This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft File: lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft (raw, json) Hash identifier: Kz3GrNVkSG1yQRzqI2Gp27CdKMeLBX0RIw3WBZ6eA+o= Subject key identifier: 3B:4C:19:8F:C6:52:5F:5C:2C:92:D6:DD:7E:92:08:E2:5A:2B:B8:70 Authority key identifier: 96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A Certificate issuer: /CN=96448e840d272a3e3159192d1df11f100e506f6a Certificate serial: 019B4B4C3CFC43D8871B6DF66AA2A66599E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft Manifest number: 09B9 Signing time: Tue 23 Dec 2025 13:00:46 +0000 Manifest this update: Tue 23 Dec 2025 13:00:46 +0000 Manifest next update: Wed 24 Dec 2025 13:00:46 +0000 Files and hashes: 1: HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa (hash: NAZLCo/vu2u7I92Xt0rJZZjC+drQdPYyxSFtuqS2OpE=) 2: lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl (hash: L7cnCT8uMbBNPYLvbR+QurNtM4kSPem8tukVXDNTiXI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 13:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:4c:3c:fc:43:d8:87:1b:6d:f6:6a:a2:a6:65:99:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96448e840d272a3e3159192d1df11f100e506f6a Validity Not Before: Dec 23 13:00:46 2025 GMT Not After : Dec 24 13:00:46 2025 GMT Subject: CN=3b4c198fc6525f5c2c92d6dd7e9208e25a2bb870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:3e:38:af:26:11:89:a3:86:bb:09:34:b4:67: 06:4a:5f:ee:ca:b2:f9:d7:de:d4:15:e0:c1:5a:af: 9e:5e:66:c5:9f:fe:0b:ee:7f:cb:cc:0d:e6:fd:fd: 39:dd:15:a0:66:cd:a1:34:41:43:a8:a5:e0:36:1d: 97:53:92:81:f9:7e:c6:9f:24:7e:01:06:62:1a:f4: 29:ed:79:fa:c8:b1:05:fd:bb:22:bd:4c:09:da:6c: c5:ce:45:f4:96:10:64:2e:d8:40:39:21:ed:ea:c1: 64:03:1f:87:7e:05:4a:48:83:ad:5f:22:7f:a6:68: de:cf:09:0d:a0:91:f2:0f:43:17:4b:79:fb:65:41: 53:30:ad:d4:b9:74:ae:08:4b:e5:ec:d3:35:eb:47: 15:e1:5f:1b:5a:4f:55:37:d9:68:48:fb:67:78:7c: b4:96:91:36:b6:ab:41:ea:f4:81:f3:42:34:a8:7b: 81:98:65:87:4d:26:07:fb:0b:f4:ec:fa:b7:20:11: 7e:28:7b:93:8e:a0:06:b3:66:54:42:3f:a6:b2:91: bc:82:43:27:ab:ce:ab:38:2a:c9:e4:20:8b:92:e5: 2a:cc:d0:a8:dd:1a:00:41:3d:66:23:38:4a:01:c1: 22:c6:b1:49:dd:0c:05:18:6f:e0:f4:f2:d8:c1:8f: a8:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:4C:19:8F:C6:52:5F:5C:2C:92:D6:DD:7E:92:08:E2:5A:2B:B8:70 X509v3 Authority Key Identifier: keyid:96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:cd:27:da:25:e7:ff:8f:0a:d4:3d:72:f2:8e:bb:7e:76:b5: 90:5a:83:ff:e4:05:fa:fe:1b:79:49:d3:e1:ea:14:88:23:fe: 4d:2f:99:10:b5:5d:38:96:ab:f9:44:64:03:21:6c:81:c3:79: 25:0b:20:f6:a7:ef:82:b2:ee:38:af:6b:f9:f6:c8:5a:9b:39: 2f:1f:e6:22:76:7b:a1:3f:ca:52:41:17:06:98:bc:2c:47:1c: 84:85:eb:cd:bd:e6:7d:d2:fb:0c:d7:f1:3b:6d:c8:cf:d6:57: 0a:fd:a9:af:bf:4b:c8:6d:ed:1a:61:08:aa:f6:0b:a0:87:c1: 42:10:25:2c:ac:47:bc:0a:4d:11:47:46:0f:d9:fb:7f:cf:28: a7:74:39:d4:9d:68:ba:b5:f6:f3:66:33:b5:3d:65:cc:da:ec: b8:d7:76:3f:cd:0b:5d:70:6e:e8:05:d4:92:20:b2:7d:92:1c: 8b:34:de:c9:b6:91:f0:f6:87:2a:63:9a:12:ae:43:57:b6:03: c1:ae:cf:86:ca:1b:59:75:01:e7:a0:a0:9b:34:d9:2a:d9:2f: e1:11:88:3e:64:bb:d8:46:66:ab:06:bd:3f:04:f8:8b:13:e8: bf:3a:b0:16:6f:f9:09:e6:a1:8f:ee:6b:52:41:e2:9c:1d:82: 27:9a:b3:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLTDz8Q9iHG232aqKmZZnnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2NDQ4ZTg0MGQyNzJhM2UzMTU5MTkyZDFkZjExZjEwMGU1 MDZmNmEwHhcNMjUxMjIzMTMwMDQ2WhcNMjUxMjI0MTMwMDQ2WjAzMTEwLwYDVQQD EygzYjRjMTk4ZmM2NTI1ZjVjMmM5MmQ2ZGQ3ZTkyMDhlMjVhMmJiODcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7z44ryYRiaOGuwk0tGcGSl/uyrL5 197UFeDBWq+eXmbFn/4L7n/LzA3m/f053RWgZs2hNEFDqKXgNh2XU5KB+X7GnyR+ AQZiGvQp7Xn6yLEF/bsivUwJ2mzFzkX0lhBkLthAOSHt6sFkAx+HfgVKSIOtXyJ/ pmjezwkNoJHyD0MXS3n7ZUFTMK3UuXSuCEvl7NM160cV4V8bWk9VN9loSPtneHy0 lpE2tqtB6vSB80I0qHuBmGWHTSYH+wv07Pq3IBF+KHuTjqAGs2ZUQj+mspG8gkMn q86rOCrJ5CCLkuUqzNCo3RoAQT1mIzhKAcEixrFJ3QwFGG/g9PLYwY+opwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtMGY/GUl9cLJLW3X6SCOJaK7hwMB8GA1UdIwQY MBaAFJZEjoQNJyo+MVkZLR3xHxAOUG9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYt MTZhZmJhOTg3YjA2LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYtMTZhZmJhOTg3YjA2 LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQs0n2iXn /48K1D1y8o67fna1kFqD/+QF+v4beUnT4eoUiCP+TS+ZELVdOJar+URkAyFsgcN5 JQsg9qfvgrLuOK9r+fbIWps5Lx/mInZ7oT/KUkEXBpi8LEcchIXrzb3mfdL7DNfx O23Iz9ZXCv2pr79LyG3tGmEIqvYLoIfBQhAlLKxHvApNEUdGD9n7f88op3Q51J1o urX282YztT1lzNrsuNd2P80LXXBu6AXUkiCyfZIcizTeybaR8PaHKmOaEq5DV7YD wa7PhsobWXUB56CgmzTZKtkv4RGIPmS72EZmqwa9PwT4ixPovzqwFm/5Ceahj+5r UkHinB2CJ5qzsQ== -----END CERTIFICATE-----Generated at Tue Dec 23 22:05:59 2025 by rpki-client