This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft File: lDyQO00Og7yLLUVDE26c1fOYZPU.mft (raw, json) Hash identifier: yCAhQ6IeAY1xMzVA4Syp3+FB6lrLRIUQaZsPqZ6bwbU= Subject key identifier: 8D:C1:94:B6:C5:76:2C:95:99:5C:68:56:8F:62:8C:23:52:45:B8:67 Authority key identifier: 94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5 Certificate issuer: /CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5 Certificate serial: 019B3C7E166C6F9A35749E0729159775D233 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft Manifest number: 08B7 Signing time: Sat 20 Dec 2025 16:00:54 +0000 Manifest this update: Sat 20 Dec 2025 16:00:54 +0000 Manifest next update: Sun 21 Dec 2025 16:00:54 +0000 Files and hashes: 1: cj4zWw5xq9EoEtqlLeBFl4S5Tw8.roa (hash: juaSzbzMDJ0sK0T5VgO//FmV7+h5xttoXCzQBonEpPE=) 2: lDyQO00Og7yLLUVDE26c1fOYZPU.crl (hash: K+eyTToKUrOgpctZuTNjqSurWvwe1le+mN3mV7QJlkk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:16:6c:6f:9a:35:74:9e:07:29:15:97:75:d2:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5 Validity Not Before: Dec 20 16:00:54 2025 GMT Not After : Dec 21 16:00:54 2025 GMT Subject: CN=8dc194b6c5762c95995c68568f628c235245b867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:16:0b:ef:c2:c5:5c:84:61:8d:e2:b4:65:47: a0:54:44:5f:34:c4:ae:5f:14:5a:57:bd:e4:e6:f6: a1:ad:0d:60:b8:e3:ff:bc:22:be:64:dc:f3:a1:19: 32:f2:b9:be:eb:9c:30:e9:79:90:f8:db:71:21:10: 6a:2e:d3:32:be:e5:ae:c0:4c:fe:88:aa:83:ea:98: fc:a1:40:e3:46:9f:33:8c:c7:d1:e8:2a:f2:a7:ad: 2c:38:81:a6:35:64:e7:ed:aa:0f:9a:5e:e1:e8:17: 75:de:22:4e:93:27:54:98:fe:f3:b9:d8:ef:b0:e1: ec:a8:f1:e6:29:5b:e5:75:38:87:b3:b3:8b:ff:56: 9d:c8:3c:62:e7:d3:7f:80:41:ea:98:4b:c1:ab:54: 8b:d2:7d:35:90:27:7f:f4:e7:73:c4:3e:1d:10:d3: cd:c8:00:7e:ba:71:46:17:9e:d1:d6:3a:ad:c9:72: 2c:68:01:83:ac:82:56:da:be:a6:4e:2d:57:13:30: 3a:f3:46:20:e7:7e:c8:f8:62:4a:8b:c3:4f:07:7e: 43:0f:ea:30:28:55:f0:f7:8c:2c:23:7d:f4:09:9a: c4:65:6d:2b:d6:d1:e8:74:11:6f:34:d8:f5:30:16: ba:6b:98:74:f8:50:eb:14:48:1b:71:2b:32:33:62: 6b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:C1:94:B6:C5:76:2C:95:99:5C:68:56:8F:62:8C:23:52:45:B8:67 X509v3 Authority Key Identifier: keyid:94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:9c:c6:07:e6:dc:8a:64:c9:98:76:50:f9:5d:84:14:2a:e6: 95:f6:89:52:83:a3:55:ca:86:5a:47:4e:14:19:1a:60:4c:18: 87:4e:67:cc:4b:e3:6b:0b:d2:9b:f1:a0:47:68:2d:f4:d0:10: b9:f4:a5:28:dd:c6:a4:97:90:f6:db:ff:d1:d4:29:57:b2:2f: 20:25:0f:3d:b0:95:06:cc:10:94:c0:b9:63:af:99:2b:37:19: dc:fe:fd:8d:88:cb:0e:89:a6:24:25:38:8b:aa:e7:c4:73:40: fd:f5:2d:7d:3a:95:63:ab:1a:a1:fb:e5:a1:2a:c5:f9:36:45: 12:35:c7:4d:c9:fa:00:f0:fc:08:5a:35:12:87:57:ea:f1:b6: 12:e7:d8:da:d1:af:9a:57:6a:34:fd:03:e2:c6:15:6e:61:aa: c7:77:02:32:7e:f3:e1:d6:07:e4:59:e0:83:05:75:22:50:c1: c1:c6:4a:6d:a0:d0:58:4e:dd:64:60:f9:63:7c:41:94:d0:af: 57:cf:c0:69:72:76:c3:f0:1a:f8:51:64:39:bb:c8:f2:02:2f: 50:13:97:0f:f8:fd:85:58:0b:df:a6:64:36:91:a4:5f:47:64: 52:e6:dc:17:5f:d0:25:c6:d1:ca:69:e4:76:e6:5c:93:fa:14: c2:8c:c3:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fhZsb5o1dJ4HKRWXddIzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0M2M5MDNiNGQwZTgzYmM4YjJkNDU0MzEzNmU5Y2Q1ZjM5 ODY0ZjUwHhcNMjUxMjIwMTYwMDU0WhcNMjUxMjIxMTYwMDU0WjAzMTEwLwYDVQQD Eyg4ZGMxOTRiNmM1NzYyYzk1OTk1YzY4NTY4ZjYyOGMyMzUyNDViODY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBYL78LFXIRhjeK0ZUegVERfNMSu XxRaV73k5vahrQ1guOP/vCK+ZNzzoRky8rm+65ww6XmQ+NtxIRBqLtMyvuWuwEz+ iKqD6pj8oUDjRp8zjMfR6Cryp60sOIGmNWTn7aoPml7h6Bd13iJOkydUmP7zudjv sOHsqPHmKVvldTiHs7OL/1adyDxi59N/gEHqmEvBq1SL0n01kCd/9OdzxD4dENPN yAB+unFGF57R1jqtyXIsaAGDrIJW2r6mTi1XEzA680Yg537I+GJKi8NPB35DD+ow KFXw94wsI330CZrEZW0r1tHodBFvNNj1MBa6a5h0+FDrFEgbcSsyM2Jr6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI3BlLbFdiyVmVxoVo9ijCNSRbhnMB8GA1UdIwQY MBaAFJQ8kDtNDoO8iy1FQxNunNXzmGT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTkt Zjk4Yzc1ZGVhMjkyLzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTktZjk4Yzc1ZGVhMjky LzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZzGB+bc imTJmHZQ+V2EFCrmlfaJUoOjVcqGWkdOFBkaYEwYh05nzEvjawvSm/GgR2gt9NAQ ufSlKN3GpJeQ9tv/0dQpV7IvICUPPbCVBswQlMC5Y6+ZKzcZ3P79jYjLDommJCU4 i6rnxHNA/fUtfTqVY6saofvloSrF+TZFEjXHTcn6APD8CFo1EodX6vG2EufY2tGv mldqNP0D4sYVbmGqx3cCMn7z4dYH5FnggwV1IlDBwcZKbaDQWE7dZGD5Y3xBlNCv V8/AaXJ2w/Aa+FFkObvI8gIvUBOXD/j9hVgL36ZkNpGkX0dkUubcF1/QJcbRymnk duZck/oUwozDgQ== -----END CERTIFICATE-----Generated at Sun Dec 21 01:18:40 2025 by rpki-client