This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft File: lJQumzXZGQbREkXXO9WM3Y7KSdE.mft (raw, json) Hash identifier: m95ENRVUmb1AKdcpjfuVRIR3oQ64OKLmCjwUuBhXTe8= Subject key identifier: 93:39:0B:B9:6B:6D:84:85:52:B1:88:96:A0:9F:B9:B9:4F:F8:59:86 Authority key identifier: 94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 Certificate issuer: /CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Certificate serial: 019B3E6D5291BDB294C348EF2F3ADEEDB9E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft Manifest number: 16E0 Signing time: Sun 21 Dec 2025 01:01:50 +0000 Manifest this update: Sun 21 Dec 2025 01:01:50 +0000 Manifest next update: Mon 22 Dec 2025 01:01:50 +0000 Files and hashes: 1: V6dzQYTukirsU-gqtCUSWtxmwyw.roa (hash: TAhPxTUSZwI4JsrpdkkvjRG18+wELOBapOWsonm/zpw=) 2: lJQumzXZGQbREkXXO9WM3Y7KSdE.crl (hash: lx5CKsms/AMcx9c8Pt7WMxgxx0Cct/3tvqf03PV/LZg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:52:91:bd:b2:94:c3:48:ef:2f:3a:de:ed:b9:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Validity Not Before: Dec 21 01:01:50 2025 GMT Not After : Dec 22 01:01:50 2025 GMT Subject: CN=93390bb96b6d848552b18896a09fb9b94ff85986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d5:d4:a2:ae:6c:96:6d:ba:a0:81:ce:15:ee: d3:1d:61:ad:69:81:ed:a3:c0:39:15:68:ed:71:41: 62:47:7c:1e:e1:6c:27:71:e2:85:f9:7c:46:02:76: a0:d3:1c:66:a2:22:c2:a7:d9:5d:34:b0:1d:c0:a0: b7:00:ee:39:28:99:89:ab:2b:85:3b:a5:1b:c3:df: 57:45:33:8a:8d:c3:16:01:ac:08:e4:71:d4:d7:f5: 28:d0:d3:44:7a:e0:64:c2:89:9d:dc:2f:cd:3a:e4: c6:14:0f:06:90:f2:2b:71:a3:71:de:6b:74:a9:00: 1e:2f:87:88:29:6f:79:9c:b4:67:65:50:36:ff:4d: 00:18:89:f2:a9:43:ae:8c:60:ef:2b:a1:8c:a3:b8: ad:c3:c8:c2:76:7b:35:ca:27:bc:53:d1:f9:ee:a2: 73:d3:5d:a8:db:73:13:34:7a:2b:f7:54:c3:25:df: cc:f8:8b:ef:31:fa:e0:60:61:53:a8:1d:3e:1f:3c: 9a:55:5b:62:2d:5d:cf:45:bf:43:74:3d:45:fb:7c: b0:e2:cb:77:1c:33:8f:28:bc:2c:cc:d0:19:ce:6a: 23:7f:89:f1:93:07:06:c3:97:ba:cd:f4:c0:69:b3: d5:e4:48:06:6d:91:94:f2:2d:d9:d3:71:ba:ec:34: 8d:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:39:0B:B9:6B:6D:84:85:52:B1:88:96:A0:9F:B9:B9:4F:F8:59:86 X509v3 Authority Key Identifier: keyid:94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:93:94:6d:6c:19:09:a0:b0:f1:c3:59:2d:a0:6f:54:46:ff: 0b:ff:7a:6f:d4:92:4a:fd:5f:94:2a:0f:52:7b:88:2f:b6:70: 45:56:9b:4c:a5:a3:38:50:f1:7e:1a:90:1f:6a:37:10:51:71: 84:fb:78:d7:ec:ee:7c:41:b1:f2:3a:7f:1d:18:ae:9a:16:37: 6a:b3:47:e3:b1:6c:43:27:44:6e:7f:f8:d1:61:b1:2d:1b:29: 5e:3f:15:20:41:7f:51:5f:9e:e2:53:76:64:44:79:97:2b:60: 85:03:ab:ba:4c:e8:c4:e3:1a:21:ad:2c:a6:9a:c4:4f:3d:ea: 38:2b:11:f4:e3:d3:60:7a:32:7a:71:ab:53:2e:4e:92:a4:5d: b0:81:0e:29:92:65:27:10:20:79:b1:4c:7e:74:02:ed:7e:8e: cb:70:7b:b7:84:12:c2:75:de:0c:3d:b1:d6:af:58:82:2c:f3: 46:35:ba:3b:21:7d:81:d3:31:3f:2d:c6:92:c5:d9:d9:c8:f0: 3b:7c:63:d6:cf:f8:2e:e8:21:9d:24:a9:2f:e1:01:fc:3c:2d: 2d:b4:63:36:7b:2b:d6:10:79:d5:1c:68:6e:59:f4:30:6c:06: 02:03:79:02:53:b7:3b:3b:b3:89:a5:a4:10:c2:c9:73:3f:16: 1f:6f:72:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bVKRvbKUw0jvLzre7bnnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0OTQyZTliMzVkOTE5MDZkMTEyNDVkNzNiZDU4Y2RkOGVj YTQ5ZDEwHhcNMjUxMjIxMDEwMTUwWhcNMjUxMjIyMDEwMTUwWjAzMTEwLwYDVQQD Eyg5MzM5MGJiOTZiNmQ4NDg1NTJiMTg4OTZhMDlmYjliOTRmZjg1OTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtXUoq5slm26oIHOFe7THWGtaYHt o8A5FWjtcUFiR3we4WwnceKF+XxGAnag0xxmoiLCp9ldNLAdwKC3AO45KJmJqyuF O6Ubw99XRTOKjcMWAawI5HHU1/Uo0NNEeuBkwomd3C/NOuTGFA8GkPIrcaNx3mt0 qQAeL4eIKW95nLRnZVA2/00AGInyqUOujGDvK6GMo7itw8jCdns1yie8U9H57qJz 012o23MTNHor91TDJd/M+IvvMfrgYGFTqB0+HzyaVVtiLV3PRb9DdD1F+3yw4st3 HDOPKLwszNAZzmojf4nxkwcGw5e6zfTAabPV5EgGbZGU8i3Z03G67DSNlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJM5C7lrbYSFUrGIlqCfublP+FmGMB8GA1UdIwQY MBaAFJSULps12RkG0RJF1zvVjN2OyknRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMt MzJjMjBjYWYwOGVkLzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMtMzJjMjBjYWYwOGVk LzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZOUbWwZ CaCw8cNZLaBvVEb/C/96b9SSSv1flCoPUnuIL7ZwRVabTKWjOFDxfhqQH2o3EFFx hPt41+zufEGx8jp/HRiumhY3arNH47FsQydEbn/40WGxLRspXj8VIEF/UV+e4lN2 ZER5lytghQOrukzoxOMaIa0spprETz3qOCsR9OPTYHoyenGrUy5OkqRdsIEOKZJl JxAgebFMfnQC7X6Oy3B7t4QSwnXeDD2x1q9YgizzRjW6OyF9gdMxPy3GksXZ2cjw O3xj1s/4LughnSSpL+EB/DwtLbRjNnsr1hB51Rxobln0MGwGAgN5AlO3OzuziaWk EMLJcz8WH29ynA== -----END CERTIFICATE-----Generated at Sun Dec 21 03:25:19 2025 by rpki-client