This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft File: lDyQO00Og7yLLUVDE26c1fOYZPU.mft (raw, json) Hash identifier: Q+xM9JbhvfJGNGBScIhvJtvhhitVSuwMCfBYql+q3N8= Subject key identifier: 06:D3:B7:F0:82:5E:49:EE:CD:67:E1:94:7C:29:19:E9:49:2D:7F:85 Authority key identifier: 94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5 Certificate issuer: /CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5 Certificate serial: 019B4625FB6FC43E7FC1AA0646E3C04553E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft Manifest number: 08BC Signing time: Mon 22 Dec 2025 13:00:52 +0000 Manifest this update: Mon 22 Dec 2025 13:00:52 +0000 Manifest next update: Tue 23 Dec 2025 13:00:52 +0000 Files and hashes: 1: cj4zWw5xq9EoEtqlLeBFl4S5Tw8.roa (hash: juaSzbzMDJ0sK0T5VgO//FmV7+h5xttoXCzQBonEpPE=) 2: lDyQO00Og7yLLUVDE26c1fOYZPU.crl (hash: +TkmFyYMBvMjitG1i+VTv1hN//eVwyBug0QeDOUZiPA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:25:fb:6f:c4:3e:7f:c1:aa:06:46:e3:c0:45:53:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5 Validity Not Before: Dec 22 13:00:52 2025 GMT Not After : Dec 23 13:00:52 2025 GMT Subject: CN=06d3b7f0825e49eecd67e1947c2919e9492d7f85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:05:06:6c:f4:fb:4e:27:97:78:cc:f4:bb:cf: f5:ed:25:cc:8b:f1:fa:d3:a6:a4:a3:f1:2a:6c:ef: 81:8b:45:13:8b:e2:3b:f2:f6:5a:34:2a:e9:e4:6c: b3:8a:41:8c:7b:f7:4c:b6:68:84:73:e2:97:14:c7: 1a:37:62:d1:0c:54:dc:c9:03:ee:89:e8:81:2b:b5: 1b:5b:08:a5:33:fa:d2:19:bf:81:72:16:04:65:32: ae:a8:30:93:a9:88:60:08:21:85:1d:0f:93:1b:08: 20:82:db:c8:0a:6e:25:af:e4:fe:5b:5d:1b:c0:fc: b4:d8:7d:c7:0b:b6:a2:a1:71:7c:a0:bb:eb:1e:91: 3d:99:47:aa:19:6d:f2:13:81:9b:81:0a:e6:73:49: 2f:de:be:12:fc:72:e7:42:42:7d:47:77:ea:bd:a6: 61:c2:a2:45:3f:99:0e:44:7d:46:31:db:ac:b4:97: 41:4b:1d:2d:b1:52:bc:ca:92:0d:aa:4f:58:2d:2f: 0d:22:6a:e9:39:45:fc:c4:a3:a2:15:95:87:b4:c5: 5d:53:7e:a1:2e:d5:8a:cd:ea:39:65:60:29:a4:54: 64:d5:10:3c:27:e5:fe:ad:69:86:b2:6a:54:c5:d5: d4:aa:91:c0:aa:ac:f8:f9:0c:14:6b:bc:60:38:ce: 62:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:D3:B7:F0:82:5E:49:EE:CD:67:E1:94:7C:29:19:E9:49:2D:7F:85 X509v3 Authority Key Identifier: keyid:94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:e5:e1:a3:2a:46:89:4d:1d:80:8c:f0:14:e0:12:83:24:d5: f5:41:cc:a2:bc:db:50:82:0b:df:24:b1:07:33:ab:bc:3c:d8: 0a:03:6e:0c:4c:ef:5d:1d:6b:ed:3c:5c:ed:d1:d7:58:06:e2: 06:71:fa:88:2b:5e:7e:8a:5f:94:ce:3f:d5:ca:04:0c:cf:53: 8e:e1:e2:a3:b9:cf:33:e1:88:79:ba:ce:a0:b4:f8:11:83:13: 33:84:9b:e5:36:68:7c:93:ec:10:44:89:1c:79:4d:23:13:ce: e4:1e:1d:01:fd:98:8b:2f:f8:2d:f1:15:af:34:30:7a:4b:4a: 35:00:3f:4d:08:33:20:38:c9:41:04:92:83:45:35:20:65:60: e5:77:74:5b:95:c9:ad:4b:92:b0:6d:34:89:a5:2e:69:44:06: 66:c3:0c:28:a7:8f:8a:e5:35:68:08:e6:33:83:d3:c1:09:16: be:71:3a:1e:aa:24:2f:2b:16:c6:76:2e:29:b7:c7:04:2f:11: 97:eb:99:4f:21:bd:00:50:dc:b3:b8:11:9f:d7:03:b5:99:34: e2:dd:da:95:87:62:fd:81:43:75:87:03:b4:0b:e9:72:cb:76: c2:5a:6e:90:d2:2e:9c:7e:c1:86:83:46:ec:fa:4c:36:89:39: e9:8d:f8:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJftvxD5/waoGRuPARVPnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0M2M5MDNiNGQwZTgzYmM4YjJkNDU0MzEzNmU5Y2Q1ZjM5 ODY0ZjUwHhcNMjUxMjIyMTMwMDUyWhcNMjUxMjIzMTMwMDUyWjAzMTEwLwYDVQQD EygwNmQzYjdmMDgyNWU0OWVlY2Q2N2UxOTQ3YzI5MTllOTQ5MmQ3Zjg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAUGbPT7TieXeMz0u8/17SXMi/H6 06ako/EqbO+Bi0UTi+I78vZaNCrp5GyzikGMe/dMtmiEc+KXFMcaN2LRDFTcyQPu ieiBK7UbWwilM/rSGb+BchYEZTKuqDCTqYhgCCGFHQ+TGwgggtvICm4lr+T+W10b wPy02H3HC7aioXF8oLvrHpE9mUeqGW3yE4GbgQrmc0kv3r4S/HLnQkJ9R3fqvaZh wqJFP5kORH1GMdustJdBSx0tsVK8ypINqk9YLS8NImrpOUX8xKOiFZWHtMVdU36h LtWKzeo5ZWAppFRk1RA8J+X+rWmGsmpUxdXUqpHAqqz4+QwUa7xgOM5inwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAbTt/CCXknuzWfhlHwpGelJLX+FMB8GA1UdIwQY MBaAFJQ8kDtNDoO8iy1FQxNunNXzmGT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTkt Zjk4Yzc1ZGVhMjkyLzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTktZjk4Yzc1ZGVhMjky LzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEeXhoypG iU0dgIzwFOASgyTV9UHMorzbUIIL3ySxBzOrvDzYCgNuDEzvXR1r7Txc7dHXWAbi BnH6iCtefopflM4/1coEDM9TjuHio7nPM+GIebrOoLT4EYMTM4Sb5TZofJPsEESJ HHlNIxPO5B4dAf2Yiy/4LfEVrzQwektKNQA/TQgzIDjJQQSSg0U1IGVg5Xd0W5XJ rUuSsG00iaUuaUQGZsMMKKePiuU1aAjmM4PTwQkWvnE6HqokLysWxnYuKbfHBC8R l+uZTyG9AFDcs7gRn9cDtZk04t3alYdi/YFDdYcDtAvpcst2wlpukNIunH7BhoNG 7PpMNok56Y34dQ== -----END CERTIFICATE-----Generated at Mon Dec 22 22:53:43 2025 by rpki-client