This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft File: lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json) Hash identifier: 87XDEFqw7ah2wjeAKimxrn7giHj0u+oESH5cxxXKmo8= Subject key identifier: 27:E4:8D:41:BB:8A:91:02:EC:FF:E0:A3:F7:04:69:38:7C:04:58:10 Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 Certificate issuer: /CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Certificate serial: 019B42B76E30D65E4FDCF1F8E2FB3058E18B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft Manifest number: 069F Signing time: Sun 21 Dec 2025 21:01:16 +0000 Manifest this update: Sun 21 Dec 2025 21:01:16 +0000 Manifest next update: Mon 22 Dec 2025 21:01:16 +0000 Files and hashes: 1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: W3hAumOfK0TvpUZ5VgePbK58RXcjq774cwEwDDbhiT4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:6e:30:d6:5e:4f:dc:f1:f8:e2:fb:30:58:e1:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Validity Not Before: Dec 21 21:01:16 2025 GMT Not After : Dec 22 21:01:16 2025 GMT Subject: CN=27e48d41bb8a9102ecffe0a3f70469387c045810 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:1c:dd:3e:bf:cf:49:75:94:f9:27:00:0e:c2: 3e:73:2a:f9:1f:cf:af:2f:50:48:33:b1:c1:2a:1c: 4f:05:67:cd:13:88:ab:77:43:27:10:b0:f7:02:c1: aa:cc:9f:78:3d:3a:3f:dc:bb:5d:be:a7:15:22:84: f7:ae:ae:f9:4b:80:dd:a7:5e:bd:ff:da:09:cc:f0: 6e:05:20:0e:8d:f0:87:0b:dd:71:d2:f6:be:69:a8: 11:29:75:7d:f7:cc:23:2b:a3:ce:a0:4d:51:ab:cb: 73:5e:54:8d:1b:70:dc:09:03:c8:c1:f8:43:ef:6e: 3e:b5:df:2f:26:78:8e:0e:45:63:cb:e9:25:bc:35: 80:ad:a8:80:d9:8e:b2:32:68:d8:52:56:d4:d5:6c: e0:13:af:09:eb:12:e3:75:7a:ad:7e:54:e8:a8:eb: 18:17:c7:77:94:9a:d7:0f:f9:ae:7b:01:21:21:23: ca:2b:aa:9e:88:36:f9:40:e9:1f:59:56:4a:c0:64: 7e:f4:76:b8:42:a3:41:be:49:27:86:b3:b7:4a:dc: a6:3e:e7:96:79:28:a8:3f:1f:ec:71:9e:8a:e6:18: 86:51:ee:f8:cf:cf:fd:ea:99:3e:cf:a1:7f:0a:98: 95:c9:ba:5b:b9:78:6f:39:fd:5b:fb:47:a5:ab:07: 06:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:E4:8D:41:BB:8A:91:02:EC:FF:E0:A3:F7:04:69:38:7C:04:58:10 X509v3 Authority Key Identifier: keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:01:1e:c1:67:db:9c:3e:d0:7e:65:61:e4:6c:3d:03:3d:77: 7c:90:df:b7:4b:71:bb:e9:29:0c:bb:62:27:10:28:44:45:b4: dc:48:00:5e:d6:e5:84:cb:88:8a:d4:18:b5:d0:3e:5d:09:e6: fb:11:08:c5:c1:6e:2b:a1:23:42:09:b8:c3:b5:da:65:72:32: 9a:eb:28:0d:fc:ce:4d:38:01:8f:98:6e:b2:02:94:48:67:c7: 20:aa:44:2a:81:64:9d:16:63:3d:c0:b9:5c:4f:4e:cd:4a:cc: 20:e6:22:2f:03:4f:1c:f3:20:74:7c:ff:ea:e3:f6:d0:e8:b9: 0f:f1:37:2e:73:21:99:c3:ab:3d:8f:db:bf:38:d4:41:00:e8: 15:9c:67:bf:a4:e2:55:71:ee:55:e1:c6:03:8b:b7:1d:28:8c: 2e:65:28:59:99:34:ac:29:87:c8:ed:40:40:62:48:d1:48:0d: 2b:7f:f9:41:6a:9e:c4:0b:2d:d0:11:b8:e1:fc:9d:9f:d9:e6: 7e:2f:d7:14:bf:d8:ae:af:9a:cb:38:7b:4d:7a:3b:f1:b7:ba: e0:ed:c5:6d:72:d1:ac:a9:15:05:2e:04:87:5c:16:25:75:cc: df:8e:23:3d:6f:33:b8:8a:4a:63:83:f1:29:3e:1d:df:b7:0a: b5:16:8d:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt24w1l5P3PH44vswWOGLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4 NjRhNzIwHhcNMjUxMjIxMjEwMTE2WhcNMjUxMjIyMjEwMTE2WjAzMTEwLwYDVQQD EygyN2U0OGQ0MWJiOGE5MTAyZWNmZmUwYTNmNzA0NjkzODdjMDQ1ODEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohzdPr/PSXWU+ScADsI+cyr5H8+v L1BIM7HBKhxPBWfNE4ird0MnELD3AsGqzJ94PTo/3LtdvqcVIoT3rq75S4Ddp169 /9oJzPBuBSAOjfCHC91x0va+aagRKXV998wjK6POoE1Rq8tzXlSNG3DcCQPIwfhD 724+td8vJniODkVjy+klvDWAraiA2Y6yMmjYUlbU1WzgE68J6xLjdXqtflToqOsY F8d3lJrXD/muewEhISPKK6qeiDb5QOkfWVZKwGR+9Ha4QqNBvkknhrO3StymPueW eSioPx/scZ6K5hiGUe74z8/96pk+z6F/CpiVybpbuXhvOf1b+0elqwcGuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCfkjUG7ipEC7P/go/cEaTh8BFgQMB8GA1UdIwQY MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwEewWfb nD7QfmVh5Gw9Az13fJDft0txu+kpDLtiJxAoREW03EgAXtblhMuIitQYtdA+XQnm +xEIxcFuK6EjQgm4w7XaZXIymusoDfzOTTgBj5husgKUSGfHIKpEKoFknRZjPcC5 XE9OzUrMIOYiLwNPHPMgdHz/6uP20Oi5D/E3LnMhmcOrPY/bvzjUQQDoFZxnv6Ti VXHuVeHGA4u3HSiMLmUoWZk0rCmHyO1AQGJI0UgNK3/5QWqexAst0BG44fydn9nm fi/XFL/Yrq+ayzh7TXo78be64O3FbXLRrKkVBS4Eh1wWJXXM344jPW8zuIpKY4Px KT4d37cKtRaNhQ== -----END CERTIFICATE-----Generated at Mon Dec 22 00:10:07 2025 by rpki-client