This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft File: lefcaIWMBglOD0Moi0hlibSD4_M.mft (raw, json) Hash identifier: QlLqegQEMA0mEK8GTg5RPG98tDFnhlfq9QLSY548Lsk= Subject key identifier: EE:4C:22:AB:86:3F:62:24:0C:C5:84:87:C6:2D:2A:27:91:FE:56:42 Authority key identifier: 95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3 Certificate issuer: /CN=95e7dc68858c06094e0f43288b486589b483e3f3 Certificate serial: 019B5787790DAC9B01F429A6BA2184E7D64D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft Manifest number: 0EB1 Signing time: Thu 25 Dec 2025 22:00:54 +0000 Manifest this update: Thu 25 Dec 2025 22:00:54 +0000 Manifest next update: Fri 26 Dec 2025 22:00:54 +0000 Files and hashes: 1: lefcaIWMBglOD0Moi0hlibSD4_M.crl (hash: pX/fEFWE9jzPjBQ1epSZaoPqFiQITlylOsxD7fJFGsQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:57:87:79:0d:ac:9b:01:f4:29:a6:ba:21:84:e7:d6:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95e7dc68858c06094e0f43288b486589b483e3f3 Validity Not Before: Dec 25 22:00:54 2025 GMT Not After : Dec 26 22:00:54 2025 GMT Subject: CN=ee4c22ab863f62240cc58487c62d2a2791fe5642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:21:88:d5:33:a3:31:58:76:21:9a:cf:60:ca: 2b:f6:e5:4c:65:e7:19:f6:58:55:8b:03:cb:5e:8f: a5:d9:8a:0c:77:a3:99:5e:70:01:61:a3:98:e2:7d: f0:ce:fd:82:5f:79:1a:34:1f:4f:99:9d:7f:a7:25: 08:62:4d:b4:3a:7b:ac:00:a6:66:60:d5:3b:64:b2: 6a:80:67:47:6b:e6:92:9c:18:d0:da:8e:aa:ce:a8: fc:f3:df:4a:49:8f:1a:05:34:84:02:26:e4:cd:46: 3f:b8:ac:1f:6b:49:31:ee:84:c8:e8:66:a6:d0:2b: 5d:f9:91:0b:d2:d9:08:98:6e:4b:1b:56:15:2e:ab: 48:17:ce:89:07:57:5e:44:94:83:09:ab:1c:1b:14: 9f:c5:ab:82:92:34:6b:5d:44:cf:32:77:64:21:f3: e0:ff:d6:12:01:a7:72:f1:79:3e:11:c7:0d:4c:47: 1a:4f:68:87:34:48:5a:1b:73:70:99:3f:9f:aa:9e: 25:fb:4a:30:1d:1d:f2:b5:3d:df:4c:6e:a6:52:ea: 42:cf:dd:b6:bf:7a:ce:b6:ef:b5:78:da:a5:e2:a0: 21:49:44:cc:e3:59:65:1f:44:13:ea:69:a9:83:6a: 74:49:e0:da:48:b0:10:6a:dd:b3:c1:b6:0a:9b:65: 45:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:4C:22:AB:86:3F:62:24:0C:C5:84:87:C6:2D:2A:27:91:FE:56:42 X509v3 Authority Key Identifier: keyid:95:E7:DC:68:85:8C:06:09:4E:0F:43:28:8B:48:65:89:B4:83:E3:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lefcaIWMBglOD0Moi0hlibSD4_M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ee00f0-4584-44a0-bf5a-03c56b60fc28/1/lefcaIWMBglOD0Moi0hlibSD4_M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:29:c5:1b:b4:a4:9c:35:27:21:68:97:11:f3:08:9a:2d:14: