, json) Hash identifier: sxy0dEdgBdTY8ihMeOM4ZTd5hQS678LkXsKYY9b0KB8= Subject key identifier: 3B:42:22:62:5D:FE:6F:CC:71:E5:CC:17:86:2D:1C:ED:9C:FC:01:FC Authority key identifier: 2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D Certificate issuer: /CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d Certificate serial: 019B4581F1271A54D4A4D43581BAE974464A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft Manifest number: 1169 Signing time: Mon 22 Dec 2025 10:01:42 +0000 Manifest this update: Mon 22 Dec 2025 10:01:42 +0000 Manifest next update: Tue 23 Dec 2025 10:01:42 +0000 Files and hashes: 1: LKw-jWOxw6_HxsC_2p1ayBe27m0.crl (hash: Lb+NaQoSX+zyTDe7tL5Tc1ixKl45fZoSPHKaNnUCIuM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:81:f1:27:1a:54:d4:a4:d4:35:81:ba:e9:74:46:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d Validity Not Before: Dec 22 10:01:42 2025 GMT Not After : Dec 23 10:01:42 2025 GMT Subject: CN=3b4222625dfe6fcc71e5cc17862d1ced9cfc01fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ca:74:71:fa:07:fb:fc:49:5d:d0:29:18:e4: f1:4c:d4:39:60:38:62:f5:f1:99:f3:50:0b:4b:d9: e7:ba:68:8c:d0:0a:be:2d:b8:06:b7:01:ba:4d:21: 77:05:99:10:9c:65:10:2d:95:ad:36:bb:a7:e1:f3: 6d:c6:bd:c6:fd:e1:da:17:c8:5f:84:d1:58:84:9a: ec:a1:15:fb:f7:3f:86:9a:9a:2f:95:50:91:6b:dc: 90:70:9a:f2:c1:ed:ed:1f:40:f1:4f:55:09:a0:ba: 46:b7:fc:8f:4e:32:0c:b3:f9:2c:a9:3b:a3:60:b8: 6b:8b:64:af:12:20:d1:5e:07:cf:ca:49:18:0b:c5: d5:20:24:24:2a:b9:d1:a2:12:54:f4:9d:5b:21:c3: bd:40:c9:49:3d:48:08:88:ec:db:94:f5:09:91:e7: 76:84:9f:08:71:62:ae:ff:33:d0:58:45:ca:48:52: 4a:f3:79:29:b1:60:47:b4:83:fd:81:b0:df:d7:e4: 7a:ff:b5:0f:96:30:19:5f:9e:73:46:55:b6:b2:a2: 5f:a1:e1:70:ea:a7:e7:0a:d0:73:65:49:fd:aa:7b: 6b:29:a3:8a:c5:cb:ab:bd:0e:03:1d:c0:2f:91:29: e7:5c:8c:d1:cb:9a:86:90:36:e3:79:cc:b3:db:a3: d9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:42:22:62:5D:FE:6F:CC:71:E5:CC:17:86:2D:1C:ED:9C:FC:01:FC X509v3 Authority Key Identifier: keyid:2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:50:b0:d5:d7:71:d5:89:98:02:3b:83:6e:26:1c:2d:bb:77: c3:06:ba:c9:a7:77:43:28:45:07:8f:61:49:b4:d1:4f:53:6a: 93:2b:0c:cc:12:61:c6:35:61:7f:cb:76:df:0e:80:02:4c:5e: 0d:37:24:ea:c5:6a:88:e5:ca:08:f1:de:d3:98:68:87:24:19: d1:f0:b7:fb:05:96:3d:46:67:a7:53:44:a2:6b:31:6b:a6:b2: 12:79:3e:94:60:bd:3d:1b:eb:74:62:f4:03:37:d1:f6:a0:aa: e0:3d:ff:39:39:27:00:07:e3:46:08:2d:7b:ac:b7:93:34:8d: d6:7b:92:6d:5d:47:80:9e:29:b6:8d:ef:c6:c2:4d:9f:92:97: 09:2b:fb:50:b0:ae:7f:c0:68:66:11:d0:42:a0:e4:71:54:46: 0f:26:c6:90:a9:f5:1c:4f:43:99:7b:a9:5f:9e:68:7d:1e:69: bb:5b:fa:14:cd:89:9f:69:75:26:15:95:c3:69:73:23:e0:b7: 39:fc:7f:4c:bc:1d:97:7e:23:96:59:7e:58:72:f3:7c:56:d0: c6:d3:a2:d2:42:c7:64:ef:e9:bd:73:e9:6a:a9:8f:00:cf:b5: b2:cc:f0:18:7a:56:62:73:ad:74:55:17:50:3a:ae:82:cc:8a: 27:90:34:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFgfEnGlTUpNQ1gbrpdEZKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYWMzZThkNjNiMWMzYWZjN2M2YzBiZmRhOWQ1YWM4MTdi NmVlNmQwHhcNMjUxMjIyMTAwMTQyWhcNMjUxMjIzMTAwMTQyWjAzMTEwLwYDVQQD EygzYjQyMjI2MjVkZmU2ZmNjNzFlNWNjMTc4NjJkMWNlZDljZmMwMWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycp0cfoH+/xJXdApGOTxTNQ5YDhi 9fGZ81ALS9nnumiM0Aq+LbgGtwG6TSF3BZkQnGUQLZWtNrun4fNtxr3G/eHaF8hf hNFYhJrsoRX79z+GmpovlVCRa9yQcJrywe3tH0DxT1UJoLpGt/yPTjIMs/ksqTuj YLhri2SvEiDRXgfPykkYC8XVICQkKrnRohJU9J1bIcO9QMlJPUgIiOzblPUJked2 hJ8IcWKu/zPQWEXKSFJK83kpsWBHtIP9gbDf1+R6/7UPljAZX55zRlW2sqJfoeFw 6qfnCtBzZUn9qntrKaOKxcurvQ4DHcAvkSnnXIzRy5qGkDbjecyz26PZkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtCImJd/m/MceXMF4YtHO2c/AH8MB8GA1UdIwQY MBaAFCysPo1jscOvx8bAv9qdWsgXtu5tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEt OTVhZTY0YmQ1NmVjLzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEtOTVhZTY0YmQ1NmVj LzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEVCw1ddx 1YmYAjuDbiYcLbt3wwa6yad3QyhFB49hSbTRT1NqkysMzBJhxjVhf8t23w6AAkxe DTck6sVqiOXKCPHe05hohyQZ0fC3+wWWPUZnp1NEomsxa6ayEnk+lGC9PRvrdGL0 AzfR9qCq4D3/OTknAAfjRggte6y3kzSN1nuSbV1HgJ4pto3vxsJNn5KXCSv7ULCu f8BoZhHQQqDkcVRGDybGkKn1HE9DmXupX55ofR5pu1v6FM2Jn2l1JhWVw2lzI+C3 Ofx/TLwdl34jlll+WHLzfFbQxtOi0kLHZO/pvXPpaqmPAM+1sszwGHpWYnOtdFUX UDqugsyKJ5A0pQ== -----END CERTIFICATE-----Generated at Mon Dec 22 15:46:11 2025 by rpki-client