This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft File: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft (raw, json) Hash identifier: i4WDkRqXsUKHI6aMykBRl8Zmp05ebq0ObVHcZ2mBm40= Subject key identifier: 40:9A:F8:0B:C2:3F:3F:B9:A3:B1:E7:0E:6F:AC:7C:80:BD:5E:F8:F1 Authority key identifier: 95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE Certificate issuer: /CN=951bb490e09df1467e4eec43d8f20484cee839fe Certificate serial: 019AF08835B02339F7DB4751BB5D1ADBD6D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft Manifest number: 0BE2 Signing time: Fri 05 Dec 2025 22:00:49 +0000 Manifest this update: Fri 05 Dec 2025 22:00:49 +0000 Manifest next update: Sat 06 Dec 2025 22:00:49 +0000 Files and hashes: 1: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl (hash: 4ROSA4tFmOCiEs5/BqYbTiakGGuEg8hL/dexqqBcfro=) 2: r2nr9uHWjEIdTibij9wAoHFt-FM.roa (hash: 9uPtC9m4AAQGXek/5tdGjDekJKVu5XPicOZ4ymE6WZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:35:b0:23:39:f7:db:47:51:bb:5d:1a:db:d6:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=951bb490e09df1467e4eec43d8f20484cee839fe Validity Not Before: Dec 5 22:00:49 2025 GMT Not After : Dec 6 22:00:49 2025 GMT Subject: CN=409af80bc23f3fb9a3b1e70e6fac7c80bd5ef8f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f2:a8:08:68:8d:df:46:9a:ce:b1:61:30:85: 09:1e:52:3e:f3:8c:b7:4f:9f:0b:a0:dd:32:35:dc: 80:4f:6f:69:74:c3:63:d3:c7:58:ec:3a:23:70:ec: 04:02:da:6d:c5:f5:32:3d:d0:d7:5e:9a:2a:9c:1b: 24:5b:a0:8a:53:c7:a2:17:61:c4:c1:89:99:97:ac: 4b:cd:99:81:cf:ef:5f:35:26:9b:1d:6a:72:b0:fe: 4a:b8:4a:99:56:af:d1:42:77:08:d1:51:4b:d6:5b: 95:bb:17:e7:ee:94:13:20:bc:d2:2e:15:97:cd:46: c3:c8:05:fe:e6:b2:25:36:ac:f5:09:3e:fd:a0:ce: 31:2a:26:b5:4b:75:f7:ed:96:c1:ba:fa:3c:12:c0: 03:bf:f8:8b:4b:fe:fd:4c:10:96:f4:47:5d:02:4a: aa:a9:8e:37:15:0b:2d:86:fd:95:63:d4:55:e7:ad: 0f:8e:df:85:72:1a:0b:c4:bc:4f:cd:64:65:02:0b: b1:4d:0a:b4:fe:3a:7e:33:d1:bb:d3:1d:2c:8c:f6: 84:e7:74:9e:bf:de:a9:91:c1:ff:99:04:04:ea:41: 2e:43:df:4a:a3:a4:18:5c:76:f5:f9:d9:e4:3e:03: 4d:10:bc:93:a1:41:38:0c:50:a4:c7:2b:be:2f:f3: 32:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9A:F8:0B:C2:3F:3F:B9:A3:B1:E7:0E:6F:AC:7C:80:BD:5E:F8:F1 X509v3 Authority Key Identifier: keyid:95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:2b:cd:b2:8b:82:64:40:27:a0:61:fa:d9:f3:66:df:c8:55: bc:c4:86:cf:5d:35:74:73:36:32:3e:96:0d:54:ac:c1:60:be: d4:ff:d1:c0:1a:f3:74:af:36:90:b2:0f:a6:f4:02:6c:d8:b5: c2:a1:b8:eb:b3:63:3f:d8:2a:7b:08:5f:a4:25:b1:4b:5e:67: 7c:ed:69:49:d7:79:6f:1b:60:43:06:c0:92:82:be:c8:36:9c: ae:5c:1c:bc:ea:6f:5d:51:6b:f4:0a:f9:f0:8a:14:5a:09:68: 40:d4:1b:2a:c2:cc:43:1f:cf:8a:0b:08:70:86:b3:44:b1:4e: b3:0b:2e:96:58:b0:f3:6d:3c:ca:6d:c1:85:33:1d:32:b0:87: d1:bd:30:76:4f:56:cd:5e:2a:1d:ba:a1:fe:15:2e:44:bc:39: de:4c:b8:13:15:96:92:6a:27:7a:ee:4e:cf:fd:4a:64:3e:b0: 1f:6b:dd:a2:64:9a:5a:59:e6:42:27:9a:ed:fc:ff:b2:d6:4e: 78:7a:48:d3:2c:24:da:bf:2e:4a:b1:36:5e:d8:e3:14:ed:6f: 89:1d:96:89:99:29:18:35:a4:c9:e9:45:37:b8:f9:ec:75:c6: ae:91:21:3f:a4:ef:27:b5:b2:80:cc:59:33:15:00:e7:08:de: 4d:69:51:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiDWwIzn320dRu10a29bSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MWJiNDkwZTA5ZGYxNDY3ZTRlZWM0M2Q4ZjIwNDg0Y2Vl ODM5ZmUwHhcNMjUxMjA1MjIwMDQ5WhcNMjUxMjA2MjIwMDQ5WjAzMTEwLwYDVQQD Eyg0MDlhZjgwYmMyM2YzZmI5YTNiMWU3MGU2ZmFjN2M4MGJkNWVmOGYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfKoCGiN30aazrFhMIUJHlI+84y3 T58LoN0yNdyAT29pdMNj08dY7DojcOwEAtptxfUyPdDXXpoqnBskW6CKU8eiF2HE wYmZl6xLzZmBz+9fNSabHWpysP5KuEqZVq/RQncI0VFL1luVuxfn7pQTILzSLhWX zUbDyAX+5rIlNqz1CT79oM4xKia1S3X37ZbBuvo8EsADv/iLS/79TBCW9EddAkqq qY43FQsthv2VY9RV560Pjt+FchoLxLxPzWRlAguxTQq0/jp+M9G70x0sjPaE53Se v96pkcH/mQQE6kEuQ99Ko6QYXHb1+dnkPgNNELyToUE4DFCkxyu+L/MyuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECa+AvCPz+5o7HnDm+sfIC9XvjxMB8GA1UdIwQY MBaAFJUbtJDgnfFGfk7sQ9jyBITO6Dn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTct MWRiNGVkMTMxYmMzLzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTctMWRiNGVkMTMxYmMz LzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmivNsouC ZEAnoGH62fNm38hVvMSGz101dHM2Mj6WDVSswWC+1P/RwBrzdK82kLIPpvQCbNi1 wqG467NjP9gqewhfpCWxS15nfO1pSdd5bxtgQwbAkoK+yDacrlwcvOpvXVFr9Ar5 8IoUWgloQNQbKsLMQx/PigsIcIazRLFOswsulliw8208ym3BhTMdMrCH0b0wdk9W zV4qHbqh/hUuRLw53ky4ExWWkmoneu5Oz/1KZD6wH2vdomSaWlnmQiea7fz/stZO eHpI0ywk2r8uSrE2XtjjFO1viR2WiZkpGDWkyelFN7j57HXGrpEhP6TvJ7WygMxZ MxUA5wjeTWlRig== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:14 2025 by rpki-client