This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft File: Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json) Hash identifier: 4PM5pwnp48mCvIALBE4npXxL52m0u3Bm5HpnChkw7Ps= Subject key identifier: C8:D3:B6:79:76:4E:C2:DC:70:66:00:5A:EA:1A:D5:A3:14:17:4F:92 Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91 Certificate issuer: /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491 Certificate serial: 019B631F5EA0E0755BE0F1D2C59296329247 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft Manifest number: 1798 Signing time: Sun 28 Dec 2025 04:02:38 +0000 Manifest this update: Sun 28 Dec 2025 04:02:38 +0000 Manifest next update: Mon 29 Dec 2025 04:02:38 +0000 Files and hashes: 1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: 7JjAimYHzY6T/FUIFqsT935W+cyPT9j4f9MctyjctaM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1f:5e:a0:e0:75:5b:e0:f1:d2:c5:92:96:32:92:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491 Validity Not Before: Dec 28 04:02:38 2025 GMT Not After : Dec 29 04:02:38 2025 GMT Subject: CN=c8d3b679764ec2dc7066005aea1ad5a314174f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:53:c8:45:cf:2d:c4:1a:f1:e0:41:c6:07:72: 7f:94:67:70:ef:cc:51:4c:41:b6:c8:91:4b:50:37: 49:e2:23:64:39:a4:00:a2:50:87:a7:9d:4f:7a:63: 2c:6d:32:ab:f0:23:9b:3c:f5:a1:62:6f:24:5d:41: c8:44:6c:16:64:02:50:78:27:f5:c2:26:ac:b6:8d: c8:9c:d5:fe:e1:a0:40:56:81:6d:4a:4d:0a:2b:ed: bf:f7:e5:61:e6:9d:c1:90:15:c9:45:d9:1f:9a:f1: 6a:99:e1:8b:ce:9a:2e:28:61:ba:e8:af:2d:94:34: 7c:6c:0c:d2:1b:48:fa:04:ff:4e:e8:85:27:84:2a: 28:62:4a:35:c1:a6:9d:3b:22:69:f6:aa:54:24:09: 1f:89:6e:ae:ed:21:db:49:78:32:37:e6:64:23:a3: a6:cc:10:10:73:f0:23:5f:e2:83:16:9a:46:57:13: cd:66:87:c5:8c:fa:6c:ee:61:6b:b8:90:d1:90:1a: fb:e9:c9:70:94:7c:76:e7:7a:ee:a8:3b:96:b1:2c: ea:e6:0d:47:df:80:d8:75:29:de:6a:23:2f:66:a2: 81:bc:18:fd:06:e6:60:7c:63:4b:e0:04:c1:bc:91: 7f:c9:be:af:99:33:74:c8:3b:0c:56:8a:f0:8c:2e: fa:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D3:B6:79:76:4E:C2:DC:70:66:00:5A:EA:1A:D5:A3:14:17:4F:92 X509v3 Authority Key Identifier: keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:6b:57:b2:11:3b:b6:3e:34:dc:77:36:0f:b3:55:f5:06:e4: 6b:8f:d6:3f:5b:a4:37:ba:ed:f8:09:d3:92:30:97:36:c9:9b: 14:6a:98:57:af:4d:4e:2d:9b:85:05:87:45:19:9b:fe:4d:66: 43:b0:08:cc:3c:f9:7c:84:20:94:0b:6f:96:7a:0f:1e:dd:08: b4:9a:19:01:db:3b:a3:59:8f:c4:a6:4a:ef:80:07:28:7d:a4: 17:1f:05:4f:1b:82:fc:38:3f:97:b6:a1:2a:94:9f:4f:9c:5e: 4f:0f:e8:8a:52:b9:63:7a:3a:c5:c6:9e:b3:91:fd:d4:d4:82: 46:f9:16:bf:86:74:f9:dc:6e:86:27:65:fc:7c:3c:d5:b3:03: a8:93:a1:94:07:ce:09:fe:f9:67:2f:41:a2:3a:e4:64:66:32: 5a:9c:e2:1c:ed:fd:d8:cf:b9:e9:23:e1:93:8b:46:cb:0c:12: 6e:8e:a8:86:66:bf:dc:87:c6:8f:17:ee:31:1a:cc:d7:68:d0: fe:c2:ff:bd:df:a9:b0:dd:21:bd:1b:1a:bf:ee:0b:be:49:c5: 1b:33:48:5f:f7:49:08:e9:73:70:72:9b:d4:45:c8:3b:ff:23: bd:05:c9:cb:b4:86:fe:46:f0:28:d3:19:da:0f:a1:a3:22:a5: 3d:39:d3:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjH16g4HVb4PHSxZKWMpJHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5 OWM0OTEwHhcNMjUxMjI4MDQwMjM4WhcNMjUxMjI5MDQwMjM4WjAzMTEwLwYDVQQD EyhjOGQzYjY3OTc2NGVjMmRjNzA2NjAwNWFlYTFhZDVhMzE0MTc0ZjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVPIRc8txBrx4EHGB3J/lGdw78xR TEG2yJFLUDdJ4iNkOaQAolCHp51PemMsbTKr8CObPPWhYm8kXUHIRGwWZAJQeCf1 wiasto3InNX+4aBAVoFtSk0KK+2/9+Vh5p3BkBXJRdkfmvFqmeGLzpouKGG66K8t lDR8bAzSG0j6BP9O6IUnhCooYko1waadOyJp9qpUJAkfiW6u7SHbSXgyN+ZkI6Om zBAQc/AjX+KDFppGVxPNZofFjPps7mFruJDRkBr76clwlHx253ruqDuWsSzq5g1H 34DYdSneaiMvZqKBvBj9BuZgfGNL4ATBvJF/yb6vmTN0yDsMVorwjC76lwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMjTtnl2TsLccGYAWuoa1aMUF0+SMB8GA1UdIwQY MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1 LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfWtXshE7 tj403Hc2D7NV9Qbka4/WP1ukN7rt+AnTkjCXNsmbFGqYV69NTi2bhQWHRRmb/k1m Q7AIzDz5fIQglAtvlnoPHt0ItJoZAds7o1mPxKZK74AHKH2kFx8FTxuC/Dg/l7ah KpSfT5xeTw/oilK5Y3o6xcaes5H91NSCRvkWv4Z0+dxuhidl/Hw81bMDqJOhlAfO Cf75Zy9BojrkZGYyWpziHO392M+56SPhk4tGywwSbo6ohma/3IfGjxfuMRrM12jQ /sL/vd+psN0hvRsav+4LvknFGzNIX/dJCOlzcHKb1EXIO/8jvQXJy7SG/kbwKNMZ 2g+hoyKlPTnTYw== -----END CERTIFICATE-----Generated at Sun Dec 28 08:05:13 2025 by rpki-client