This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.mft File: LdgAjePP9i0vrKENmf8gw-h43N8.mft (raw, json) Hash identifier: Tq80f+Fr5XtdR4UUinJZ8ViheY0cma3iuA/kq+jTG8k= Subject key identifier: CF:A4:3F:24:00:B0:ED:94:AD:C2:C7:2E:C0:10:0B:83:91:79:0D:43 Authority key identifier: 2D:D8:00:8D:E3:CF:F6:2D:2F:AC:A1:0D:99:FF:20:C3:E8:78:DC:DF Certificate issuer: /CN=2dd8008de3cff62d2faca10d99ff20c3e878dcdf Certificate serial: 019B612F1BE2E1AD8A2773C52D2B392A91C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdgAjePP9i0vrKENmf8gw-h43N8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.mft Manifest number: 065C Signing time: Sat 27 Dec 2025 19:00:35 +0000 Manifest this update: Sat 27 Dec 2025 19:00:35 +0000 Manifest next update: Sun 28 Dec 2025 19:00:35 +0000 Files and hashes: 1: LdgAjePP9i0vrKENmf8gw-h43N8.crl (hash: rx/G2MQUMyRe6LZwvKFl88G9h1++KMFpLfpRajlYRFA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.mft rsync://rpki.ripe.net/repository/DEFAULT/LdgAjePP9i0vrKENmf8gw-h43N8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:61:2f:1b:e2:e1:ad:8a:27:73:c5:2d:2b:39:2a:91:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2dd8008de3cff62d2faca10d99ff20c3e878dcdf Validity Not Before: Dec 27 19:00:35 2025 GMT Not After : Dec 28 19:00:35 2025 GMT Subject: CN=cfa43f2400b0ed94adc2c72ec0100b8391790d43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5d:56:87:58:12:5d:e2:97:06:46:fe:6f:0c: 2f:9e:2c:68:59:63:0e:31:80:f4:1b:5c:ec:e6:8d: 89:b6:87:c4:6e:47:68:99:a2:c6:31:81:f3:a7:6c: b3:b0:ca:d7:28:2b:62:12:da:e6:40:90:fc:79:5c: 69:fd:4b:6d:f0:a8:93:e9:18:f1:0c:d7:37:c6:8a: 3f:ae:b8:9b:4d:f0:81:30:54:2e:a0:5f:c9:b1:c6: 59:3b:bf:66:74:11:ed:6d:c5:ea:c7:05:b6:c1:b3: cf:76:cb:7e:4a:c4:76:76:49:38:3c:03:c9:b9:d3: a5:d1:39:74:a0:08:2d:2b:24:da:a0:de:0f:24:cb: 75:7d:76:e0:82:6f:4c:9f:0b:20:11:98:9d:77:c9: bb:45:2a:a0:70:e7:2c:23:e1:7c:24:ad:cc:be:0f: 3c:14:c4:31:85:ee:76:f6:fa:8e:78:d0:af:e9:a6: 97:76:bc:f2:8f:19:73:0b:c9:76:eb:e8:64:37:f9: c6:6f:8b:f2:ab:f2:4d:4b:a5:74:dc:96:ed:b8:28: 69:b8:c6:cb:0f:42:ee:14:ec:0e:bf:31:18:d1:d3: d7:49:5d:75:33:aa:cc:e3:b0:ea:54:5b:08:2c:92: a3:85:de:6d:3c:38:b6:93:1a:db:42:c0:4c:1d:61: 30:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:A4:3F:24:00:B0:ED:94:AD:C2:C7:2E:C0:10:0B:83:91:79:0D:43 X509v3 Authority Key Identifier: keyid:2D:D8:00:8D:E3:CF:F6:2D:2F:AC:A1:0D:99:FF:20:C3:E8:78:DC:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdgAjePP9i0vrKENmf8gw-h43N8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e67956-de18-40c4-b013-951e5afae9e7/1/LdgAjePP9i0vrKENmf8gw-h43N8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:4a:e6:a0:34:7a:52:fc:6a:d0:d5:60:8a:d7:77:59:d5:fb: 