This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft File: l8AN4AfUqkpAMdR2ELObd0kIv0k.mft (raw, json) Hash identifier: 9OoOz96Akhxv91dxaRGQ0Nd1P79hHmkcWwzUppqPONU= Subject key identifier: 30:6D:CF:5D:C0:5B:56:29:AD:FF:F4:98:A2:66:E1:19:6E:08:48:5D Authority key identifier: 97:C0:0D:E0:07:D4:AA:4A:40:31:D4:76:10:B3:9B:77:49:08:BF:49 Certificate issuer: /CN=97c00de007d4aa4a4031d47610b39b774908bf49 Certificate serial: 019B4A0271505310502A0E4B939280146DA0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft Manifest number: 0374 Signing time: Tue 23 Dec 2025 07:00:32 +0000 Manifest this update: Tue 23 Dec 2025 07:00:32 +0000 Manifest next update: Wed 24 Dec 2025 07:00:32 +0000 Files and hashes: 1: 6v3xaZ7YrvMvQdKxxjWwKZ-HZN4.roa (hash: hWUPq5N6t+RwJdEvOikw63sUGiZaD6rAh+UZM/+TLZM=) 2: l8AN4AfUqkpAMdR2ELObd0kIv0k.crl (hash: /VmLVnKluAOp3ImRaivSB4Dfb4z1OW3CoXcfox0XdCk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.crl rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:02:71:50:53:10:50:2a:0e:4b:93:92:80:14:6d:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97c00de007d4aa4a4031d47610b39b774908bf49 Validity Not Before: Dec 23 07:00:32 2025 GMT Not After : Dec 24 07:00:32 2025 GMT Subject: CN=306dcf5dc05b5629adfff498a266e1196e08485d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a3:4e:e4:dd:41:f5:92:96:e4:88:1e:25:fc: 85:24:33:d6:55:35:25:d4:75:42:a9:e9:0c:60:c3: e8:b4:93:a2:59:c8:0d:48:cf:57:cb:1b:06:48:17: 0b:5a:d5:6b:5e:2d:13:0b:20:2d:07:8c:a0:d2:58: ea:58:3c:8a:2d:4a:7a:d2:6c:83:e4:ae:dc:64:b9: 91:da:57:2f:53:8f:9f:2c:db:22:8a:74:1b:27:45: ae:43:4d:ba:de:bc:21:c1:8f:82:94:8d:92:b4:05: 55:2b:24:9a:b2:bd:20:77:78:dd:1f:40:1a:12:eb: 1e:c9:36:49:2a:3a:c0:36:42:e8:eb:a0:e5:36:fb: 84:e9:04:d9:5d:7a:8b:63:dc:26:8d:6f:3a:49:49: 89:1a:d6:05:fc:a9:1f:93:5f:44:e7:18:a9:36:da: 54:6b:75:0c:43:9a:14:92:2c:58:44:0a:58:4b:e5: f8:7b:fd:34:11:fe:f4:38:d1:ec:5e:67:5b:6a:86: 2e:47:ad:f4:80:c6:63:c0:a4:ab:01:90:1e:62:8c: 3b:e8:07:e9:bd:b3:75:2a:05:c3:77:0e:96:e6:4b: d9:c1:b6:0d:62:0d:4b:7e:d3:4b:32:a6:ea:69:62: 6c:ce:3b:00:5e:db:75:18:2c:49:ca:04:d3:d4:af: ed:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:6D:CF:5D:C0:5B:56:29:AD:FF:F4:98:A2:66:E1:19:6E:08:48:5D X509v3 Authority Key Identifier: