This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft File: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json) Hash identifier: PxxA8M92OlY3mnZ3spzRLmglV2pwNV/EWRrT1bToyyQ= Subject key identifier: DF:F0:30:E4:78:44:AB:6B:89:03:8D:D8:5E:1B:67:7E:70:A8:C9:02 Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C Certificate issuer: /CN=954cf721c08c8e9bc5242d56196677217350455c Certificate serial: 019B4A03753F39BB130011451DD17F3B50D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft Manifest number: 07AE Signing time: Tue 23 Dec 2025 07:01:39 +0000 Manifest this update: Tue 23 Dec 2025 07:01:39 +0000 Manifest next update: Wed 24 Dec 2025 07:01:39 +0000 Files and hashes: 1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: aKJQKSn3QSuYypYjGgzerCYSJb1vV+WKbAJwR0dQvks=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:75:3f:39:bb:13:00:11:45:1d:d1:7f:3b:50:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c Validity Not Before: Dec 23 07:01:39 2025 GMT Not After : Dec 24 07:01:39 2025 GMT Subject: CN=dff030e47844ab6b89038dd85e1b677e70a8c902 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:f0:cf:d1:fe:fd:5b:8d:3f:8f:94:6e:e5:70: be:ad:14:df:93:fd:2f:98:01:09:61:cb:09:1c:39: be:60:32:a0:bc:e1:60:19:1e:74:d8:74:da:8a:09: ba:45:ce:da:3e:5c:15:1b:b9:e5:bd:f5:b1:93:c0: 04:26:54:55:15:61:8e:54:ff:0d:0a:1d:d7:fd:1f: 3f:41:d9:4b:3e:02:c4:43:40:30:c0:e7:95:db:15: 8e:8a:f3:c9:59:ea:b5:43:48:d7:e1:3c:b9:0f:98: 77:e9:fe:f9:73:b0:d2:0b:98:36:52:1f:e7:bb:f8: 73:e8:0a:ba:34:2e:4e:b6:93:34:b2:7c:7a:c6:96: b7:be:66:32:18:28:06:f2:a7:a4:0c:66:4e:96:2f: 8e:8d:e8:c1:38:ed:1a:bd:c6:e5:98:50:a7:34:ab: f1:f1:84:b9:c1:87:42:d4:c6:00:76:b9:b5:4e:41: 78:c3:89:2e:4e:d3:ba:5a:ff:c0:08:5f:bd:d0:37: a5:f4:57:21:c7:e8:83:ae:a8:55:96:e6:c9:f7:81: 35:c3:60:5f:42:a6:a0:1d:b4:e4:ed:f3:63:64:ee: de:9f:16:53:50:3d:8f:e2:77:07:86:1d:20:6b:66: 0a:68:8c:27:a7:5f:1f:42:d2:2a:76:9d:53:d1:62: ef:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F0:30:E4:78:44:AB:6B:89:03:8D:D8:5E:1B:67:7E:70:A8:C9:02 X509v3 Authority Key Identifier: keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:c0:d4:eb:ee:56:ec:c6:62:38:ce:97:07:c2:68:05:93:64: ab:71:4e:b3:ea:18:ee:33:ef:47:1c:96:dd:dd:9f:21:46:5a: cb:84:4c:c3:d9:62:17:55:3b:cc:13:a9:22:11:9c:75:d9:b8: 60:d7:d7:ad:4a:29:b2:00:1a:6d:31:ec:0e:29:4f:35:ea:0e: cb:58:07:fb:ba:a9:36:05:27:5e:32:38:51:6c:b0:32:20:cb: 26:35:a6:bc:e3:39:81:91:96:9b:35:3d:9e:02:76:16:72:d7: 93:14:77:94:f5:17:50:9c:d4:99:27:f1:ea:31:96:5a:6b:2d: 42:7d:f2:7b:3b:f9:d2:f2:b7:44:96:81:96:87:49:06:c6:2f: 18:d2:b0:32:e5:bf:4a:85:b4:32:31:19:80:8c:58:5e:fb:e9: 01:63:b5:7d:2b:a4:36:7b:f0:56:9a:63:66:37:c6:83:9a:57: 63:04:f4:99:00:55:b8:f6:f9:d1:ef:c8:64:71:e4:46:5a:a7: 9c:6e:5b:23:45:46:37:b0:64:a9:bc:fb:f4:c9:64:ef:03:5a: c5:02:91:2c:4e:b6:c0:f6:3a:ab:fa:20:aa:31:0b:65:d5:a4: bf:63:81:21:3f:c6:65:68:79:1b:9b:23:2d:31:92:2e:c5:74: 7e:0b:d2:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA3U/ObsTABFFHdF/O1DQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1 MDQ1NWMwHhcNMjUxMjIzMDcwMTM5WhcNMjUxMjI0MDcwMTM5WjAzMTEwLwYDVQQD EyhkZmYwMzBlNDc4NDRhYjZiODkwMzhkZDg1ZTFiNjc3ZTcwYThjOTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fDP0f79W40/j5Ru5XC+rRTfk/0v mAEJYcsJHDm+YDKgvOFgGR502HTaigm6Rc7aPlwVG7nlvfWxk8AEJlRVFWGOVP8N Ch3X/R8/QdlLPgLEQ0AwwOeV2xWOivPJWeq1Q0jX4Ty5D5h36f75c7DSC5g2Uh/n u/hz6Aq6NC5OtpM0snx6xpa3vmYyGCgG8qekDGZOli+OjejBOO0avcblmFCnNKvx 8YS5wYdC1MYAdrm1TkF4w4kuTtO6Wv/ACF+90Del9Fchx+iDrqhVlubJ94E1w2Bf QqagHbTk7fNjZO7enxZTUD2P4ncHhh0ga2YKaIwnp18fQtIqdp1T0WLvPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/wMOR4RKtriQON2F4bZ35wqMkCMB8GA1UdIwQY MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMDU6+5W 7MZiOM6XB8JoBZNkq3FOs+oY7jPvRxyW3d2fIUZay4RMw9liF1U7zBOpIhGcddm4 YNfXrUopsgAabTHsDilPNeoOy1gH+7qpNgUnXjI4UWywMiDLJjWmvOM5gZGWmzU9 ngJ2FnLXkxR3lPUXUJzUmSfx6jGWWmstQn3yezv50vK3RJaBlodJBsYvGNKwMuW/ SoW0MjEZgIxYXvvpAWO1fSukNnvwVppjZjfGg5pXYwT0mQBVuPb50e/IZHHkRlqn nG5bI0VGN7Bkqbz79Mlk7wNaxQKRLE62wPY6q/ogqjELZdWkv2OBIT/GZWh5G5sj LTGSLsV0fgvSSA== -----END CERTIFICATE-----Generated at Tue Dec 23 10:46:53 2025 by rpki-client