e5:88:5c:56:d4:6a:5b:f7:64:a9:42:ca:35:4e:74:8f:e9:b0: 8c:0e:96:6b:87:5e:8e:17:c5:54:b0:29:83:c4:dc:d7:8d:82: fa:ca:1c:39:46:95:4c:8a:c4:68:dd:85:93:73:aa:86:67:ff: 18:ad:9c:49:c9:f8:c6:e0:c4:2a:c2:80:cd:02:65:b2:77:2f: af:e5:43:2d:d3:f8:4b:01:2f:0d:15:5e:10:bb:81:9f:18:66: 45:a4:84:e9:b9:1d:d2:46:3c:0d:62:a4:e2:13:f6:ad:cd:3b: 56:21:47:ab:37:c7:43:9b:74:38:2f:68:1c:a3:03:1a:80:32: 25:83:68:32:35:2c:b2:b7:82:4c:7d:ba:8f:be:4f:58:cf:1b: b3:1e:ec:8c:1f:7a:2a:ff:02:d8:18:9d:8b:64:24:9b:91:b1: 36:39:16:c1:b0:de:60:c5:9f:a2:17:b2:f0:56:11:a9:f0:5e: a3:b0:a2:f9:7f:55:f0:10:c3:82:b1:7d:84:58:43:65:b8:8c: 65:ad:b9:03:3e:f4:e5:f5:38:01:11:03:e7:cd:1c:75:4c:92: 85:6f:21:4f:bb:51:4f:b8:a5:2a:ff:e3:4e:85:cb:e3:c5:58: 9c:e7:99:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtXh3kNrJsB9CmmuiGE59ZNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ZTdkYzY4ODU4YzA2MDk0ZTBmNDMyODhiNDg2NTg5YjQ4 M2UzZjMwHhcNMjUxMjI1MjIwMDU0WhcNMjUxMjI2MjIwMDU0WjAzMTEwLwYDVQQD EyhlZTRjMjJhYjg2M2Y2MjI0MGNjNTg0ODdjNjJkMmEyNzkxZmU1NjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyGI1TOjMVh2IZrPYMor9uVMZecZ 9lhViwPLXo+l2YoMd6OZXnABYaOY4n3wzv2CX3kaNB9PmZ1/pyUIYk20OnusAKZm YNU7ZLJqgGdHa+aSnBjQ2o6qzqj8899KSY8aBTSEAibkzUY/uKwfa0kx7oTI6Gam 0Ctd+ZEL0tkImG5LG1YVLqtIF86JB1deRJSDCascGxSfxauCkjRrXUTPMndkIfPg /9YSAady8Xk+EccNTEcaT2iHNEhaG3NwmT+fqp4l+0owHR3ytT3fTG6mUupCz922 v3rOtu+1eNql4qAhSUTM41llH0QT6mmpg2p0SeDaSLAQat2zwbYKm2VF3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO5MIquGP2IkDMWEh8YtKieR/lZCMB8GA1UdIwQY MBaAFJXn3GiFjAYJTg9DKItIZYm0g+PzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEt MDNjNTZiNjBmYzI4LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lZTAwZjAtNDU4NC00NGEwLWJmNWEtMDNjNTZiNjBmYzI4 LzEvbGVmY2FJV01CZ2xPRDBNb2kwaGxpYlNENF9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALynFG7Sk nDUnIWiXEfMImi0U5YhcVtRqW/dkqULKNU50j+mwjA6Wa4dejhfFVLApg8Tc142C +socOUaVTIrEaN2Fk3Oqhmf/GK2cScn4xuDEKsKAzQJlsncvr+VDLdP4SwEvDRVe ELuBnxhmRaSE6bkd0kY8DWKk4hP2rc07ViFHqzfHQ5t0OC9oHKMDGoAyJYNoMjUs sreCTH26j75PWM8bsx7sjB96Kv8C2Bidi2Qkm5GxNjkWwbDeYMWfohey8FYRqfBe o7Ci+X9V8BDDgrF9hFhDZbiMZa25Az705fU4ARED580cdUyShW8hT7tRT7ilKv/j ToXL48VYnOeZQQ== -----END CERTIFICATE-----Generated at Thu Dec 25 23:51:31 2025 by rpki-client