This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json) Hash identifier: yNTrrB27nd0wLFLR/JHAr/4pjizeWGcrBkQ7ClMCVHA= Subject key identifier: 54:D8:88:F6:D6:9C:1E:F3:B9:39:3B:F1:8E:F1:0C:4A:39:B3:4B:64 Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad Certificate serial: 019AF3C004913EEC96ED2B82EC928838F836 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft Manifest number: 05DB Signing time: Sat 06 Dec 2025 13:00:38 +0000 Manifest this update: Sat 06 Dec 2025 13:00:38 +0000 Manifest next update: Sun 07 Dec 2025 13:00:38 +0000 Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=) 2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: bf52iVCwINCdk5aaJSmK+97ZX5msctudUVcHFoLxu+0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:04:91:3e:ec:96:ed:2b:82:ec:92:88:38:f8:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad Validity Not Before: Dec 6 13:00:38 2025 GMT Not After : Dec 7 13:00:38 2025 GMT Subject: CN=54d888f6d69c1ef3b9393bf18ef10c4a39b34b64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:79:3a:ca:df:21:e3:d1:1e:43:69:e6:a9:0e: 4c:1a:31:db:a5:84:a4:37:11:ee:db:7e:1a:c7:7a: 98:5b:93:ad:33:72:c9:71:5d:4b:34:97:2b:79:61: 2e:25:c5:f5:bf:4b:3a:67:ce:2c:2c:cb:02:e1:c6: 58:38:5b:7d:80:ae:f6:91:96:97:ce:b0:a3:be:0d: 57:62:82:82:2c:05:a9:87:88:33:55:02:8d:6f:51: d5:6c:cf:e3:33:9d:d0:71:2c:0a:b3:5c:d8:4b:5c: 0d:16:05:1f:87:2c:e1:b4:29:e5:cc:fb:18:e8:db: 5d:cf:47:5b:9f:90:3e:6f:8e:d4:35:89:17:88:6e: 20:29:55:a1:54:a0:d8:3e:33:4e:7c:4b:44:a1:ee: fb:e9:98:f7:01:27:59:bc:23:4b:ef:cb:18:13:01: 93:f7:73:35:61:90:bd:c8:73:fb:2c:2c:62:2d:72: 03:91:5a:46:8f:b0:df:e7:cb:cb:08:b3:0d:e2:e9: 89:96:54:69:7f:a0:63:a0:06:e7:c5:ec:d1:11:4d: c0:e8:f2:f4:5f:50:6d:c8:1b:e1:73:2b:7a:c6:8c: 4b:28:84:c6:16:53:f8:aa:96:b3:1a:f7:1d:27:54: 97:19:3f:d1:8a:80:4f:b9:bf:df:67:c7:2f:ff:f1: 3a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:D8:88:F6:D6:9C:1E:F3:B9:39:3B:F1:8E:F1:0C:4A:39:B3:4B:64 X509v3 Authority Key Identifier: keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:89:41:43:62:4e:7e:7a:73:db:ca:d3:96:ec:65:39:63:21: e6:3e:ff:16:b6:b0:15:a8:0f:9a:93:7d:ee:61:2d:6c:8d:ba: 85:c4:03:e3:d4:25:07:8c:c2:77:13:cc:48:24:8a:a3:25:de: 99:15:a9:4f:a3:e4:70:9f:fb:2d:37:56:7f:25:f2:91:b1:5d: 05:73:cb:2c:7e:67:f7:48:ce:87:77:8b:f9:72:62:83:40:71: e8:93:a6:69:b4:b6:bf:cb:1a:ad:fc:22:3b:5c:3a:85:48:61: e6:cb:1d:c8:f9:88:98:0b:f5:18:8f:7b:a1:71:f2:01:e0:cf: a3:51:c9:53:f3:76:e2:b9:3b:fb:2b:1e:f1:99:79:22:c9:b0: 2e:49:91:ef:99:90:21:5e:8f:b0:24:3e:bd:0f:40:d3:9e:57: 23:f5:47:e1:0f:a4:a7:9f:02:06:01:65:58:a7:10:86:4b:25: b4:25:ef:66:ee:f9:d1:e9:6e:d2:a1:b6:ea:6b:f3:9a:0d:41: 0d:b1:8d:1b:09:f2:0a:22:66:30:32:d5:ad:c5:21:3e:16:8d: 23:ce:d8:f0:18:4f:05:cb:19:37:59:6b:87:c7:57:f3:0b:3d: 81:75:38:c3:dc:d2:dc:6f:02:ac:78:fa:76:2b:eb:b2:d0:d2: 89:04:cd:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwASRPuyW7SuC7JKIOPg2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3 MjRmYWQwHhcNMjUxMjA2MTMwMDM4WhcNMjUxMjA3MTMwMDM4WjAzMTEwLwYDVQQD Eyg1NGQ4ODhmNmQ2OWMxZWYzYjkzOTNiZjE4ZWYxMGM0YTM5YjM0YjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHk6yt8h49EeQ2nmqQ5MGjHbpYSk NxHu234ax3qYW5OtM3LJcV1LNJcreWEuJcX1v0s6Z84sLMsC4cZYOFt9gK72kZaX zrCjvg1XYoKCLAWph4gzVQKNb1HVbM/jM53QcSwKs1zYS1wNFgUfhyzhtCnlzPsY 6Ntdz0dbn5A+b47UNYkXiG4gKVWhVKDYPjNOfEtEoe776Zj3ASdZvCNL78sYEwGT 93M1YZC9yHP7LCxiLXIDkVpGj7Df58vLCLMN4umJllRpf6BjoAbnxezREU3A6PL0 X1BtyBvhcyt6xoxLKITGFlP4qpazGvcdJ1SXGT/RioBPub/fZ8cv//E6HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFTYiPbWnB7zuTk78Y7xDEo5s0tkMB8GA1UdIwQY MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFYlBQ2JO fnpz28rTluxlOWMh5j7/FrawFagPmpN97mEtbI26hcQD49QlB4zCdxPMSCSKoyXe mRWpT6PkcJ/7LTdWfyXykbFdBXPLLH5n90jOh3eL+XJig0Bx6JOmabS2v8sarfwi O1w6hUhh5ssdyPmImAv1GI97oXHyAeDPo1HJU/N24rk7+yse8Zl5IsmwLkmR75mQ IV6PsCQ+vQ9A055XI/VH4Q+kp58CBgFlWKcQhksltCXvZu750elu0qG26mvzmg1B DbGNGwnyCiJmMDLVrcUhPhaNI87Y8BhPBcsZN1lrh8dX8ws9gXU4w9zS3G8CrHj6 divrstDSiQTNAw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:17:31 2025 by rpki-client