This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json) Hash identifier: Wx1/MiGDMgyKZ+mxDZ7VpakiF2thfyZtm1EhdIHdGqc= Subject key identifier: A2:44:01:B1:A8:0E:DF:01:5D:8B:C6:A6:78:3D:26:C1:07:14:B5:26 Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac Certificate serial: 019AF208ACD41FE9BA9604E785FDA1ACF1F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft Manifest number: 14CA Signing time: Sat 06 Dec 2025 05:00:45 +0000 Manifest this update: Sat 06 Dec 2025 05:00:45 +0000 Manifest next update: Sun 07 Dec 2025 05:00:45 +0000 Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=) 2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: wxC/ulrdk1F3vws60PJsub5BJYO7gKaMBwdtfdaNqBM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:ac:d4:1f:e9:ba:96:04:e7:85:fd:a1:ac:f1:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac Validity Not Before: Dec 6 05:00:45 2025 GMT Not After : Dec 7 05:00:45 2025 GMT Subject: CN=a24401b1a80edf015d8bc6a6783d26c10714b526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6d:d8:23:64:d9:ed:09:bc:64:a4:75:8c:b3: ab:e7:fb:01:bc:73:c6:9c:39:a4:4a:3e:44:19:5b: 9d:6e:93:38:ba:18:1b:19:93:f3:c4:df:f1:10:13: 84:36:65:20:ac:86:1b:6f:d4:9a:fa:8c:23:d6:61: 80:49:c2:ce:72:fb:7c:81:a9:84:19:f6:8c:bf:e9: 5c:05:09:d7:7f:17:af:cb:4c:d4:28:f7:8d:14:1a: 1b:f1:14:82:37:42:99:ce:a7:a4:34:a8:d2:4c:d9: d2:54:30:c4:1d:ad:52:4e:8b:45:70:c3:18:49:d1: 13:40:c4:66:39:75:05:7c:95:22:53:44:a6:c3:ab: 6d:ff:b1:3d:a1:ce:bf:ea:75:d5:b8:d3:f7:f4:ac: 46:61:77:3a:d4:69:a2:6d:b3:df:2a:f6:d5:93:26: 29:70:c4:eb:42:15:c8:b0:0e:95:c6:2b:e3:ce:10: bf:76:0c:cc:05:64:2c:cf:38:f8:70:7e:be:b6:e1: 7d:6e:be:35:c2:52:e3:e6:8b:b0:9e:c7:07:3b:e1: 9d:e5:5d:d6:b8:6c:2f:15:a8:89:b5:67:43:37:d8: ea:f2:c0:1a:7c:9e:ba:d1:8b:c4:0b:77:bd:51:85: 21:b5:36:34:0b:4a:ea:1c:87:80:fc:63:4d:6c:ab: 0a:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:44:01:B1:A8:0E:DF:01:5D:8B:C6:A6:78:3D:26:C1:07:14:B5:26 X509v3 Authority Key Identifier: keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:4f:c7:a0:63:2f:54:62:0e:bb:fb:f0:c1:71:49:92:21:93: 2d:fd:60:4f:8a:fa:b3:e9:f6:ec:ce:48:9f:61:f0:f4:e4:35: bb:c0:26:f6:ad:48:90:a7:0a:1b:95:84:10:08:df:12:b8:49: cb:7a:fb:5f:87:96:e5:2c:44:eb:c4:01:43:90:69:ed:b1:d5: fe:01:c6:27:71:cd:8f:e6:d9:21:8d:86:12:42:ae:31:d3:40: 9e:65:f5:af:f4:3b:1e:17:18:ef:82:19:d6:57:fa:c1:8c:41: 55:d9:8e:85:83:0a:37:61:67:fb:45:0c:43:82:17:03:a8:79: 63:d7:18:91:2d:28:29:2a:02:0a:df:60:b9:78:7e:d2:1f:29: a1:ad:76:d9:27:ac:01:98:c2:55:fc:b5:53:2b:fa:f0:26:35: 57:3b:30:04:90:4b:c6:ea:58:48:cd:c8:5e:af:4a:5a:bd:9d: 2c:a1:f4:de:ac:b2:03:e7:f6:01:3c:ec:73:df:35:11:ef:36: e6:7a:5d:11:03:c8:89:d4:ae:50:5a:0a:49:ca:63:2c:42:95: a3:7f:b7:8c:2d:0b:6f:e8:ef:d0:39:41:ca:57:2e:08:a7:7b: a0:3e:45:d2:6f:db:29:ce:e9:7e:45:6c:81:55:87:70:5d:dd: f5:7a:58:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCKzUH+m6lgTnhf2hrPH4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4 MzQxYWMwHhcNMjUxMjA2MDUwMDQ1WhcNMjUxMjA3MDUwMDQ1WjAzMTEwLwYDVQQD EyhhMjQ0MDFiMWE4MGVkZjAxNWQ4YmM2YTY3ODNkMjZjMTA3MTRiNTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG3YI2TZ7Qm8ZKR1jLOr5/sBvHPG nDmkSj5EGVudbpM4uhgbGZPzxN/xEBOENmUgrIYbb9Sa+owj1mGAScLOcvt8gamE GfaMv+lcBQnXfxevy0zUKPeNFBob8RSCN0KZzqekNKjSTNnSVDDEHa1STotFcMMY SdETQMRmOXUFfJUiU0Smw6tt/7E9oc6/6nXVuNP39KxGYXc61GmibbPfKvbVkyYp cMTrQhXIsA6VxivjzhC/dgzMBWQszzj4cH6+tuF9br41wlLj5ouwnscHO+Gd5V3W uGwvFaiJtWdDN9jq8sAafJ660YvEC3e9UYUhtTY0C0rqHIeA/GNNbKsKUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKJEAbGoDt8BXYvGpng9JsEHFLUmMB8GA1UdIwQY MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANE/HoGMv VGIOu/vwwXFJkiGTLf1gT4r6s+n27M5In2Hw9OQ1u8Am9q1IkKcKG5WEEAjfErhJ y3r7X4eW5SxE68QBQ5Bp7bHV/gHGJ3HNj+bZIY2GEkKuMdNAnmX1r/Q7HhcY74IZ 1lf6wYxBVdmOhYMKN2Fn+0UMQ4IXA6h5Y9cYkS0oKSoCCt9guXh+0h8poa122Ses AZjCVfy1Uyv68CY1VzswBJBLxupYSM3IXq9KWr2dLKH03qyyA+f2ATzsc981Ee82 5npdEQPIidSuUFoKScpjLEKVo3+3jC0Lb+jv0DlBylcuCKd7oD5F0m/bKc7pfkVs gVWHcF3d9XpY2w== -----END CERTIFICATE-----Generated at Sat Dec 6 08:06:36 2025 by rpki-client