keyid:97:C0:0D:E0:07:D4:AA:4A:40:31:D4:76:10:B3:9B:77:49:08:BF:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:ae:85:f3:53:7f:cc:8f:ef:4e:3e:8e:58:2f:0c:a2:95:d3: 50:f0:6b:05:66:75:a1:63:64:31:75:3d:8c:90:da:8b:0f:3e: 1d:31:3a:93:c9:10:d1:7f:ce:94:ba:f3:9b:18:ab:82:9b:29: 70:a9:57:15:59:e2:d4:d0:ed:8c:8c:b5:29:8f:a5:71:1e:d1: 2b:4a:b1:4b:ea:51:97:b0:4b:21:1a:2c:30:d4:95:73:f1:76: de:a6:18:ff:5c:95:28:0e:47:8a:29:8d:ec:88:49:b8:19:5e: 2e:06:1a:36:ab:a7:c7:f3:e2:66:fd:df:8b:4e:f8:72:0d:b7: 59:85:3b:37:df:aa:f6:78:67:cd:8b:02:36:2b:26:f4:8b:bb: 86:47:c9:8c:9e:57:bc:dd:d4:d1:67:1f:89:bc:32:4a:38:4b: 52:05:33:f6:de:e4:51:b4:2d:68:71:15:53:aa:d3:b4:11:c5: c0:04:45:c5:70:ff:6b:3f:e4:57:bd:1b:9b:a7:bc:19:4d:70: 53:0b:04:87:fd:a1:be:ac:e8:db:02:01:18:07:a9:b0:e1:99: 2e:02:18:13:3d:09:15:90:c0:a8:1d:f3:a4:cc:85:57:e4:58: 6e:59:9a:fa:38:f6:ce:4d:4c:bb:63:57:ac:bc:c6:ef:59:5b: c8:21:c5:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKAnFQUxBQKg5Lk5KAFG2gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3YzAwZGUwMDdkNGFhNGE0MDMxZDQ3NjEwYjM5Yjc3NDkw OGJmNDkwHhcNMjUxMjIzMDcwMDMyWhcNMjUxMjI0MDcwMDMyWjAzMTEwLwYDVQQD EygzMDZkY2Y1ZGMwNWI1NjI5YWRmZmY0OThhMjY2ZTExOTZlMDg0ODVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKNO5N1B9ZKW5IgeJfyFJDPWVTUl 1HVCqekMYMPotJOiWcgNSM9XyxsGSBcLWtVrXi0TCyAtB4yg0ljqWDyKLUp60myD 5K7cZLmR2lcvU4+fLNsiinQbJ0WuQ0263rwhwY+ClI2StAVVKySasr0gd3jdH0Aa EuseyTZJKjrANkLo66DlNvuE6QTZXXqLY9wmjW86SUmJGtYF/Kkfk19E5xipNtpU a3UMQ5oUkixYRApYS+X4e/00Ef70ONHsXmdbaoYuR630gMZjwKSrAZAeYow76Afp vbN1KgXDdw6W5kvZwbYNYg1LftNLMqbqaWJszjsAXtt1GCxJygTT1K/tjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDBtz13AW1Yprf/0mKJm4RluCEhdMB8GA1UdIwQY MBaAFJfADeAH1KpKQDHUdhCzm3dJCL9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wMDc3YzUtZjBiZS00NjNmLWFiNzUt OGMzZGNjNDU5MDI2LzEvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8wMDc3YzUtZjBiZS00NjNmLWFiNzUtOGMzZGNjNDU5MDI2 LzEvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXK6F81N/ zI/vTj6OWC8MopXTUPBrBWZ1oWNkMXU9jJDaiw8+HTE6k8kQ0X/OlLrzmxirgpsp cKlXFVni1NDtjIy1KY+lcR7RK0qxS+pRl7BLIRosMNSVc/F23qYY/1yVKA5HiimN 7IhJuBleLgYaNqunx/PiZv3fi074cg23WYU7N9+q9nhnzYsCNism9Iu7hkfJjJ5X vN3U0WcfibwySjhLUgUz9t7kUbQtaHEVU6rTtBHFwARFxXD/az/kV70bm6e8GU1w UwsEh/2hvqzo2wIBGAepsOGZLgIYEz0JFZDAqB3zpMyFV+RYblma+jj2zk1Mu2NX rLzG71lbyCHFeQ== -----END CERTIFICATE-----Generated at Tue Dec 23 09:15:33 2025 by rpki-client