This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft File: lmsFxmHHalvMSNqDju22lz8VO4Y.mft (raw, json) Hash identifier: lv4L1mgQR8jgfdNEJVHCZTJdkYaYyYa2635tOXayhxo= Subject key identifier: AE:F5:F5:2B:BD:76:B5:70:F8:B5:64:CA:84:A2:72:33:30:9E:42:D9 Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86 Certificate issuer: /CN=966b05c661c76a5bcc48da838eedb6973f153b86 Certificate serial: 019B427FF6E788D7C841DE67FEFA89641DC5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft Manifest number: 1790 Signing time: Sun 21 Dec 2025 20:00:41 +0000 Manifest this update: Sun 21 Dec 2025 20:00:41 +0000 Manifest next update: Mon 22 Dec 2025 20:00:41 +0000 Files and hashes: 1: lmsFxmHHalvMSNqDju22lz8VO4Y.crl (hash: LgqmD6xq9Bsv+o7LHLfecR3Q3/f1zPJEqj43ALNoZ6g=) 2: vW8nbP0mTPSGV0n46D4WrlPJlkA.roa (hash: FBmE53kvVV07M6urD1OzTmvwStXQDG55TxBqouWfpJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 20:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:7f:f6:e7:88:d7:c8:41:de:67:fe:fa:89:64:1d:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86 Validity Not Before: Dec 21 20:00:41 2025 GMT Not After : Dec 22 20:00:41 2025 GMT Subject: CN=aef5f52bbd76b570f8b564ca84a27233309e42d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b9:5e:40:34:9a:8e:f4:f3:cb:dd:ec:62:d4: c4:c1:e1:6b:ac:01:d2:7b:85:ec:a9:2a:34:79:df: 2e:10:de:8a:b8:0d:5d:cd:a5:0f:93:00:ed:1a:9b: 0e:5b:45:8e:01:19:d1:a4:ba:63:54:93:83:f3:bd: b3:4c:60:19:e0:d7:8b:69:d4:1a:98:68:92:35:1e: e3:10:7e:18:66:a9:d1:f2:96:2f:52:4f:ce:4f:b2: cb:4b:6c:e8:d1:df:25:be:3d:9a:ef:ad:d5:f0:e7: 36:63:44:71:54:ca:04:71:51:a2:37:72:33:6e:da: 77:8b:01:f2:14:4c:f8:db:f7:db:b3:b7:7e:e3:dc: 33:62:0d:24:ae:6d:52:ad:88:90:48:38:eb:36:cf: 6f:a9:8d:c9:a9:dd:1b:a8:d4:2f:db:de:95:b5:1f: 18:ad:f8:74:6f:d1:11:73:ff:ef:a8:5f:45:48:7b: 2f:cc:71:1c:67:ac:e7:0a:8d:fc:81:df:f7:7c:67: a3:d1:30:55:dc:64:01:b8:ca:ca:af:0e:a8:84:b3: f7:f2:35:1f:87:47:58:15:8c:82:59:e5:ec:8c:e3: a1:7c:4d:9f:46:52:b2:67:ab:4f:20:2b:f1:8c:09: a0:db:66:5d:54:86:ca:53:4a:ec:63:e1:98:3e:92: 14:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:F5:F5:2B:BD:76:B5:70:F8:B5:64:CA:84:A2:72:33:30:9E:42:D9 X509v3 Authority Key Identifier: keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:2e:d7:a8:c0:57:76:9b:df:45:cb:53:4e:29:d6:69:f0:2b: 73:c9:8b:83:ae:bf:29:47:a9:1a:20:fd:e0:b6:92:73:86:9a: 78:ef:65:d6:da:da:60:66:4b:fe:bf:d0:1c:d7:91:b9:40:7b: e0:75:0b:08:17:4d:96:63:36:5a:62:70:06:64:d8:6a:ef:e7: db:85:6f:70:c6:3b:0d:6f:dc:77:d3:9a:83:58:f7:d1:0e:7a: 07:c7:63:70:64:3d:a1:d3:96:47:40:40:49:6e:e6:4f:2b:f3: 7f:5f:c9:4d:1a:02:03:30:eb:d7:00:bc:d7:64:66:cc:d3:72: 60:f5:86:4f:53:10:b7:27:24:ef:60:fe:d9:1e:cf:18:8f:17: ff:da:80:9d:dc:3b:b9:40:8a:2f:14:52:c5:67:87:f7:c8:01: 43:57:c2:1c:ba:3a:b8:75:70:2c:77:9c:c9:2a:ab:87:e3:b6: 11:3f:eb:4d:3e:18:ca:bf:6c:be:34:02:10:26:41:73:4f:54: 11:51:8a:9d:2f:e7:df:a0:c3:c6:07:f4:5c:bf:14:a1:64:0e: 65:be:40:9c:42:f8:77:8a:bb:f5:4b:7a:e5:9e:b2:bb:36:75: e6:aa:43:0d:41:20:8c:f1:60:07:c6:19:54:60:ec:90:cd:c2: 4b:87:75:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCf/bniNfIQd5n/vqJZB3FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx NTNiODYwHhcNMjUxMjIxMjAwMDQxWhcNMjUxMjIyMjAwMDQxWjAzMTEwLwYDVQQD EyhhZWY1ZjUyYmJkNzZiNTcwZjhiNTY0Y2E4NGEyNzIzMzMwOWU0MmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7leQDSajvTzy93sYtTEweFrrAHS e4XsqSo0ed8uEN6KuA1dzaUPkwDtGpsOW0WOARnRpLpjVJOD872zTGAZ4NeLadQa mGiSNR7jEH4YZqnR8pYvUk/OT7LLS2zo0d8lvj2a763V8Oc2Y0RxVMoEcVGiN3Iz btp3iwHyFEz42/fbs7d+49wzYg0krm1SrYiQSDjrNs9vqY3Jqd0bqNQv296VtR8Y rfh0b9ERc//vqF9FSHsvzHEcZ6znCo38gd/3fGej0TBV3GQBuMrKrw6ohLP38jUf h0dYFYyCWeXsjOOhfE2fRlKyZ6tPICvxjAmg22ZdVIbKU0rsY+GYPpIUsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK719Su9drVw+LVkyoSicjMwnkLZMB8GA1UdIwQY MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt ZTNjMmYzMmNmM2I3LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3 LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASC7XqMBX dpvfRctTTinWafArc8mLg66/KUepGiD94LaSc4aaeO9l1traYGZL/r/QHNeRuUB7 4HULCBdNlmM2WmJwBmTYau/n24VvcMY7DW/cd9Oag1j30Q56B8djcGQ9odOWR0BA SW7mTyvzf1/JTRoCAzDr1wC812RmzNNyYPWGT1MQtyck72D+2R7PGI8X/9qAndw7 uUCKLxRSxWeH98gBQ1fCHLo6uHVwLHecySqrh+O2ET/rTT4Yyr9svjQCECZBc09U EVGKnS/n36DDxgf0XL8UoWQOZb5AnEL4d4q79Ut65Z6yuzZ15qpDDUEgjPFgB8YZ VGDskM3CS4d1cA== -----END CERTIFICATE-----Generated at Mon Dec 22 03:58:57 2025 by rpki-client