This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.mft File: lXbbt2mVtJUKhsXwfKjbPrSWePY.mft (raw, json) Hash identifier: KxbqXQLUax77j7OHY9l60LPWe0IduMB1C1WHsPiiLlo= Subject key identifier: 83:25:A0:23:2A:8C:CD:08:EE:66:B0:51:D1:FD:D4:66:FD:B5:35:DF Authority key identifier: 95:76:DB:B7:69:95:B4:95:0A:86:C5:F0:7C:A8:DB:3E:B4:96:78:F6 Certificate issuer: /CN=9576dbb76995b4950a86c5f07ca8db3eb49678f6 Certificate serial: 019AF1D1BB744C23C4236979106BE1281D31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.mft Manifest number: 04A1 Signing time: Sat 06 Dec 2025 04:00:45 +0000 Manifest this update: Sat 06 Dec 2025 04:00:45 +0000 Manifest next update: Sun 07 Dec 2025 04:00:45 +0000 Files and hashes: 1: lXbbt2mVtJUKhsXwfKjbPrSWePY.crl (hash: n5cXqEHPOqn3hnPORf2tU85lwrwBeA9kp0yZLEWztEA=) 2: wOkYAGqpSPBGigfUEv7El852HGA.roa (hash: jGAVgltAX4k1B+fH3k6Z7JMTyuIFNv8n6kIlzZB4Zww=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.crl rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.mft rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:bb:74:4c:23:c4:23:69:79:10:6b:e1:28:1d:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9576dbb76995b4950a86c5f07ca8db3eb49678f6 Validity Not Before: Dec 6 04:00:45 2025 GMT Not After : Dec 7 04:00:45 2025 GMT Subject: CN=8325a0232a8ccd08ee66b051d1fdd466fdb535df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:39:72:ab:a9:c7:41:61:db:cd:31:2c:04:61: 31:27:0d:82:16:59:87:a2:4a:7a:a8:e4:46:81:4c: 86:1c:c8:74:ec:a9:ce:08:69:e7:4c:80:8e:5f:d2: c1:b7:8f:cd:2f:b5:06:e2:80:d5:b5:54:9f:4e:f8: e3:14:f6:6f:ff:e1:ed:fe:1f:b1:c6:34:74:2b:94: 88:5f:86:c5:49:3e:d8:33:21:d5:f6:92:32:12:53: fc:b1:74:21:28:cf:0c:bf:fb:4d:9e:64:b9:1f:c9: df:86:29:9d:3f:5a:99:8d:86:f3:21:c8:69:71:a6: 1e:71:e6:4f:96:46:32:a1:f0:97:d6:73:06:d2:96: 3f:60:57:05:e0:05:a3:34:a6:04:cd:31:64:97:33: 1b:e1:1a:94:3c:bb:b0:e4:37:0d:c7:d9:87:80:cf: 14:1d:4e:6d:b9:53:6b:50:d4:7a:48:e1:0e:dd:74: 3f:f4:52:ad:76:e1:42:b0:6a:8f:78:55:93:dd:83: 5f:60:f3:cc:64:cf:89:ad:b7:88:92:ff:a6:0b:b9: 3b:28:06:34:b4:53:c1:0c:7e:3f:d4:77:c7:d6:43: 95:7e:79:45:63:32:7a:01:d0:c4:46:8d:e2:1d:3e: 6e:22:c2:0f:e9:d1:80:d6:40:29:5e:eb:53:c3:7b: 8f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:25:A0:23:2A:8C:CD:08:EE:66:B0:51:D1:FD:D4:66:FD:B5:35:DF X509v3 Authority Key Identifier: keyid:95:76:DB:B7:69:95:B4:95:0A:86:C5:F0:7C:A8:DB:3E:B4:96:78:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:57:5b:5f:00:e3:77:fa:36:c5:a1:eb:89:72:5b:5d:51:90: 