This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft File: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json) Hash identifier: CZna//kbARG3yHLwv7soseElgyZOBrryi5nz40Zm1G4= Subject key identifier: 2B:97:E0:EA:37:D4:D6:5E:32:F1:C5:D9:32:0C:31:E3:1A:DC:D0:64 Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD Certificate issuer: /CN=2f70532664343cb3d2897023a127f60ba917a5dd Certificate serial: 019B8B3DF4A428A774360B7660C945E46676 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft Manifest number: 0DA4 Signing time: Sun 04 Jan 2026 23:00:51 +0000 Manifest this update: Sun 04 Jan 2026 23:00:51 +0000 Manifest next update: Mon 05 Jan 2026 23:00:51 +0000 Files and hashes: 1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: 4aYxfxU1T7FsCJlT5rToGRNY8xPlxQVzsLLCovB42dc=) 2: TsNw6_rUlF3WyS0xB9lA_qFI5N0.roa (hash: o/jK1+Sozn92VWRitjnWkL3+T8fEVmw/zg1uz6fdVJQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 23:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8b:3d:f4:a4:28:a7:74:36:0b:76:60:c9:45:e4:66:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd Validity Not Before: Jan 4 23:00:51 2026 GMT Not After : Jan 5 23:00:51 2026 GMT Subject: CN=2b97e0ea37d4d65e32f1c5d9320c31e31adcd064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4d:3e:4c:dd:57:18:4d:e8:f8:d5:15:40:87: e8:4b:58:48:51:0d:c4:af:67:05:c6:ac:ae:35:bc: 1d:67:a8:3e:cd:fd:42:d2:4e:88:63:a4:fb:fa:ad: 8b:92:f8:0e:cd:6d:16:c5:04:4b:3e:00:2c:eb:9a: cc:ae:30:3a:98:4b:05:38:17:58:33:2e:f2:cd:a5: d8:b0:f0:87:15:96:34:f8:08:b2:36:f7:f5:08:b6: e7:64:f1:a3:e3:5e:e2:bf:04:10:f9:93:83:fb:5b: 3f:fb:bf:d0:3e:42:ab:05:01:31:3e:d7:6f:f9:32: 0e:3c:50:a6:37:ad:b2:6d:29:ff:5c:fd:a5:81:08: 62:01:d4:65:10:9a:cc:f8:19:ae:e6:db:f4:d9:da: 6a:16:ec:e0:21:7e:0f:58:e2:c5:62:25:31:5f:2c: 4c:d9:24:a8:a2:56:6e:0d:06:30:e5:8a:80:63:95: fe:69:d6:53:5d:f7:59:ad:75:43:55:3b:2f:66:2b: 95:de:c7:ec:ac:91:fd:15:a1:fd:dd:33:05:57:63: dc:9f:67:a4:50:5c:bb:e6:ba:68:75:a6:ec:1b:a6: f0:b3:65:c7:60:85:41:67:db:2b:5a:9f:7c:c3:c2: 75:2a:59:3b:1c:e5:c0:25:6a:68:de:ef:92:5f:53: 22:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:97:E0:EA:37:D4:D6:5E:32:F1:C5:D9:32:0C:31:E3:1A:DC:D0:64 X509v3 Authority Key Identifier: keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:2d:a7:17:4b:ee:bb:60:1e:70:31:75:3a:ec:ae:f5:94:f8: ee:c5:87:ff:e6:89:de:68:be:54:f9:c0:28:11:05:3e:c5:06: c5:21:b3:ee:0c:db:ac:3a:fc:b3:b9:f5:09:58:79:79:72:d9: 1d:a9:e0:81:a1:2b:37:fd:f6:42:45:1f:45:af:50:2f:da:36: 31:84:47:99:c0:fc:3c:29:97:79:cf:84:ab:6a:fb:8c:7f:17: 1c:af:7d:44:27:67:db:5f:0d:ec:0e:3c:dd:81:61:a0:fe:67: df:5b:4b:d5:35:51:3d:46:7d:73:83:13:bf:ef:2d:41:87:75: 63:e6:98:d6:ef:84:0b:cd:a1:66:18:98:86:66:6c:a3:01:5b: e2:e8:c4:1b:99:bf:65:fd:69:9e:1f:be:1e:ce:f3:95:d3:e4: 3c:93:ee:5e:0d:19:05:31:28:38:60:ec:b7:42:08:e8:63:28: 4a:2b:fd:15:ab:be:a0:84:49:d1:db:c3:dd:93:52:db:12:5b: 65:b1:2b:c3:06:fa:98:a8:7f:c9:a4:33:d5:5b:6c:0d:20:12: 47:7d:0e:e6:da:ae:16:a2:9a:99:34:20:bf:30:a6:65:32:7b: d6:91:16:68:e5:3c:90:64:a7:ec:9f:dc:db:88:6c:ba:e3:76: a2:da:ae:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuLPfSkKKd0Ngt2YMlF5GZ2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx N2E1ZGQwHhcNMjYwMTA0MjMwMDUxWhcNMjYwMTA1MjMwMDUxWjAzMTEwLwYDVQQD EygyYjk3ZTBlYTM3ZDRkNjVlMzJmMWM1ZDkzMjBjMzFlMzFhZGNkMDY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz00+TN1XGE3o+NUVQIfoS1hIUQ3E r2cFxqyuNbwdZ6g+zf1C0k6IY6T7+q2LkvgOzW0WxQRLPgAs65rMrjA6mEsFOBdY My7yzaXYsPCHFZY0+AiyNvf1CLbnZPGj417ivwQQ+ZOD+1s/+7/QPkKrBQExPtdv +TIOPFCmN62ybSn/XP2lgQhiAdRlEJrM+Bmu5tv02dpqFuzgIX4PWOLFYiUxXyxM 2SSoolZuDQYw5YqAY5X+adZTXfdZrXVDVTsvZiuV3sfsrJH9FaH93TMFV2Pcn2ek UFy75rpodabsG6bws2XHYIVBZ9srWp98w8J1Klk7HOXAJWpo3u+SX1MipQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCuX4Oo31NZeMvHF2TIMMeMa3NBkMB8GA1UdIwQY MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4 LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGy2nF0vu u2AecDF1Ouyu9ZT47sWH/+aJ3mi+VPnAKBEFPsUGxSGz7gzbrDr8s7n1CVh5eXLZ HanggaErN/32QkUfRa9QL9o2MYRHmcD8PCmXec+Eq2r7jH8XHK99RCdn218N7A48 3YFhoP5n31tL1TVRPUZ9c4MTv+8tQYd1Y+aY1u+EC82hZhiYhmZsowFb4ujEG5m/ Zf1pnh++Hs7zldPkPJPuXg0ZBTEoOGDst0II6GMoSiv9Fau+oIRJ0dvD3ZNS2xJb ZbErwwb6mKh/yaQz1VtsDSASR30O5tquFqKamTQgvzCmZTJ71pEWaOU8kGSn7J/c 24hsuuN2otquKQ== -----END CERTIFICATE-----Generated at Mon Jan 5 06:57:46 2026 by rpki-client