This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft File: lZCfz5xup2MAznHQlNMl9X1knL8.mft (raw, json) Hash identifier: q0wzOrtVUODAtG5qgem53WHpCf7PJ0Vh7TImalqZCyc= Subject key identifier: FB:F0:6C:73:34:97:3B:C1:94:A0:8E:A7:98:D3:B1:E8:10:9C:61:77 Authority key identifier: 95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF Certificate issuer: /CN=95909fcf9c6ea76300ce71d094d325f57d649cbf Certificate serial: 019B5B645E73AA6B21B98E56BE1FCCD51433 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft Manifest number: 14CF Signing time: Fri 26 Dec 2025 16:01:02 +0000 Manifest this update: Fri 26 Dec 2025 16:01:02 +0000 Manifest next update: Sat 27 Dec 2025 16:01:02 +0000 Files and hashes: 1: lZCfz5xup2MAznHQlNMl9X1knL8.crl (hash: LL1d8Pif3eW5vjvTEoX7fYjKmHIldw4VDj3yf/rOcEw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:64:5e:73:aa:6b:21:b9:8e:56:be:1f:cc:d5:14:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95909fcf9c6ea76300ce71d094d325f57d649cbf Validity Not Before: Dec 26 16:01:02 2025 GMT Not After : Dec 27 16:01:02 2025 GMT Subject: CN=fbf06c7334973bc194a08ea798d3b1e8109c6177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:16:05:16:97:d9:28:b9:4f:d4:b9:6c:38:59: ad:da:5f:a4:37:0f:f1:1a:48:11:68:7e:ed:6e:70: da:54:1e:c1:55:ab:32:4f:94:99:0e:51:bf:55:5d: c1:10:b6:9e:cf:15:dd:12:e7:42:dc:b3:2a:26:cd: cf:22:00:38:0b:df:80:68:99:0c:ec:6b:87:a6:70: f0:7e:2c:74:6c:8b:5a:0d:48:87:ae:18:3c:99:00: 4b:7b:1a:a6:1f:90:70:aa:42:0b:7c:65:1b:78:c8: 76:75:e9:e3:ed:89:3b:ef:ee:c5:c3:05:8f:97:e8: 20:e8:ed:6f:a1:6f:5c:e6:dc:b7:8d:b7:7b:f8:b6: 6c:37:d3:8b:c4:e7:1d:5d:3c:b1:44:5a:ea:4e:bf: 83:6d:b9:55:3a:c2:4a:48:1b:fb:96:e2:b6:e9:a3: b8:96:0f:d4:40:b6:1e:29:96:85:bf:ac:dd:b9:63: 0f:28:95:0b:3f:59:7c:61:df:63:ff:fa:e3:27:d0: 2a:53:7b:37:70:41:29:9b:c2:95:74:36:7f:ce:1b: fe:dd:04:dd:85:e7:bb:c7:2d:54:de:51:3d:3d:d1: e0:91:d4:b2:01:ce:91:fb:1a:c1:9f:97:89:cc:65: 39:33:a6:ee:68:01:05:1a:35:85:ac:6a:e4:b7:6c: 96:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F0:6C:73:34:97:3B:C1:94:A0:8E:A7:98:D3:B1:E8:10:9C:61:77 X509v3 Authority Key Identifier: keyid:95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:d6:f1:33:8c:79:a9:02:67:53:18:d6:04:a4:e0:38:b8:45: 50:c6:38:a5:c3:a2:a6:ce:83:95:18:3c:e9:fb:36:09:cb:78: a1:c0:25:12:91:76:06:5b:1a:3c:54:3c:cd:0d:93:3e:f4:b6: c7:31:de:18:c2:1d:0a:6a:9f:88:82:9b:03:b6:7b:2f:30:78: 47:52:64:35:79:90:42:77:71:d7:33:69:88:5a:86:c8:1e:54: 67:d4:38:27:3f:45:17:f8:7e:b2:65:07:1a:50:e4:91:2e:ab: ac:21:d1:46:56:25:10:f7:58:68:50:53:3f:02:6c:5a:1b:de: 7e:68:75:61:72:0d:2a:c9:27:e5:62:05:a8:f8:2e:8d:a6:e8: 4f:fc:12:1a:90:55:4a:bd:6c:ce:45:6b:8a:63:0e:da:41:ed: 83:f5:33:c4:71:4c:5e:3c:a8:58:1d:10:9e:80:8c:75:9b:51: 17:24:5e:83:62:b9:ad:e9:bc:e2:fc:56:34:54:62:8d:70:f6: 4a:4c:8f:2c:b0:c3:85:b5:9a:4e:8a:0a:95:df:f0:ce:be:bb: b3:75:36:77:06:42:fb:78:0a:ed:64:b8:88:ff:ef:96:63:b1: 5f:5b:4c:f9:75:f8:bb:a2:e2:fd:b6:d9:12:00:97:51:27:6b: 48:b1:0b:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbZF5zqmshuY5Wvh/M1RQzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1OTA5ZmNmOWM2ZWE3NjMwMGNlNzFkMDk0ZDMyNWY1N2Q2 NDljYmYwHhcNMjUxMjI2MTYwMTAyWhcNMjUxMjI3MTYwMTAyWjAzMTEwLwYDVQQD EyhmYmYwNmM3MzM0OTczYmMxOTRhMDhlYTc5OGQzYjFlODEwOWM2MTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RYFFpfZKLlP1LlsOFmt2l+kNw/x GkgRaH7tbnDaVB7BVasyT5SZDlG/VV3BELaezxXdEudC3LMqJs3PIgA4C9+AaJkM 7GuHpnDwfix0bItaDUiHrhg8mQBLexqmH5BwqkILfGUbeMh2denj7Yk77+7FwwWP l+gg6O1voW9c5ty3jbd7+LZsN9OLxOcdXTyxRFrqTr+DbblVOsJKSBv7luK26aO4 lg/UQLYeKZaFv6zduWMPKJULP1l8Yd9j//rjJ9AqU3s3cEEpm8KVdDZ/zhv+3QTd hee7xy1U3lE9PdHgkdSyAc6R+xrBn5eJzGU5M6buaAEFGjWFrGrkt2yWIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPvwbHM0lzvBlKCOp5jTsegQnGF3MB8GA1UdIwQY MBaAFJWQn8+cbqdjAM5x0JTTJfV9ZJy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGIt YTZlZWRmYTlhNGZjLzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGItYTZlZWRmYTlhNGZj LzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9bxM4x5 qQJnUxjWBKTgOLhFUMY4pcOips6DlRg86fs2Cct4ocAlEpF2BlsaPFQ8zQ2TPvS2 xzHeGMIdCmqfiIKbA7Z7LzB4R1JkNXmQQndx1zNpiFqGyB5UZ9Q4Jz9FF/h+smUH GlDkkS6rrCHRRlYlEPdYaFBTPwJsWhvefmh1YXINKskn5WIFqPgujaboT/wSGpBV Sr1szkVrimMO2kHtg/UzxHFMXjyoWB0QnoCMdZtRFyReg2K5rem84vxWNFRijXD2 SkyPLLDDhbWaTooKld/wzr67s3U2dwZC+3gK7WS4iP/vlmOxX1tM+XX4u6Li/bbZ EgCXUSdrSLELDw== -----END CERTIFICATE-----Generated at Fri Dec 26 23:10:17 2025 by rpki-client