47:ec:3d:0a:ee:75:f3:51:00:9d:28:77:86:1a:2e:ba:12:4e: 28:a0:ed:5d:b4:e7:9c:47:f6:7b:d0:b2:c0:28:94:22:64:f6: fd:0c:3a:a0:be:99:b4:e4:4c:83:8c:1b:4c:6e:99:bb:d9:0a: 65:fb:5f:54:c1:82:47:be:58:20:30:58:4e:88:f8:87:9e:0a: 22:31:18:74:43:ed:ca:03:aa:60:b2:5c:2a:16:bc:6f:78:df: 78:1c:7f:35:0b:45:05:2a:a6:e4:74:36:a2:d3:ba:54:e6:fd: cf:93:5d:44:b4:e6:7a:ad:ea:1b:1c:42:d0:03:04:6e:ec:41: 46:0b:b0:57:66:5a:da:c6:60:f9:58:a6:df:3f:7d:eb:d6:38: 10:58:88:8e:c3:0a:76:6b:7a:2d:b8:de:ef:af:a9:22:90:46: fc:02:4e:03:86:9e:47:51:ba:8c:f9:0c:df:47:20:49:97:ee: 5d:0f:15:fc:cb:0a:43:4e:e9:52:c4:93:4c:66:b6:54:92:0d: cf:41:57:5c:65:ca:a8:2f:e2:ea:87:a8:91:99:55:10:af:4f: 28:c8:bb:8a:cb:a2:81:41:ba:79:a6:71:dc:27:42:c9:f4:db: c4:e7:54:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZthLxvi4a2KJ3PFLSs5KpHAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZDgwMDhkZTNjZmY2MmQyZmFjYTEwZDk5ZmYyMGMzZTg3 OGRjZGYwHhcNMjUxMjI3MTkwMDM1WhcNMjUxMjI4MTkwMDM1WjAzMTEwLwYDVQQD EyhjZmE0M2YyNDAwYjBlZDk0YWRjMmM3MmVjMDEwMGI4MzkxNzkwZDQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV1Wh1gSXeKXBkb+bwwvnixoWWMO MYD0G1zs5o2JtofEbkdomaLGMYHzp2yzsMrXKCtiEtrmQJD8eVxp/Utt8KiT6Rjx DNc3xoo/rribTfCBMFQuoF/JscZZO79mdBHtbcXqxwW2wbPPdst+SsR2dkk4PAPJ udOl0Tl0oAgtKyTaoN4PJMt1fXbggm9MnwsgEZidd8m7RSqgcOcsI+F8JK3Mvg88 FMQxhe529vqOeNCv6aaXdrzyjxlzC8l26+hkN/nGb4vyq/JNS6V03JbtuChpuMbL D0LuFOwOvzEY0dPXSV11M6rM47DqVFsILJKjhd5tPDi2kxrbQsBMHWEw7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM+kPyQAsO2UrcLHLsAQC4OReQ1DMB8GA1UdIwQY MBaAFC3YAI3jz/YtL6yhDZn/IMPoeNzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGRnQWplUFA5aTB2cktFTm1mOGd3LWg0M044LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lNjc5NTYtZGUxOC00MGM0LWIwMTMt OTUxZTVhZmFlOWU3LzEvTGRnQWplUFA5aTB2cktFTm1mOGd3LWg0M044Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9lNjc5NTYtZGUxOC00MGM0LWIwMTMtOTUxZTVhZmFlOWU3 LzEvTGRnQWplUFA5aTB2cktFTm1mOGd3LWg0M044LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckrmoDR6 Uvxq0NVgitd3WdX7R+w9Cu5181EAnSh3hhouuhJOKKDtXbTnnEf2e9CywCiUImT2 /Qw6oL6ZtORMg4wbTG6Zu9kKZftfVMGCR75YIDBYToj4h54KIjEYdEPtygOqYLJc Kha8b3jfeBx/NQtFBSqm5HQ2otO6VOb9z5NdRLTmeq3qGxxC0AMEbuxBRguwV2Za 2sZg+Vim3z9969Y4EFiIjsMKdmt6Lbje76+pIpBG/AJOA4aeR1G6jPkM30cgSZfu XQ8V/MsKQ07pUsSTTGa2VJINz0FXXGXKqC/i6oeokZlVEK9PKMi7isuigUG6eaZx 3CdCyfTbxOdUHQ== -----END CERTIFICATE-----Generated at Sun Dec 28 03:21:50 2025 by rpki-client