This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft File: LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json) Hash identifier: i9HP0zQBoi3sk3j8h9JaWHBOIVkqUXQpqdT23AmxQi8= Subject key identifier: D8:7A:AA:C7:53:B3:82:1B:53:D2:18:32:46:BC:2E:38:4F:4A:D9:0F Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA Certificate issuer: /CN=2f325207d5cee0ecea99e4702453407b564c39ca Certificate serial: 019B51BD85D8BC2F6ECEE5A9556782B274A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft Manifest number: 178F Signing time: Wed 24 Dec 2025 19:02:13 +0000 Manifest this update: Wed 24 Dec 2025 19:02:13 +0000 Manifest next update: Thu 25 Dec 2025 19:02:13 +0000 Files and hashes: 1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: 7/tcZdIx704e8cjmPoZgbf8dhQ69Qj/7MOTmv5OYnEg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bd:85:d8:bc:2f:6e:ce:e5:a9:55:67:82:b2:74:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca Validity Not Before: Dec 24 19:02:13 2025 GMT Not After : Dec 25 19:02:13 2025 GMT Subject: CN=d87aaac753b3821b53d2183246bc2e384f4ad90f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:e5:82:14:58:b1:8b:dc:d9:75:cd:f7:16:44: b5:8c:5f:a0:d9:b8:74:4e:07:4d:51:27:71:9c:93: 1e:59:38:0a:7f:e1:57:c7:c5:4a:89:cc:d2:a8:d5: 81:a5:58:3d:3e:21:ad:54:26:25:d7:2b:a4:d5:e0: 20:86:dd:41:c9:9f:9a:85:ed:5a:e0:d8:07:ff:ef: b2:5c:40:6c:88:98:53:39:5d:c8:7c:ec:1b:fa:11: 52:2c:3a:4c:b0:58:49:f7:5e:25:d2:c1:bd:32:91: ae:25:57:db:f3:f5:19:2a:e7:f9:ca:8c:6e:14:fd: bb:86:91:67:33:d8:14:74:e2:9b:b6:fc:80:c9:ff: a9:2a:89:01:fa:e6:91:d7:26:70:15:3a:cf:30:41: 75:cb:e9:ac:91:d1:75:4b:fb:72:ea:ca:7f:f5:5e: 2d:65:a4:26:c1:ce:fe:61:4c:d7:1e:76:34:70:ec: 32:ce:90:0f:9c:ac:80:7e:34:49:33:b7:99:eb:4a: 29:dc:85:3b:2c:06:9a:cb:e7:af:d3:b2:e6:0e:e8: 1a:80:b0:5b:94:af:5b:69:3e:f7:96:c3:45:c2:08: 70:b9:23:39:ba:31:cd:c9:8e:b4:57:b8:3d:6a:72: 08:e0:ca:fc:6f:47:07:fd:35:c1:84:c9:55:34:1e: 5b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:7A:AA:C7:53:B3:82:1B:53:D2:18:32:46:BC:2E:38:4F:4A:D9:0F X509v3 Authority Key Identifier: keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:39:6f:60:20:b7:c6:d6:3f:84:00:19:e4:0e:0f:3b:60:26: 22:b6:1a:3d:a5:fe:1b:7e:dc:7f:90:44:e0:ac:39:2c:42:1a: 97:80:1f:a5:ff:cd:1d:b3:1f:10:b2:1d:27:28:2f:16:cb:0c: 3c:3c:c4:e8:e8:a5:05:95:42:5a:11:df:83:d7:66:c4:bc:9d: 3e:74:3e:4d:83:54:ef:a4:f5:08:c4:f1:47:d1:79:c9:54:d6: 0a:e1:76:d4:62:3d:57:01:48:18:f7:e5:a4:df:54:a0:57:d2: 31:95:5f:43:fa:37:0d:89:c8:d3:ea:02:6a:2f:12:98:82:f3: 60:9a:eb:fc:27:38:15:ca:27:e2:25:b4:4f:88:04:7c:36:b0: b1:93:75:f1:d7:82:9e:1c:fe:86:e5:0b:4a:76:4e:f2:1e:cd: 9f:fa:65:98:a6:c7:6c:01:f2:50:33:a0:65:c3:99:b6:60:37: ec:15:49:aa:de:2e:3c:01:ff:fb:90:7b:7d:73:35:28:4d:74: 7e:40:04:3d:c8:0c:9c:db:21:ce:53:26:6a:05:04:78:8a:f8: 57:38:d2:be:9b:2e:cf:2e:b9:bb:05:1d:6f:c5:b6:07:d3:c5: 7d:53:50:30:50:6a:01:e3:7f:11:06:36:22:ab:f2:e8:66:da: 50:4d:64:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvYXYvC9uzuWpVWeCsnSoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0 YzM5Y2EwHhcNMjUxMjI0MTkwMjEzWhcNMjUxMjI1MTkwMjEzWjAzMTEwLwYDVQQD EyhkODdhYWFjNzUzYjM4MjFiNTNkMjE4MzI0NmJjMmUzODRmNGFkOTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eWCFFixi9zZdc33FkS1jF+g2bh0 TgdNUSdxnJMeWTgKf+FXx8VKiczSqNWBpVg9PiGtVCYl1yuk1eAght1ByZ+ahe1a 4NgH/++yXEBsiJhTOV3IfOwb+hFSLDpMsFhJ914l0sG9MpGuJVfb8/UZKuf5yoxu FP27hpFnM9gUdOKbtvyAyf+pKokB+uaR1yZwFTrPMEF1y+mskdF1S/ty6sp/9V4t ZaQmwc7+YUzXHnY0cOwyzpAPnKyAfjRJM7eZ60op3IU7LAaay+ev07LmDugagLBb lK9baT73lsNFwghwuSM5ujHNyY60V7g9anII4Mr8b0cH/TXBhMlVNB5bLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNh6qsdTs4IbU9IYMka8LjhPStkPMB8GA1UdIwQY MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAETlvYCC3 xtY/hAAZ5A4PO2AmIrYaPaX+G37cf5BE4Kw5LEIal4Afpf/NHbMfELIdJygvFssM PDzE6OilBZVCWhHfg9dmxLydPnQ+TYNU76T1CMTxR9F5yVTWCuF21GI9VwFIGPfl pN9UoFfSMZVfQ/o3DYnI0+oCai8SmILzYJrr/Cc4Fcon4iW0T4gEfDawsZN18deC nhz+huULSnZO8h7Nn/plmKbHbAHyUDOgZcOZtmA37BVJqt4uPAH/+5B7fXM1KE10 fkAEPcgMnNshzlMmagUEeIr4VzjSvpsuzy65uwUdb8W2B9PFfVNQMFBqAeN/EQY2 Iqvy6GbaUE1kpg== -----END CERTIFICATE-----Generated at Wed Dec 24 20:32:11 2025 by rpki-client