This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft File: Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json) Hash identifier: GWDEIhB3d/L/NxvVWQH07U45TSlXAQiB22umQtItLL4= Subject key identifier: 0E:A3:4B:BD:95:90:8A:30:BB:81:39:22:A7:F6:96:1F:AD:74:49:60 Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1 Certificate issuer: /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1 Certificate serial: 019BB0CB36D0183805BF8FFE3BF197A6F515 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft Manifest number: 03C8 Signing time: Mon 12 Jan 2026 06:01:06 +0000 Manifest this update: Mon 12 Jan 2026 06:01:06 +0000 Manifest next update: Tue 13 Jan 2026 06:01:06 +0000 Files and hashes: 1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: lu5VaKVDsb4Sm+jPq475j+rm3GGoQ6UY13Nmjh5tfDk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b0:cb:36:d0:18:38:05:bf:8f:fe:3b:f1:97:a6:f5:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1 Validity Not Before: Jan 12 06:01:06 2026 GMT Not After : Jan 13 06:01:06 2026 GMT Subject: CN=0ea34bbd95908a30bb813922a7f6961fad744960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d4:a3:34:7b:4d:e2:0f:61:39:e8:f5:61:d8: f9:f0:60:18:e3:90:a5:0c:e2:a1:3d:d5:cb:c0:04: 9e:63:b7:04:1f:06:66:47:4c:d7:7f:af:54:6d:64: 50:b3:ee:02:90:78:3e:7e:ff:a9:14:01:96:8c:96: 19:3a:23:ca:70:7f:d5:00:b5:9b:d8:a8:1b:69:91: 91:87:8a:2d:24:b4:2e:48:40:bf:f6:6d:b0:d1:06: 0a:16:ce:60:7b:1b:13:9d:85:a3:a6:25:49:ec:7b: c2:7b:37:66:04:08:e0:48:5e:b2:f7:ba:5e:50:6c: 09:20:d0:aa:bd:e6:f6:c6:57:25:eb:df:2b:5f:25: 5a:13:57:88:91:d7:55:39:27:65:49:ab:c3:6e:c9: 6d:c0:41:72:8d:db:2d:35:34:a9:63:e0:b2:5e:85: 12:e7:c5:32:1c:20:0e:27:a9:7a:d4:5d:3a:ad:9a: 1d:a4:04:f8:4c:44:6b:68:8a:01:3f:a4:12:71:50: 83:db:53:59:c5:d0:c6:d1:99:96:3b:14:a6:b4:a7: 80:54:bb:85:7d:a3:d2:7d:23:e1:7c:36:77:a6:6f: 8b:e3:dd:41:79:9d:d2:a5:46:12:b7:6b:c9:56:74: 71:f4:b8:28:d7:9b:54:18:23:32:23:80:6a:6e:06: a0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A3:4B:BD:95:90:8A:30:BB:81:39:22:A7:F6:96:1F:AD:74:49:60 X509v3 Authority Key Identifier: keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:fe:15:03:d0:8b:ae:3b:71:72:8a:ad:8c:6c:3b:8b:e9:96: 30:ce:8e:1d:7b:2f:b1:87:3c:17:8c:53:a7:79:97:bb:01:98: 55:63:d4:88:90:36:04:be:7f:f1:b1:9c:78:aa:29:df:d6:24: 64:53:ec:44:16:0c:e7:bb:6d:1f:41:fd:6c:57:75:33:12:8d: fe:ba:4d:55:3b:b0:59:be:23:bc:a8:89:e7:9c:6d:49:56:24: 89:28:a5:1d:0d:99:18:a5:6f:26:fa:cc:79:d4:16:59:d4:c1: 21:33:88:ad:58:bc:da:df:18:91:78:97:1b:3b:2f:01:1a:ae: b6:26:eb:45:6a:39:46:45:9e:1f:10:c8:5f:c7:96:81:7e:34: f1:05:e3:40:1e:07:5c:fb:5b:7f:05:44:04:7d:a9:d4:7d:a5: 7d:14:12:a1:49:30:5b:26:15:b9:8c:f6:c9:76:cf:c6:fe:5d: 11:70:d4:63:60:c2:ed:19:f6:53:66:9d:9a:68:35:2a:be:2e: 29:6a:94:ea:bc:4d:5f:e5:e4:25:c9:24:31:af:f6:cb:ab:26: 0c:ed:37:55:f3:5f:f6:fa:6a:e6:ee:13:07:80:72:22:4f:12: c2:21:48:11:4e:19:11:d6:0e:8d:5f:96:53:9b:19:cd:50:1e: f6:37:ec:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuwyzbQGDgFv4/+O/GXpvUVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl Yjk1ZDEwHhcNMjYwMTEyMDYwMTA2WhcNMjYwMTEzMDYwMTA2WjAzMTEwLwYDVQQD EygwZWEzNGJiZDk1OTA4YTMwYmI4MTM5MjJhN2Y2OTYxZmFkNzQ0OTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptSjNHtN4g9hOej1Ydj58GAY45Cl DOKhPdXLwASeY7cEHwZmR0zXf69UbWRQs+4CkHg+fv+pFAGWjJYZOiPKcH/VALWb 2KgbaZGRh4otJLQuSEC/9m2w0QYKFs5gexsTnYWjpiVJ7HvCezdmBAjgSF6y97pe UGwJINCqveb2xlcl698rXyVaE1eIkddVOSdlSavDbsltwEFyjdstNTSpY+CyXoUS 58UyHCAOJ6l61F06rZodpAT4TERraIoBP6QScVCD21NZxdDG0ZmWOxSmtKeAVLuF faPSfSPhfDZ3pm+L491BeZ3SpUYSt2vJVnRx9Lgo15tUGCMyI4BqbgaglwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6jS72VkIowu4E5Iqf2lh+tdElgMB8GA1UdIwQY MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1 LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhf4VA9CL rjtxcoqtjGw7i+mWMM6OHXsvsYc8F4xTp3mXuwGYVWPUiJA2BL5/8bGceKop39Yk ZFPsRBYM57ttH0H9bFd1MxKN/rpNVTuwWb4jvKiJ55xtSVYkiSilHQ2ZGKVvJvrM edQWWdTBITOIrVi82t8YkXiXGzsvARqutibrRWo5RkWeHxDIX8eWgX408QXjQB4H XPtbfwVEBH2p1H2lfRQSoUkwWyYVuYz2yXbPxv5dEXDUY2DC7Rn2U2admmg1Kr4u KWqU6rxNX+XkJckkMa/2y6smDO03VfNf9vpq5u4TB4ByIk8SwiFIEU4ZEdYOjV+W U5sZzVAe9jfsbg== -----END CERTIFICATE-----Generated at Mon Jan 12 13:35:31 2026 by rpki-client