This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft File: ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json) Hash identifier: kspyRY7OcYEGxC/F2LB0yBFlIgC0Iud+8yEoz6J/cSY= Subject key identifier: CC:45:B0:DA:DA:21:F3:A2:43:15:57:5B:AD:88:D9:6D:15:51:23:87 Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A Certificate issuer: /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a Certificate serial: 019B3A90FDDAD6A80B4197B0FA31BFE74CA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft Manifest number: 13F7 Signing time: Sat 20 Dec 2025 07:02:19 +0000 Manifest this update: Sat 20 Dec 2025 07:02:19 +0000 Manifest next update: Sun 21 Dec 2025 07:02:19 +0000 Files and hashes: 1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: KYZK8TjKbmR4imtjUw3WtEm5FuK1qZi/TM7qOEk8UkQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:fd:da:d6:a8:0b:41:97:b0:fa:31:bf:e7:4c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a Validity Not Before: Dec 20 07:02:19 2025 GMT Not After : Dec 21 07:02:19 2025 GMT Subject: CN=cc45b0dada21f3a24315575bad88d96d15512387 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:8d:41:2b:35:3e:85:e9:bd:78:07:e1:af:c3: 43:6c:db:51:f2:f9:ab:2b:0e:64:9b:68:84:17:be: 58:fb:a4:fa:c4:63:af:d1:c3:97:f9:07:79:a3:59: 6c:e3:2f:4a:c2:f9:1b:e9:dd:e2:51:32:b6:f6:a5: b4:bd:58:19:06:77:bb:1c:c8:1d:cd:07:f9:95:d4: 91:d6:e5:34:2b:3c:76:df:a5:05:cc:6c:84:87:84: 24:44:7a:9d:b4:80:a4:e5:c1:60:03:8c:8a:98:ea: 66:90:29:82:64:83:43:d3:42:4f:78:c0:e0:f2:0a: 9a:14:f9:62:66:85:36:cd:ce:f4:dc:d9:ce:7d:1f: c3:76:af:e1:c6:4a:bf:0c:28:2f:e1:9a:f1:99:8a: a7:ea:44:5f:95:a2:5a:1f:8b:2e:fb:4a:b0:97:61: d4:12:da:34:76:9d:e8:69:05:a6:9a:88:e0:07:b5: 7d:7c:88:23:de:84:0a:88:1b:3e:65:fe:20:64:da: c7:84:95:69:5c:c6:c1:9a:83:14:8d:a6:fc:f5:16: e5:7f:47:ae:ac:c2:6a:7f:b8:87:9c:d6:96:57:7c: 03:bd:b5:88:31:ce:e9:1a:7c:0d:04:6b:65:1a:da: 0f:01:22:b2:bb:92:a6:b9:d6:cc:f3:9f:ef:41:15: dc:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:45:B0:DA:DA:21:F3:A2:43:15:57:5B:AD:88:D9:6D:15:51:23:87 X509v3 Authority Key Identifier: keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:b8:d5:90:fb:09:a9:e4:c1:2c:3c:ed:40:20:e8:12:05:15: 0c:ec:93:0e:dd:2e:d4:ef:aa:81:9d:fd:f8:44:8e:a0:66:18: 1e:42:88:e5:b4:fa:8a:fd:c4:0e:b4:42:38:88:06:3f:82:92: c3:58:3a:1f:97:c8:9b:d9:b6:57:89:62:26:c4:8a:55:f8:5a: 5f:41:05:2f:92:2b:57:33:8e:b9:3a:69:e3:92:d9:06:ef:cc: 21:db:d5:0c:dc:bc:36:0a:94:89:c8:e6:06:35:e5:dc:4f:6b: 40:b1:32:ff:30:1a:cd:26:d8:d3:f5:39:81:71:24:80:0f:93: b8:2d:db:fa:5f:cc:c8:4f:ed:52:ea:7d:17:d7:f7:0c:67:41: ca:f2:c5:ad:c4:a8:2d:86:73:5a:f4:ee:82:b6:d2:8a:64:7b: 64:63:fc:62:d9:a9:84:bb:f4:f5:a4:cd:d8:d1:bd:c6:e3:15: 16:d0:30:2d:cd:62:64:2e:bd:61:77:d3:9d:f9:f7:43:be:02: d2:0a:13:d2:97:5a:55:8f:f7:82:98:73:8f:20:f3:3e:00:4c: b2:5c:a4:18:fb:8d:bc:a0:a7:34:d5:a9:9f:22:3d:6c:75:e3: 5a:b1:4a:3b:bb:26:05:4b:ab:cc:39:54:2b:fd:48:d1:d4:40: c5:a1:7f:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kP3a1qgLQZew+jG/50yhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi NzgzOWEwHhcNMjUxMjIwMDcwMjE5WhcNMjUxMjIxMDcwMjE5WjAzMTEwLwYDVQQD EyhjYzQ1YjBkYWRhMjFmM2EyNDMxNTU3NWJhZDg4ZDk2ZDE1NTEyMzg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o1BKzU+hem9eAfhr8NDbNtR8vmr Kw5km2iEF75Y+6T6xGOv0cOX+Qd5o1ls4y9Kwvkb6d3iUTK29qW0vVgZBne7HMgd zQf5ldSR1uU0Kzx236UFzGyEh4QkRHqdtICk5cFgA4yKmOpmkCmCZIND00JPeMDg 8gqaFPliZoU2zc703NnOfR/Ddq/hxkq/DCgv4ZrxmYqn6kRflaJaH4su+0qwl2HU Eto0dp3oaQWmmojgB7V9fIgj3oQKiBs+Zf4gZNrHhJVpXMbBmoMUjab89Rblf0eu rMJqf7iHnNaWV3wDvbWIMc7pGnwNBGtlGtoPASKyu5KmudbM85/vQRXcUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMxFsNraIfOiQxVXW62I2W0VUSOHMB8GA1UdIwQY MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7jVkPsJ qeTBLDztQCDoEgUVDOyTDt0u1O+qgZ39+ESOoGYYHkKI5bT6iv3EDrRCOIgGP4KS w1g6H5fIm9m2V4liJsSKVfhaX0EFL5IrVzOOuTpp45LZBu/MIdvVDNy8NgqUicjm BjXl3E9rQLEy/zAazSbY0/U5gXEkgA+TuC3b+l/MyE/tUup9F9f3DGdByvLFrcSo LYZzWvTugrbSimR7ZGP8YtmphLv09aTN2NG9xuMVFtAwLc1iZC69YXfTnfn3Q74C 0goT0pdaVY/3gphzjyDzPgBMslykGPuNvKCnNNWpnyI9bHXjWrFKO7smBUurzDlU K/1I0dRAxaF/4w== -----END CERTIFICATE-----Generated at Sat Dec 20 09:05:26 2025 by rpki-client