This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json) Hash identifier: jYupDp/Tu0fG5eX13Hlh8yfwPTcucjY1a1tcCFtdDmw= Subject key identifier: 12:BD:D0:7B:38:DA:91:32:86:F3:7D:E4:21:59:D4:F8:A1:BD:D6:19 Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa Certificate serial: 019AF5E61B79080EB11B37DE8C92F465CB60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 23:01:29 +0000 Manifest this update: Sat 06 Dec 2025 23:01:29 +0000 Manifest next update: Sun 07 Dec 2025 23:01:29 +0000 Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=) 2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: aB5aYm+xT674EpdqzIsC/L1N9n9iTTxVv7BgQSTCYK0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e6:1b:79:08:0e:b1:1b:37:de:8c:92:f4:65:cb:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa Validity Not Before: Dec 6 23:01:29 2025 GMT Not After : Dec 7 23:01:29 2025 GMT Subject: CN=12bdd07b38da913286f37de42159d4f8a1bdd619 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b6:51:53:17:85:47:83:5a:3e:51:55:e4:ae: c8:fb:60:e6:49:b2:b1:e7:28:ec:4d:1d:e3:89:58: c3:a0:fa:7e:88:fc:93:43:d6:e1:3d:73:59:5c:bb: 25:5f:fa:de:35:78:30:c3:96:18:cb:ea:05:af:2c: 0c:29:ba:6f:64:e0:00:48:39:25:7d:e1:36:65:54: b4:b8:6d:e4:ba:2f:29:18:6f:bd:3a:e8:19:da:3d: 10:b1:61:5d:dd:be:83:55:7c:e5:85:b9:55:ad:68: 98:bb:cb:2e:83:25:e2:8d:ce:6b:2f:64:e9:07:d0: 7a:27:7b:08:41:a8:fb:1c:8f:ac:36:29:5b:19:45: c9:41:44:cd:76:fd:93:f6:13:13:b5:6c:e1:4e:39: f6:7d:6c:e8:7d:95:8c:4f:c8:f0:bc:81:7a:e0:60: d3:5d:e1:5a:1e:0e:51:38:7a:e2:28:36:20:eb:7a: 4b:ff:60:37:43:5c:4e:6c:1d:a3:7a:ff:6e:e8:b7: 7c:3f:52:c7:8c:e1:09:da:4c:9b:67:06:1c:d2:a5: e4:fd:f4:45:4c:bd:7e:f3:78:18:c5:9b:4d:21:29: af:73:b0:31:76:9e:9b:82:3b:05:eb:75:8b:48:6c: fa:1b:d7:3e:2e:cd:08:96:50:b0:e3:29:f5:93:6b: 00:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:BD:D0:7B:38:DA:91:32:86:F3:7D:E4:21:59:D4:F8:A1:BD:D6:19 X509v3 Authority Key Identifier: keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:ec:07:85:35:aa:5c:46:57:b2:f1:fd:5a:b0:9c:1b:9d:5f: b2:1c:3f:71:d6:ad:40:9f:00:99:80:cb:8b:c6:c1:bf:13:20: f6:70:99:53:94:58:6c:f1:67:5f:34:2c:81:3b:cb:4d:85:76: 60:27:3c:65:14:ef:47:dd:ad:d6:aa:ee:1f:cb:13:5a:8d:60: 96:e1:bd:73:8c:f6:c2:8a:ec:be:ed:86:56:39:7d:a0:35:24: c8:c2:46:7f:2a:0c:50:50:56:93:ed:bf:ae:9b:b1:62:54:3b: a1:d9:23:ad:f2:dd:d6:c8:b6:27:a0:58:f6:60:4f:48:2e:a1: 17:1e:34:41:11:5e:6b:cc:fd:07:6e:8e:57:a4:24:62:2e:b5: fe:63:ef:84:21:af:fd:c0:c8:50:45:7f:b1:71:07:d0:36:d3: 2c:80:05:46:9f:c6:fa:ed:2d:f6:c0:45:bc:01:1f:a4:f3:82: df:d3:af:88:52:4e:d6:5d:77:21:5d:ba:26:5e:64:df:a3:60: 17:dc:85:e1:6a:7d:a5:1e:26:7e:71:04:b2:9e:5e:c4:6c:db: 2d:c9:45:9e:91:d8:be:12:20:4b:22:d2:f9:9d:b2:61:7a:49: 24:0e:32:a3:e7:cf:41:08:85:5e:77:97:5b:d3:38:79:3b:b4: b9:68:65:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15ht5CA6xGzfejJL0ZctgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj MmNiZmEwHhcNMjUxMjA2MjMwMTI5WhcNMjUxMjA3MjMwMTI5WjAzMTEwLwYDVQQD EygxMmJkZDA3YjM4ZGE5MTMyODZmMzdkZTQyMTU5ZDRmOGExYmRkNjE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bZRUxeFR4NaPlFV5K7I+2DmSbKx 5yjsTR3jiVjDoPp+iPyTQ9bhPXNZXLslX/reNXgww5YYy+oFrywMKbpvZOAASDkl feE2ZVS0uG3kui8pGG+9OugZ2j0QsWFd3b6DVXzlhblVrWiYu8sugyXijc5rL2Tp B9B6J3sIQaj7HI+sNilbGUXJQUTNdv2T9hMTtWzhTjn2fWzofZWMT8jwvIF64GDT XeFaHg5ROHriKDYg63pL/2A3Q1xObB2jev9u6Ld8P1LHjOEJ2kybZwYc0qXk/fRF TL1+83gYxZtNISmvc7Axdp6bgjsF63WLSGz6G9c+Ls0IllCw4yn1k2sAIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBK90Hs42pEyhvN95CFZ1PihvdYZMB8GA1UdIwQY MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAuwHhTWq XEZXsvH9WrCcG51fshw/cdatQJ8AmYDLi8bBvxMg9nCZU5RYbPFnXzQsgTvLTYV2 YCc8ZRTvR92t1qruH8sTWo1gluG9c4z2worsvu2GVjl9oDUkyMJGfyoMUFBWk+2/ rpuxYlQ7odkjrfLd1si2J6BY9mBPSC6hFx40QRFea8z9B26OV6QkYi61/mPvhCGv /cDIUEV/sXEH0DbTLIAFRp/G+u0t9sBFvAEfpPOC39OviFJO1l13IV26Jl5k36Ng F9yF4Wp9pR4mfnEEsp5exGzbLclFnpHYvhIgSyLS+Z2yYXpJJA4yo+fPQQiFXneX W9M4eTu0uWhl2Q== -----END CERTIFICATE-----Generated at Sun Dec 7 02:01:32 2025 by rpki-client