This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft File: lQ8oTPXDnybd0jUufyrfeo3GD44.mft (raw, json) Hash identifier: HZn8PyVzYBew1m+Tie/9R/xzhOGip4txgKrvC6C/+z8= Subject key identifier: AF:84:3A:DE:2A:BF:DF:6D:F1:27:07:20:2E:67:44:30:2D:96:16:D4 Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e Certificate serial: 019B54F43864C5D45C2C2AFF66C77621836B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft Manifest number: 0D90 Signing time: Thu 25 Dec 2025 10:00:49 +0000 Manifest this update: Thu 25 Dec 2025 10:00:49 +0000 Manifest next update: Fri 26 Dec 2025 10:00:49 +0000 Files and hashes: 1: CIXcSM8wlZUJc9_olM2z-Sxe_fI.roa (hash: mDiY7MPNQSCh1DaHA5s1SG/E+/9GUkWw11IjIEdP7WU=) 2: lQ8oTPXDnybd0jUufyrfeo3GD44.crl (hash: Xa+IlNYeFh2LsGU5aWozW96VKYh8jMeMbxskoBuBMtQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:f4:38:64:c5:d4:5c:2c:2a:ff:66:c7:76:21:83:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e Validity Not Before: Dec 25 10:00:49 2025 GMT Not After : Dec 26 10:00:49 2025 GMT Subject: CN=af843ade2abfdf6df12707202e6744302d9616d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:83:69:27:8d:ed:33:ab:80:ea:fb:86:78:98: e0:b6:0b:7c:7c:40:d5:94:8d:72:3c:d8:24:6b:13: d6:6b:00:f3:fc:c4:db:55:3b:94:7c:7b:02:53:20: 53:42:c7:d0:3b:82:a3:b5:2a:5c:ed:91:3a:9a:0e: 31:b0:9d:eb:61:72:53:9d:de:ff:25:e2:bb:cb:b7: ea:cd:3c:8f:ef:b4:9b:15:29:a6:49:62:6d:47:6c: 3c:2b:1d:c4:97:56:b5:98:85:69:88:b5:1f:3b:fb: c0:9b:37:a3:d1:7c:c4:47:ad:42:21:92:69:40:ba: d9:b7:e3:38:ad:e1:d1:7a:17:07:ff:7a:a8:25:21: 2b:1b:68:3f:26:9b:49:37:a1:84:be:e8:9a:05:61: 42:14:a8:57:56:9e:92:68:91:02:ae:0c:5b:b2:b1: e4:f7:2e:9d:c8:3c:c4:e1:bb:53:17:30:ba:c6:c1: cc:6e:d5:4d:5f:6e:99:a6:2e:a5:88:b7:7c:85:9e: a2:67:ea:db:e9:32:8b:58:8c:bb:57:6a:5c:57:23: 12:39:39:77:01:c4:8f:d8:1e:a8:1d:10:87:c5:cd: 2e:51:aa:6c:bc:2f:b5:60:81:7b:1d:b4:f6:8e:c5: 55:44:0a:60:ed:98:9c:73:c3:eb:ac:9d:70:6d:fb: 11:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:84:3A:DE:2A:BF:DF:6D:F1:27:07:20:2E:67:44:30:2D:96:16:D4 X509v3 Authority Key Identifier: keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:cb:ef:98:c8:60:aa:27:70:e3:90:ba:8c:41:57:f3:cf:a3: 65:0b:4d:b6:ee:c5:34:85:3d:c9:df:49:fc:07:fe:87:02:1e: 8e:59:00:8b:dd:1c:ef:d5:63:29:82:bf:d2:f1:ea:5d:8d:cb: c8:52:96:4d:59:57:bd:91:27:68:c3:3b:85:3d:2c:c1:3e:a3: c4:8c:ef:92:bd:c1:ef:80:aa:ed:36:de:fa:04:24:43:7a:5e: c8:6f:36:d8:63:9b:18:55:cc:de:4e:e0:96:8b:44:50:3d:d4: bd:29:8f:0c:70:de:dc:20:cc:d9:91:29:a8:5d:9d:0f:dd:69: 11:a4:13:8f:99:2b:68:11:10:87:67:cf:3b:03:c4:8f:fb:09: 44:5e:de:e3:08:73:d1:3f:07:32:ad:3a:cf:e0:ea:af:e2:ce: 81:11:90:c3:59:0b:c1:92:65:e2:ad:fd:b7:fc:80:b4:f3:85: f0:43:61:8b:7e:a2:05:a3:41:62:78:f6:87:d6:b7:a4:93:71: fa:65:c7:6b:9f:fc:32:2b:39:a7:0d:cb:a6:e7:13:63:83:28: 11:88:50:d7:c5:31:74:d5:9f:b7:e8:c5:5b:e7:67:84:f0:8a: 32:c9:64:41:f7:a6:83:04:93:4b:60:72:89:89:72:d7:8d:f3: e9:77:17:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtU9DhkxdRcLCr/Zsd2IYNrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj NjBmOGUwHhcNMjUxMjI1MTAwMDQ5WhcNMjUxMjI2MTAwMDQ5WjAzMTEwLwYDVQQD EyhhZjg0M2FkZTJhYmZkZjZkZjEyNzA3MjAyZTY3NDQzMDJkOTYxNmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYNpJ43tM6uA6vuGeJjgtgt8fEDV lI1yPNgkaxPWawDz/MTbVTuUfHsCUyBTQsfQO4KjtSpc7ZE6mg4xsJ3rYXJTnd7/ JeK7y7fqzTyP77SbFSmmSWJtR2w8Kx3El1a1mIVpiLUfO/vAmzej0XzER61CIZJp QLrZt+M4reHRehcH/3qoJSErG2g/JptJN6GEvuiaBWFCFKhXVp6SaJECrgxbsrHk 9y6dyDzE4btTFzC6xsHMbtVNX26Zpi6liLd8hZ6iZ+rb6TKLWIy7V2pcVyMSOTl3 AcSP2B6oHRCHxc0uUapsvC+1YIF7HbT2jsVVRApg7Zicc8PrrJ1wbfsRBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+EOt4qv99t8ScHIC5nRDAtlhbUMB8GA1UdIwQY MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt ZmEyZjBkNTRiMWQxLzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZsvvmMhg qidw45C6jEFX88+jZQtNtu7FNIU9yd9J/Af+hwIejlkAi90c79VjKYK/0vHqXY3L yFKWTVlXvZEnaMM7hT0swT6jxIzvkr3B74Cq7Tbe+gQkQ3peyG822GObGFXM3k7g lotEUD3UvSmPDHDe3CDM2ZEpqF2dD91pEaQTj5kraBEQh2fPOwPEj/sJRF7e4whz 0T8HMq06z+Dqr+LOgRGQw1kLwZJl4q39t/yAtPOF8ENhi36iBaNBYnj2h9a3pJNx +mXHa5/8Mis5pw3LpucTY4MoEYhQ18UxdNWft+jFW+dnhPCKMslkQfemgwSTS2By iYly143z6XcXWg== -----END CERTIFICATE-----Generated at Thu Dec 25 19:38:56 2025 by rpki-client