This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft File: lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft (raw, json) Hash identifier: CAtOG7AOrZFw3H6/UhQg31TJta1XO/NSCfHSEfKv1Do= Subject key identifier: FC:6A:FC:06:F8:53:E7:38:CD:B4:11:5F:51:70:6E:A4:AB:EB:A0:F2 Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Certificate serial: 019AF5410691BD8F769C1F5948C7E3DDBF9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft Manifest number: 0F1B Signing time: Sat 06 Dec 2025 20:01:10 +0000 Manifest this update: Sat 06 Dec 2025 20:01:10 +0000 Manifest next update: Sun 07 Dec 2025 20:01:10 +0000 Files and hashes: 1: ew1zgYS28PrRo2_vyICjeeeZzZk.roa (hash: Fhi/oH9QUYxK/iP3UryNP+xQPg6T4wc9jRF/RdGEuMY=) 2: lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl (hash: zKj9xIbMnoLOVvMqgyHPr+YB1ZVeFnCH1jL8c8zQ//4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:41:06:91:bd:8f:76:9c:1f:59:48:c7:e3:dd:bf:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb Validity Not Before: Dec 6 20:01:10 2025 GMT Not After : Dec 7 20:01:10 2025 GMT Subject: CN=fc6afc06f853e738cdb4115f51706ea4abeba0f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:23:34:35:7c:c9:71:09:ba:2e:04:f6:62:a9: 17:da:e5:21:b9:8f:e4:5d:d7:ff:3d:ba:e6:47:69: 8c:4e:0f:9b:98:f5:1a:5b:3e:88:86:e3:2e:12:1f: 99:c4:7c:a8:60:1c:24:20:b1:9d:b2:a8:71:e0:74: a9:2a:19:5b:42:59:c1:21:12:cd:d8:b3:16:4f:1b: b7:70:d0:e7:19:e5:e7:a1:45:a4:cb:5c:06:93:0c: dd:8c:73:e1:7a:c7:22:d2:ac:96:dd:1b:19:d1:2e: 08:45:0e:0a:c8:22:94:db:fa:af:34:77:07:43:f1: 3b:12:9b:cb:95:15:1b:74:a2:92:0f:d1:1e:a9:88: 88:88:9f:be:5b:25:ba:b5:ec:a2:16:8b:eb:1c:ce: 85:d6:01:08:37:4a:8b:b5:e3:71:b2:2f:6b:ed:8e: 34:dc:f1:61:7d:d2:b0:33:3d:ce:4d:73:08:55:61: 57:da:86:75:6e:94:50:c2:b9:76:2b:6c:b7:60:6f: 5e:53:7f:1d:50:73:a6:f0:ca:ff:fd:15:51:0d:f6: 7b:6f:fe:de:17:52:1a:5d:93:72:90:ae:e3:1d:cd: aa:2c:c5:03:1d:c2:86:f8:52:f3:69:b0:8e:cb:74: 14:cc:d0:55:c4:f3:83:7b:2f:3b:76:4b:bd:1e:0d: b0:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:6A:FC:06:F8:53:E7:38:CD:B4:11:5F:51:70:6E:A4:AB:EB:A0:F2 X509v3 Authority Key Identifier: keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:45:36:6c:4b:5e:45:7b:6e:84:65:fa:1c:0c:72:4c:b1:7f: 4e:b3:00:67:5d:8a:99:bd:a6:72:4e:09:b0:38:28:ec:4a:18: 92:9c:b7:77:c0:11:c9:9c:45:f7:12:78:cd:43:69:dc:d6:c0: 1a:be:5f:4e:97:95:52:11:0f:c1:b7:47:aa:7c:f4:9b:3d:00: 3e:2a:5e:51:dd:ee:5f:41:c7:44:d1:4d:a5:f4:7e:25:6d:88: 1b:bd:4c:92:1a:b4:35:c1:1b:3a:48:22:23:68:7d:3c:fa:be: d8:4e:33:b8:9e:99:46:66:14:73:f7:36:6b:57:f1:c3:e3:1d: d1:b5:33:fa:0c:2d:7a:47:f5:13:00:9f:eb:bd:b5:ac:4d:83: ed:96:e2:9c:ac:c9:c1:22:98:25:6d:2d:75:29:29:b4:0e:93: 12:52:ac:a1:7b:f7:ff:b1:51:ef:a1:a9:c2:17:bc:c9:13:ce: 0a:66:8e:5c:f5:62:03:c5:e1:f4:15:25:1f:32:7c:3d:8a:38: 6b:46:92:eb:1b:62:fe:e7:37:42:dd:b5:90:62:a4:e4:0b:6e: 50:8a:e7:4e:52:30:12:36:61:3d:93:fc:54:a4:04:cf:bc:5d: 87:37:65:db:34:ac:c6:73:de:1a:ab:df:aa:6b:fa:af:0b:04: 0f:91:40:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QQaRvY92nB9ZSMfj3b+bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3 ZDhjZWIwHhcNMjUxMjA2MjAwMTEwWhcNMjUxMjA3MjAwMTEwWjAzMTEwLwYDVQQD EyhmYzZhZmMwNmY4NTNlNzM4Y2RiNDExNWY1MTcwNmVhNGFiZWJhMGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SM0NXzJcQm6LgT2YqkX2uUhuY/k Xdf/PbrmR2mMTg+bmPUaWz6IhuMuEh+ZxHyoYBwkILGdsqhx4HSpKhlbQlnBIRLN 2LMWTxu3cNDnGeXnoUWky1wGkwzdjHPhesci0qyW3RsZ0S4IRQ4KyCKU2/qvNHcH Q/E7EpvLlRUbdKKSD9EeqYiIiJ++WyW6teyiFovrHM6F1gEIN0qLteNxsi9r7Y40 3PFhfdKwMz3OTXMIVWFX2oZ1bpRQwrl2K2y3YG9eU38dUHOm8Mr//RVRDfZ7b/7e F1IaXZNykK7jHc2qLMUDHcKG+FLzabCOy3QUzNBVxPODey87dku9Hg2wiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxq/Ab4U+c4zbQRX1FwbqSr66DyMB8GA1UdIwQY MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt NWU3N2ZhMDMzM2EzLzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUU2bEte RXtuhGX6HAxyTLF/TrMAZ12Kmb2mck4JsDgo7EoYkpy3d8ARyZxF9xJ4zUNp3NbA Gr5fTpeVUhEPwbdHqnz0mz0APipeUd3uX0HHRNFNpfR+JW2IG71Mkhq0NcEbOkgi I2h9PPq+2E4zuJ6ZRmYUc/c2a1fxw+Md0bUz+gwtekf1EwCf6721rE2D7ZbinKzJ wSKYJW0tdSkptA6TElKsoXv3/7FR76Gpwhe8yRPOCmaOXPViA8Xh9BUlHzJ8PYo4 a0aS6xti/uc3Qt21kGKk5AtuUIrnTlIwEjZhPZP8VKQEz7xdhzdl2zSsxnPeGqvf qmv6rwsED5FA9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 23:00:37 2025 by rpki-client