This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft File: lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json) Hash identifier: fFd2rP+Xf9rAsEX5sVIbfTBXNuzf15ph7neoP6R9cn8= Subject key identifier: 4D:64:A1:16:B5:B3:79:14:A5:41:E0:26:84:B4:6F:A2:00:AA:1C:02 Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24 Certificate issuer: /CN=956e316c983804c2501ecc5abea53a2a83b57324 Certificate serial: 019AF12E03F092B7B2BD7D5EA349D20F408F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft Manifest number: 1731 Signing time: Sat 06 Dec 2025 01:01:55 +0000 Manifest this update: Sat 06 Dec 2025 01:01:55 +0000 Manifest next update: Sun 07 Dec 2025 01:01:55 +0000 Files and hashes: 1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: Vy64SRbqkG9O/IEPMXT9PJJd3G8QR5/U3p/XmIQwFgg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:03:f0:92:b7:b2:bd:7d:5e:a3:49:d2:0f:40:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324 Validity Not Before: Dec 6 01:01:55 2025 GMT Not After : Dec 7 01:01:55 2025 GMT Subject: CN=4d64a116b5b37914a541e02684b46fa200aa1c02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:fe:d9:87:39:b3:52:d6:a7:56:ef:b0:9f:8b: 4c:57:8d:b2:d5:fd:84:0b:30:64:55:b2:e3:da:68: 9e:d4:e7:cf:e6:99:35:19:c1:0d:14:b9:63:0c:ba: c7:3c:50:34:b7:96:28:b2:4f:47:4e:7a:cc:f8:cb: 6d:f1:b7:84:64:62:08:a7:f9:7a:de:57:34:6c:4d: 4f:6d:63:94:89:f9:a3:80:8f:97:0e:32:68:0c:32: 08:31:fd:a1:70:27:fe:84:27:29:02:41:4d:1c:f6: c6:11:58:62:19:a7:40:08:c8:5b:70:02:d9:20:41: fb:48:f5:3c:09:49:43:d8:2c:45:c1:ea:f0:c8:66: b4:f0:c4:41:fb:4f:76:dd:8e:fa:41:b7:c6:4c:29: 3a:c7:7d:13:9f:79:ae:84:70:a2:c5:eb:fa:f9:7a: f2:f1:51:da:13:a5:c2:38:f0:a0:7b:85:7f:4a:8e: 71:2d:50:60:4d:04:48:46:be:8c:84:34:34:38:7c: 07:40:17:96:e2:7f:42:53:1b:f5:58:40:df:88:64: 09:15:dc:f2:7c:9f:d4:8f:df:4f:3a:dc:39:c0:5d: ff:47:7b:00:01:1c:4e:53:d8:b2:17:7a:16:8e:d6: 13:56:75:b6:e5:77:01:6c:5a:b3:ca:1c:5e:0d:0d: 5c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:64:A1:16:B5:B3:79:14:A5:41:E0:26:84:B4:6F:A2:00:AA:1C:02 X509v3 Authority Key Identifier: keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:a4:fa:a5:db:70:58:02:9f:c1:e9:67:43:9f:c9:4f:d9:f2: 5f:46:c2:f1:c1:90:37:77:60:eb:7d:e4:84:8f:ea:c8:fc:dd: 65:0a:e6:e4:f5:ad:e0:dd:82:d5:62:46:9d:36:8f:53:7b:12: 2d:5b:fd:f4:e3:aa:03:8f:7c:34:c0:70:5e:20:55:29:35:f6: e7:02:df:78:ac:3f:47:6f:00:87:59:34:b9:bb:d3:78:94:9c: 26:44:fd:ae:c5:6c:6a:a2:9d:c8:b3:25:b2:3d:ca:d9:29:21: f0:e4:be:eb:53:40:bc:5c:aa:40:73:da:f8:68:d9:d2:8e:75: 5c:30:38:7f:70:ad:9b:aa:eb:00:de:cf:29:5d:82:1a:8c:70: 46:37:8f:60:a9:0e:11:00:37:20:dd:bd:76:87:1a:0f:b3:77: 0b:08:22:54:ed:1e:91:d3:64:44:26:a8:d3:7f:c0:3e:d0:9b: 05:a0:5f:b4:03:87:c5:b3:28:a7:89:3c:f1:73:28:e1:7b:a9: b4:ad:d2:73:23:f4:94:b4:1f:6e:5b:66:af:38:11:a9:19:c6: b9:ad:c2:aa:b7:20:16:23:15:19:7d:81:53:ab:7c:4c:4e:bf: 9a:63:69:68:8e:f3:8e:df:ae:ed:a0:85:c5:c6:a4:10:ee:94: 5a:d6:61:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLgPwkreyvX1eo0nSD0CPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi NTczMjQwHhcNMjUxMjA2MDEwMTU1WhcNMjUxMjA3MDEwMTU1WjAzMTEwLwYDVQQD Eyg0ZDY0YTExNmI1YjM3OTE0YTU0MWUwMjY4NGI0NmZhMjAwYWExYzAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/7ZhzmzUtanVu+wn4tMV42y1f2E CzBkVbLj2mie1OfP5pk1GcENFLljDLrHPFA0t5Yosk9HTnrM+Mtt8beEZGIIp/l6 3lc0bE1PbWOUifmjgI+XDjJoDDIIMf2hcCf+hCcpAkFNHPbGEVhiGadACMhbcALZ IEH7SPU8CUlD2CxFwerwyGa08MRB+0923Y76QbfGTCk6x30Tn3muhHCixev6+Xry 8VHaE6XCOPCge4V/So5xLVBgTQRIRr6MhDQ0OHwHQBeW4n9CUxv1WEDfiGQJFdzy fJ/Uj99POtw5wF3/R3sAARxOU9iyF3oWjtYTVnW25XcBbFqzyhxeDQ1cNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1koRa1s3kUpUHgJoS0b6IAqhwCMB8GA1UdIwQY MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvaT6pdtw WAKfwelnQ5/JT9nyX0bC8cGQN3dg633khI/qyPzdZQrm5PWt4N2C1WJGnTaPU3sS LVv99OOqA498NMBwXiBVKTX25wLfeKw/R28Ah1k0ubvTeJScJkT9rsVsaqKdyLMl sj3K2Skh8OS+61NAvFyqQHPa+GjZ0o51XDA4f3Ctm6rrAN7PKV2CGoxwRjePYKkO EQA3IN29docaD7N3CwgiVO0ekdNkRCao03/APtCbBaBftAOHxbMop4k88XMo4Xup tK3ScyP0lLQfbltmrzgRqRnGua3CqrcgFiMVGX2BU6t8TE6/mmNpaI7zjt+u7aCF xcakEO6UWtZh5A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:09:13 2025 by rpki-client