This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft File: LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft (raw, json) Hash identifier: GyMJv93OSR9kHy08oOegAbJpgAw20vhmBiLtYStRotE= Subject key identifier: 0D:1F:54:F2:47:39:8A:F7:31:53:85:4B:2A:AC:DF:7E:89:A5:38:BB Authority key identifier: 2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42 Certificate issuer: /CN=2e1810d5c911b4a81073fae638971b577dd7a642 Certificate serial: 019B2B1C91953D617E006D72F046B2827F69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft Manifest number: 124B Signing time: Wed 17 Dec 2025 07:00:51 +0000 Manifest this update: Wed 17 Dec 2025 07:00:51 +0000 Manifest next update: Thu 18 Dec 2025 07:00:51 +0000 Files and hashes: 1: LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl (hash: xSstHVb2hnw08bMLxuvsPj/p8VVcHyh6xFF9ZXpi/d0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1c:91:95:3d:61:7e:00:6d:72:f0:46:b2:82:7f:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e1810d5c911b4a81073fae638971b577dd7a642 Validity Not Before: Dec 17 07:00:51 2025 GMT Not After : Dec 18 07:00:51 2025 GMT Subject: CN=0d1f54f247398af73153854b2aacdf7e89a538bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:78:e9:92:fb:49:12:37:e4:7d:2c:c9:25:bf: b2:27:4b:39:3b:30:2a:33:c0:25:cf:ab:f0:0f:9e: 58:77:2f:96:9b:84:ce:f7:63:d1:9f:dd:28:22:c9: 91:30:3e:7a:b3:93:45:52:8b:9d:c3:72:b0:3e:b8: d0:6a:f1:a3:22:4d:30:f0:2a:05:49:b1:c6:58:21: b0:28:2b:3a:ab:5d:9b:d1:35:24:3d:0b:5e:39:64: 08:f0:6c:34:24:9c:83:6a:80:30:ed:ab:dd:ad:08: 71:34:80:a0:74:04:95:7f:0a:19:52:15:45:b3:e6: 3c:27:2a:16:9e:e6:86:77:8a:4a:d5:c0:ae:88:92: 90:a6:27:cb:04:5b:d6:fe:54:b2:14:a7:7c:92:37: d2:54:d2:71:22:bc:6f:01:97:b8:9c:6e:ee:82:17: 34:26:ae:e2:24:3a:44:eb:a6:e4:46:2b:0c:e1:26: 91:89:fd:27:90:aa:1d:13:36:c5:92:f4:de:ad:fd: 27:fe:55:ad:5d:6a:ac:32:dd:7f:96:07:7c:8f:cb: a4:da:f0:b4:0e:e0:5a:36:69:dd:cf:03:7c:7c:63: b2:d6:6a:08:98:23:f4:6f:31:de:07:2b:80:83:2e: 3f:92:07:61:24:e5:45:17:3e:73:2a:b2:a1:1a:ab: a2:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:1F:54:F2:47:39:8A:F7:31:53:85:4B:2A:AC:DF:7E:89:A5:38:BB X509v3 Authority Key Identifier: keyid:2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:9d:f6:23:e4:14:8d:60:22:fe:a1:9b:51:9b:9d:01:8b:1b: a2:d3:cf:7d:a2:88:1d:28:d6:cb:24:17:28:c0:13:da:de:f4: e8:bf:70:ae:11:bf:dd:3e:a9:21:83:12:c4:a6:aa:be:6e:92: 17:c9:e8:5d:22:21:8c:5a:eb:d6:19:8f:d2:d0:15:b9:e7:0b: 52:ae:de:83:e2:fd:d2:57:c1:c5:e8:98:b0:7e:ea:55:2d:6d: 0f:50:1b:d8:91:87:55:6e:00:6e:01:0f:25:9f:bc:e2:10:14: fd:66:22:39:e9:36:0f:7e:1e:3e:3f:2c:60:18:37:2f:45:82: 60:1f:e6:3e:0c:6c:d4:6c:fe:bf:f8:34:47:68:98:9e:2f:73: 41:14:b3:95:bc:b5:3b:02:09:21:aa:30:1e:84:32:0a:1e:c6: 8c:c4:5f:64:53:ea:70:9b:04:68:8f:91:c1:b9:bf:7d:3f:6f: 7e:e0:0d:18:56:ea:5b:00:fa:1c:d6:eb:a2:57:bf:28:65:90: 82:b8:d6:52:ca:a5:de:e9:64:98:04:8b:4b:7e:c1:77:29:f0: c9:45:0a:b2:b5:ae:f7:6d:e8:c8:91:db:fe:6b:db:20:cc:b1: 95:eb:f5:91:8c:bb:53:15:19:f1:56:95:ed:d7:f5:93:56:88: 93:93:04:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHJGVPWF+AG1y8Eaygn9pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlMTgxMGQ1YzkxMWI0YTgxMDczZmFlNjM4OTcxYjU3N2Rk N2E2NDIwHhcNMjUxMjE3MDcwMDUxWhcNMjUxMjE4MDcwMDUxWjAzMTEwLwYDVQQD EygwZDFmNTRmMjQ3Mzk4YWY3MzE1Mzg1NGIyYWFjZGY3ZTg5YTUzOGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93jpkvtJEjfkfSzJJb+yJ0s5OzAq M8Alz6vwD55Ydy+Wm4TO92PRn90oIsmRMD56s5NFUoudw3KwPrjQavGjIk0w8CoF SbHGWCGwKCs6q12b0TUkPQteOWQI8Gw0JJyDaoAw7avdrQhxNICgdASVfwoZUhVF s+Y8JyoWnuaGd4pK1cCuiJKQpifLBFvW/lSyFKd8kjfSVNJxIrxvAZe4nG7ughc0 Jq7iJDpE66bkRisM4SaRif0nkKodEzbFkvTerf0n/lWtXWqsMt1/lgd8j8uk2vC0 DuBaNmndzwN8fGOy1moImCP0bzHeByuAgy4/kgdhJOVFFz5zKrKhGquiCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0fVPJHOYr3MVOFSyqs336JpTi7MB8GA1UdIwQY MBaAFC4YENXJEbSoEHP65jiXG1d916ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzIt ZGQyYTU4NGE2MmJiLzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzItZGQyYTU4NGE2MmJi LzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZ32I+QU jWAi/qGbUZudAYsbotPPfaKIHSjWyyQXKMAT2t706L9wrhG/3T6pIYMSxKaqvm6S F8noXSIhjFrr1hmP0tAVuecLUq7eg+L90lfBxeiYsH7qVS1tD1Ab2JGHVW4AbgEP JZ+84hAU/WYiOek2D34ePj8sYBg3L0WCYB/mPgxs1Gz+v/g0R2iYni9zQRSzlby1 OwIJIaowHoQyCh7GjMRfZFPqcJsEaI+Rwbm/fT9vfuANGFbqWwD6HNbrole/KGWQ grjWUsql3ulkmASLS37BdynwyUUKsrWu923oyJHb/mvbIMyxlev1kYy7UxUZ8VaV 7df1k1aIk5MEcQ== -----END CERTIFICATE-----Generated at Wed Dec 17 15:12:35 2025 by rpki-client