This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft File: lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json) Hash identifier: ySmZ8uhpEqu7Rao9OIR7xUehcNmolyaUKtDr0tDuvS8= Subject key identifier: CF:E7:82:04:7F:14:1D:92:EE:A2:61:FC:E5:81:D7:16:B0:4E:58:1F Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B Certificate issuer: /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b Certificate serial: 019B32D6F8DB7B1F842601E62D76CC055EF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft Manifest number: 1483 Signing time: Thu 18 Dec 2025 19:01:47 +0000 Manifest this update: Thu 18 Dec 2025 19:01:47 +0000 Manifest next update: Fri 19 Dec 2025 19:01:47 +0000 Files and hashes: 1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: A59/8d7u69Y7J250gRBe+2j+/8ZNR7ul3Pun1W4gUw8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:f8:db:7b:1f:84:26:01:e6:2d:76:cc:05:5e:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b Validity Not Before: Dec 18 19:01:47 2025 GMT Not After : Dec 19 19:01:47 2025 GMT Subject: CN=cfe782047f141d92eea261fce581d716b04e581f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:63:2b:c0:67:c0:a0:fc:9a:d1:c6:4b:7b:d2: ac:f3:08:62:29:22:18:2b:b2:d8:f5:08:85:97:d8: eb:20:23:96:32:19:02:d3:0e:8a:77:5d:8d:0a:e7: 1c:94:ed:56:f4:a5:e7:6c:99:3b:11:9a:c2:99:ea: 5b:ce:76:51:3c:63:24:13:2f:81:11:84:5e:08:5f: fe:46:49:5e:58:68:a2:43:14:31:a8:89:2e:43:d9: f0:57:b2:c3:4d:d2:52:81:71:2a:c9:01:76:6b:c1: 52:96:be:6f:c7:8c:d9:72:7d:d3:fd:5f:a1:52:86: c2:1b:9d:77:4a:f3:81:40:0a:c5:5d:98:a9:7e:48: c3:d0:a5:0f:2b:30:51:d7:da:6b:e8:36:a3:ae:e6: ec:a7:18:af:12:d6:52:ef:f0:b4:1f:02:d6:15:78: ac:c5:fb:84:69:a5:02:46:df:be:38:94:58:75:ef: f9:27:20:d6:42:a1:df:57:04:da:7b:71:75:0f:a4: b9:01:57:25:c7:4a:fb:b7:42:a6:41:73:10:d8:dd: 47:b0:89:b1:5e:69:ab:47:8a:fe:2c:e2:a5:88:34: 52:1b:7e:3d:e8:17:08:14:03:43:3a:c7:a7:84:9e: 38:8e:dc:9b:83:d5:12:b6:4c:63:e2:e1:d3:75:0c: ee:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:E7:82:04:7F:14:1D:92:EE:A2:61:FC:E5:81:D7:16:B0:4E:58:1F X509v3 Authority Key Identifier: keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:1e:e5:e3:f0:d0:b7:30:2d:cd:cc:0f:71:61:49:a8:2d:83: ce:f8:e0:3c:05:15:fa:63:78:55:64:f2:4e:dc:fe:96:73:b7: 0b:3e:d2:90:53:3a:ff:1c:92:bd:52:09:d9:15:76:7b:c8:90: 69:bc:ad:b6:44:ec:3a:f5:f9:12:f6:2a:a6:fa:e1:0c:24:33: bf:4e:2c:52:a9:5f:e3:c4:3a:1d:58:5e:1b:ae:58:1a:4d:00: 84:8d:fd:70:ec:a4:b2:85:4a:24:6d:f0:45:1b:0f:fa:bb:79: a0:c4:64:fb:78:68:fe:0e:c3:05:5d:bc:e4:59:0d:0c:e9:eb: 55:21:ea:f8:1b:06:ea:1f:cf:57:95:82:78:f5:d3:b6:30:63: ae:93:15:47:8d:81:c6:af:89:8a:c0:91:45:7d:43:b0:82:73: bc:7e:52:0e:00:49:dc:09:82:f6:9a:02:88:04:9f:30:ec:c8: f9:64:de:5a:62:e2:c9:a5:06:40:89:21:ed:cd:2b:75:0c:6a: 88:78:93:cb:c3:10:a8:4a:63:82:cc:c2:2f:e4:ca:dd:ea:2d: c2:e4:f6:5b:3c:ce:90:31:e9:54:ae:8b:1a:19:38:0d:25:38: ae:a4:39:7e:98:5e:1e:c7:55:07:7d:3b:15:99:00:78:10:9f: 19:ba:2f:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1vjbex+EJgHmLXbMBV7xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw Y2FhM2IwHhcNMjUxMjE4MTkwMTQ3WhcNMjUxMjE5MTkwMTQ3WjAzMTEwLwYDVQQD EyhjZmU3ODIwNDdmMTQxZDkyZWVhMjYxZmNlNTgxZDcxNmIwNGU1ODFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGMrwGfAoPya0cZLe9Ks8whiKSIY K7LY9QiFl9jrICOWMhkC0w6Kd12NCucclO1W9KXnbJk7EZrCmepbznZRPGMkEy+B EYReCF/+RkleWGiiQxQxqIkuQ9nwV7LDTdJSgXEqyQF2a8FSlr5vx4zZcn3T/V+h UobCG513SvOBQArFXZipfkjD0KUPKzBR19pr6DajrubspxivEtZS7/C0HwLWFXis xfuEaaUCRt++OJRYde/5JyDWQqHfVwTae3F1D6S5AVclx0r7t0KmQXMQ2N1HsImx XmmrR4r+LOKliDRSG3496BcIFANDOsenhJ44jtybg9UStkxj4uHTdQzudQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM/nggR/FB2S7qJh/OWB1xawTlgfMB8GA1UdIwQY MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAER7l4/DQ tzAtzcwPcWFJqC2DzvjgPAUV+mN4VWTyTtz+lnO3Cz7SkFM6/xySvVIJ2RV2e8iQ abyttkTsOvX5EvYqpvrhDCQzv04sUqlf48Q6HVheG65YGk0AhI39cOyksoVKJG3w RRsP+rt5oMRk+3ho/g7DBV285FkNDOnrVSHq+BsG6h/PV5WCePXTtjBjrpMVR42B xq+JisCRRX1DsIJzvH5SDgBJ3AmC9poCiASfMOzI+WTeWmLiyaUGQIkh7c0rdQxq iHiTy8MQqEpjgszCL+TK3eotwuT2WzzOkDHpVK6LGhk4DSU4rqQ5fpheHsdVB307 FZkAeBCfGbov5g== -----END CERTIFICATE-----Generated at Fri Dec 19 01:28:01 2025 by rpki-client