This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft File: lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json) Hash identifier: e7OKD5CjFY5MbwwO7UzFNGq3YxbuOQ7yn2GZxIdJK2U= Subject key identifier: 50:43:2E:F4:47:AA:86:5C:C4:6A:A5:8E:7D:CC:EF:4F:E3:BE:AB:C1 Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71 Certificate issuer: /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171 Certificate serial: 019AF50A0C2EFEF12B487FA01EBCFFC7F7C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft Manifest number: 0F22 Signing time: Sat 06 Dec 2025 19:01:07 +0000 Manifest this update: Sat 06 Dec 2025 19:01:07 +0000 Manifest next update: Sun 07 Dec 2025 19:01:07 +0000 Files and hashes: 1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: idmb39huQeMNM/P+6g+jeRixy6hzFiqlGs96lktNAz0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:0c:2e:fe:f1:2b:48:7f:a0:1e:bc:ff:c7:f7:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171 Validity Not Before: Dec 6 19:01:07 2025 GMT Not After : Dec 7 19:01:07 2025 GMT Subject: CN=50432ef447aa865cc46aa58e7dccef4fe3beabc1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ad:96:64:64:a5:e1:1c:0b:07:9e:f7:20:61: 72:da:3a:b2:31:02:56:e8:b5:a8:d5:8e:db:b0:9a: d2:b1:86:c6:b4:9b:c1:1a:e6:1c:f8:2f:86:17:ee: 80:a1:b5:ea:6c:59:6f:f3:29:f5:c3:f0:c2:64:d8: 66:df:c3:66:51:53:a3:4f:9e:2c:da:24:78:2e:f0: d2:bc:36:de:c6:99:09:49:59:53:11:4a:65:74:64: d1:f3:1f:ff:d4:78:44:7f:b2:8e:1d:72:02:f3:ad: 1a:00:92:5d:ad:b6:67:3c:7c:c0:3e:ac:d2:ef:d4: e4:cd:35:81:e4:4e:fc:9f:08:6c:e0:5a:db:a6:d9: 60:27:39:44:8a:da:05:f2:8e:9c:55:23:e3:13:ab: c3:63:46:3a:63:57:0d:be:31:7c:9b:26:89:7d:d8: 54:6a:92:3e:cf:d6:73:04:a1:bf:7b:53:60:32:74: 76:dc:a5:c8:90:53:d4:d2:fc:c2:2d:ea:02:21:7b: 7f:6b:2c:19:fd:9f:5c:b5:4d:a5:b2:cf:7c:16:8a: a7:fa:e2:e5:12:5f:54:54:0f:02:bf:3c:26:b0:21: e6:5e:1b:09:53:12:ce:02:84:ec:79:d6:a8:69:86: 5e:d8:a4:67:45:d1:82:dd:29:7d:c0:df:dd:69:2a: 35:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:43:2E:F4:47:AA:86:5C:C4:6A:A5:8E:7D:CC:EF:4F:E3:BE:AB:C1 X509v3 Authority Key Identifier: keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:71:5d:46:37:54:dd:c3:2b:32:b1:f6:65:d4:39:18:75:7a: c4:11:11:43:1b:f7:50:b1:70:36:a6:38:1c:1f:75:12:b9:d2: 3a:fb:19:cd:08:45:c6:20:73:d1:24:66:24:30:28:8a:38:8b: db:d0:af:67:e5:69:36:11:38:cc:5c:32:80:d9:4b:1b:14:f1: 1a:7a:17:65:bb:66:ce:13:0d:4c:b7:1a:03:68:e6:2b:d9:6d: 34:ba:44:1b:5d:e0:94:a6:e3:eb:5c:ff:70:00:36:3b:4f:fa: a4:d4:03:9d:41:d1:88:70:52:8d:70:c4:25:9e:c1:61:4f:66: f8:29:9d:80:b1:55:12:49:dd:48:1c:5f:b8:eb:1d:99:47:f2: 76:75:e4:5c:d7:94:aa:13:3f:45:6b:29:28:9f:53:81:00:e6: 9f:05:3d:d5:65:a6:31:e9:87:02:75:54:a6:c1:c1:2f:df:18: 47:c0:2a:70:c5:ba:6f:07:e9:69:c1:fb:b6:f3:72:32:4a:8c: e5:c7:0d:a6:0e:bb:c2:bc:d2:7c:26:e5:e5:82:2d:84:c2:8b: c9:ff:ef:2f:70:04:9d:fa:a1:7f:20:30:8d:1f:e0:e4:c8:93: 1b:61:c0:eb:d6:a2:b7:e6:42:95:e6:03:25:20:aa:77:4f:3f: 36:b5:68:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cgwu/vErSH+gHrz/x/fHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5 NDIxNzEwHhcNMjUxMjA2MTkwMTA3WhcNMjUxMjA3MTkwMTA3WjAzMTEwLwYDVQQD Eyg1MDQzMmVmNDQ3YWE4NjVjYzQ2YWE1OGU3ZGNjZWY0ZmUzYmVhYmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq2WZGSl4RwLB573IGFy2jqyMQJW 6LWo1Y7bsJrSsYbGtJvBGuYc+C+GF+6AobXqbFlv8yn1w/DCZNhm38NmUVOjT54s 2iR4LvDSvDbexpkJSVlTEUpldGTR8x//1HhEf7KOHXIC860aAJJdrbZnPHzAPqzS 79TkzTWB5E78nwhs4FrbptlgJzlEitoF8o6cVSPjE6vDY0Y6Y1cNvjF8myaJfdhU apI+z9ZzBKG/e1NgMnR23KXIkFPU0vzCLeoCIXt/aywZ/Z9ctU2lss98Foqn+uLl El9UVA8CvzwmsCHmXhsJUxLOAoTsedaoaYZe2KRnRdGC3Sl9wN/daSo1SQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBDLvRHqoZcxGqljn3M70/jvqvBMB8GA1UdIwQY MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArHFdRjdU 3cMrMrH2ZdQ5GHV6xBERQxv3ULFwNqY4HB91ErnSOvsZzQhFxiBz0SRmJDAoijiL 29CvZ+VpNhE4zFwygNlLGxTxGnoXZbtmzhMNTLcaA2jmK9ltNLpEG13glKbj61z/ cAA2O0/6pNQDnUHRiHBSjXDEJZ7BYU9m+CmdgLFVEkndSBxfuOsdmUfydnXkXNeU qhM/RWspKJ9TgQDmnwU91WWmMemHAnVUpsHBL98YR8AqcMW6bwfpacH7tvNyMkqM 5ccNpg67wrzSfCbl5YIthMKLyf/vL3AEnfqhfyAwjR/g5MiTG2HA69ait+ZCleYD JSCqd08/NrVopw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:59:19 2025 by rpki-client