01:88:ed:a3:6f:87:20:e2:5b:e2:4d:f4:27:c6:79:36:ce:e4: 1f:91:62:b4:b7:e3:a1:9c:c7:be:7b:dc:52:3b:2f:24:55:d5: 1a:82:14:d0:35:f7:cb:53:24:52:79:e8:8b:ee:2d:56:6f:ad: 9b:aa:d3:87:39:73:71:3f:06:04:7b:9e:d4:21:12:a2:7d:56: 5f:2f:db:d1:22:16:ab:c5:3f:47:dd:7f:b1:9f:43:dd:bd:46: 90:38:0d:e8:3d:90:4e:88:8a:e8:d1:af:e5:e1:6b:6e:03:df: 4c:8d:0e:b8:bc:d4:71:db:22:41:6d:c8:9c:d5:91:39:bd:e8: 99:6e:9a:01:5e:7e:68:c3:85:95:4e:a7:5a:c9:75:25:d8:e1: 63:66:13:42:26:43:96:49:4d:e6:a0:28:51:a5:bd:48:09:c1: af:4d:d8:69:64:1f:fa:93:05:49:63:2a:33:ea:7b:b3:db:67: 82:78:77:86:aa:c4:ee:39:4e:91:33:2b:db:62:8e:9d:03:af: 98:a3:19:32:13:99:35:81:ab:7e:3e:70:fb:a2:fe:fc:00:b6: d5:f6:aa:c4:fd:29:80:fe:9f:ef:15:df:c9:16:b5:ee:d1:bf: 3f:fc:9c:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0bt0TCPEI2l5EGvhKB0xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NzZkYmI3Njk5NWI0OTUwYTg2YzVmMDdjYThkYjNlYjQ5 Njc4ZjYwHhcNMjUxMjA2MDQwMDQ1WhcNMjUxMjA3MDQwMDQ1WjAzMTEwLwYDVQQD Eyg4MzI1YTAyMzJhOGNjZDA4ZWU2NmIwNTFkMWZkZDQ2NmZkYjUzNWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzlyq6nHQWHbzTEsBGExJw2CFlmH okp6qORGgUyGHMh07KnOCGnnTICOX9LBt4/NL7UG4oDVtVSfTvjjFPZv/+Ht/h+x xjR0K5SIX4bFST7YMyHV9pIyElP8sXQhKM8Mv/tNnmS5H8nfhimdP1qZjYbzIchp caYeceZPlkYyofCX1nMG0pY/YFcF4AWjNKYEzTFklzMb4RqUPLuw5DcNx9mHgM8U HU5tuVNrUNR6SOEO3XQ/9FKtduFCsGqPeFWT3YNfYPPMZM+JrbeIkv+mC7k7KAY0 tFPBDH4/1HfH1kOVfnlFYzJ6AdDERo3iHT5uIsIP6dGA1kApXutTw3uPaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIMloCMqjM0I7mawUdH91Gb9tTXfMB8GA1UdIwQY MBaAFJV227dplbSVCobF8Hyo2z60lnj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFhiYnQybVZ0SlVLaHNYd2ZLamJQclNXZVBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wOTI2M2MtYTVjYy00NGQ2LTkxYzQt NjE4MDJkOWM5MzQ0LzEvbFhiYnQybVZ0SlVLaHNYd2ZLamJQclNXZVBZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8wOTI2M2MtYTVjYy00NGQ2LTkxYzQtNjE4MDJkOWM5MzQ0 LzEvbFhiYnQybVZ0SlVLaHNYd2ZLamJQclNXZVBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFdbXwDj d/o2xaHriXJbXVGQAYjto2+HIOJb4k30J8Z5Ns7kH5FitLfjoZzHvnvcUjsvJFXV GoIU0DX3y1MkUnnoi+4tVm+tm6rThzlzcT8GBHue1CESon1WXy/b0SIWq8U/R91/ sZ9D3b1GkDgN6D2QToiK6NGv5eFrbgPfTI0OuLzUcdsiQW3InNWROb3omW6aAV5+ aMOFlU6nWsl1JdjhY2YTQiZDlklN5qAoUaW9SAnBr03YaWQf+pMFSWMqM+p7s9tn gnh3hqrE7jlOkTMr22KOnQOvmKMZMhOZNYGrfj5w+6L+/AC21faqxP0pgP6f7xXf yRa17tG/P/ycrw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:47 2025 by rpki-client