This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json) Hash identifier: cFIvo+jwdxM0t7P7phQg5eIujX9JXnfFq9mxnvw6H1k= Subject key identifier: 88:37:D8:B5:47:7C:E1:EE:C8:52:D2:E5:FD:99:78:84:45:89:67:7F Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13 Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713 Certificate serial: 019B4EBB615CA964802D31B4794725A5441E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft Manifest number: 1792 Signing time: Wed 24 Dec 2025 05:01:01 +0000 Manifest this update: Wed 24 Dec 2025 05:01:01 +0000 Manifest next update: Thu 25 Dec 2025 05:01:01 +0000 Files and hashes: 1: bdAF9viIHB5V5FhTALS-owQhcks.roa (hash: lPv9YsuyVHwxqfP/RRJpZeMDZjwRG/d34AhteS5V7Ew=) 2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: 8iBlftboivP8FXSZC+eW9EsGUIy2pT5dpe+cBys9cuk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:bb:61:5c:a9:64:80:2d:31:b4:79:47:25:a5:44:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94d161593da815cac58d3479652d048480d26713 Validity Not Before: Dec 24 05:01:01 2025 GMT Not After : Dec 25 05:01:01 2025 GMT Subject: CN=8837d8b5477ce1eec852d2e5fd9978844589677f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:ac:4f:e8:a1:41:ff:57:8c:f9:43:8c:de:54: 06:41:48:8f:64:1a:92:4e:43:42:a7:77:e4:54:a0: ea:e3:72:10:01:4a:6e:43:0a:c4:b0:4c:5e:76:e5: 6e:dc:5b:8e:c0:89:0b:6f:f5:b3:a9:ce:49:fd:f7: e6:7f:dc:4c:7f:57:af:ee:dc:e9:99:37:3a:66:f9: c4:1a:91:ac:f7:e2:9b:79:53:3a:1a:df:55:3a:4c: 3a:f8:71:1b:24:04:f0:8e:b6:74:eb:13:9a:44:c3: de:2f:c4:4b:fc:51:3e:6e:1b:17:07:95:61:c8:16: 36:13:01:0e:25:e3:06:80:d6:d1:e2:72:fc:23:59: 26:5c:13:ce:a1:93:4c:77:76:fa:82:d9:c5:d5:0b: 52:41:07:b3:0a:94:fb:af:75:de:a3:db:37:f3:51: 12:bd:ae:87:a5:e3:db:af:13:07:95:5d:42:49:ce: c5:2e:3d:5e:0e:5e:38:1a:61:06:fa:9c:fb:a8:ab: e6:5f:b7:a3:10:56:84:25:ac:d5:d3:b2:32:e6:1e: 9f:23:17:6d:44:f4:b8:a9:02:f1:44:43:4f:8c:1f: 96:b4:f1:ff:79:2e:be:02:27:0b:d0:a8:36:df:e8: a5:04:24:f9:2a:52:6d:52:ed:2b:f9:8a:45:0c:7e: 4d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:37:D8:B5:47:7C:E1:EE:C8:52:D2:E5:FD:99:78:84:45:89:67:7F X509v3 Authority Key Identifier: keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:3e:d8:bb:61:36:fa:b5:50:c8:13:8d:c3:5e:55:12:95:89: a6:c5:82:76:de:1d:3e:48:90:e7:1e:a7:4d:94:b5:4c:97:a9: 79:8f:3d:b4:42:32:7d:f8:7f:a8:f0:79:49:ce:3b:7d:d6:54: bc:db:90:49:a7:ee:57:51:30:e3:47:24:ce:fe:82:8a:e2:53: dc:e0:cd:09:de:8d:b6:52:a2:8d:22:df:18:4e:74:5a:5f:c9: db:a9:e3:e8:3f:a7:da:ea:51:05:79:41:f9:93:63:f2:c6:33: 35:88:0d:54:d5:5a:7e:01:a6:30:ea:8b:a7:dd:2a:a5:e0:d4: d3:91:88:96:eb:00:dc:1f:ba:db:29:e5:5a:4b:1a:ac:95:50: 8e:d8:4c:e3:8b:05:7f:2a:17:20:15:3f:d1:69:a9:1a:24:87: ee:22:64:89:42:05:91:9f:98:77:00:b1:2a:4b:8c:b0:d7:7b: c9:37:81:0b:28:6b:e7:fb:39:b2:84:59:d6:a9:ec:9d:55:8b: 0e:c6:f6:fe:1b:89:45:4a:0b:85:b8:c2:f6:6a:eb:5b:e9:77: 75:d4:64:0a:fd:44:33:c3:d0:c3:ef:13:a6:19:86:67:f8:d8: 6b:fb:73:7f:a1:2c:4a:19:57:c4:72:9b:39:51:05:3a:d6:92: 69:a2:90:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOu2FcqWSALTG0eUclpUQeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk MjY3MTMwHhcNMjUxMjI0MDUwMTAxWhcNMjUxMjI1MDUwMTAxWjAzMTEwLwYDVQQD Eyg4ODM3ZDhiNTQ3N2NlMWVlYzg1MmQyZTVmZDk5Nzg4NDQ1ODk2NzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5axP6KFB/1eM+UOM3lQGQUiPZBqS TkNCp3fkVKDq43IQAUpuQwrEsExeduVu3FuOwIkLb/Wzqc5J/ffmf9xMf1ev7tzp mTc6ZvnEGpGs9+KbeVM6Gt9VOkw6+HEbJATwjrZ06xOaRMPeL8RL/FE+bhsXB5Vh yBY2EwEOJeMGgNbR4nL8I1kmXBPOoZNMd3b6gtnF1QtSQQezCpT7r3Xeo9s381ES va6HpePbrxMHlV1CSc7FLj1eDl44GmEG+pz7qKvmX7ejEFaEJazV07Iy5h6fIxdt RPS4qQLxRENPjB+WtPH/eS6+AicL0Kg23+ilBCT5KlJtUu0r+YpFDH5N6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIg32LVHfOHuyFLS5f2ZeIRFiWd/MB8GA1UdIwQY MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0 LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiD7Yu2E2 +rVQyBONw15VEpWJpsWCdt4dPkiQ5x6nTZS1TJepeY89tEIyffh/qPB5Sc47fdZU vNuQSafuV1Ew40ckzv6CiuJT3ODNCd6NtlKijSLfGE50Wl/J26nj6D+n2upRBXlB +ZNj8sYzNYgNVNVafgGmMOqLp90qpeDU05GIlusA3B+62ynlWksarJVQjthM44sF fyoXIBU/0WmpGiSH7iJkiUIFkZ+YdwCxKkuMsNd7yTeBCyhr5/s5soRZ1qnsnVWL Dsb2/huJRUoLhbjC9mrrW+l3ddRkCv1EM8PQw+8TphmGZ/jYa/tzf6EsShlXxHKb OVEFOtaSaaKQsQ== -----END CERTIFICATE-----Generated at Wed Dec 24 08:45:28 2025 by rpki-client