This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft File: lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json) Hash identifier: prKdUbUi2flfgz3O0trl77g6h8pz/jCe1bE+/jHYSQo= Subject key identifier: 66:DA:8F:E8:C4:58:91:BB:AF:CB:FB:99:A3:92:A4:08:A2:85:27:97 Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D Certificate issuer: /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d Certificate serial: 019AF31C4AD0B5D79F9936F8E9A2E539114A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft Manifest number: 039F Signing time: Sat 06 Dec 2025 10:01:48 +0000 Manifest this update: Sat 06 Dec 2025 10:01:48 +0000 Manifest next update: Sun 07 Dec 2025 10:01:48 +0000 Files and hashes: 1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: LkjWTYwKLa3ZSiL5XCiqeL4kACyYCvjhpSvE6eepitI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:4a:d0:b5:d7:9f:99:36:f8:e9:a2:e5:39:11:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d Validity Not Before: Dec 6 10:01:48 2025 GMT Not After : Dec 7 10:01:48 2025 GMT Subject: CN=66da8fe8c45891bbafcbfb99a392a408a2852797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:c9:e3:10:aa:a2:3d:e5:8d:6d:2e:60:d5:9a: cf:23:79:aa:92:0b:1e:0d:df:06:5c:36:b0:19:8d: 86:3a:48:b4:36:d0:75:f7:e0:89:46:b3:69:c9:a7: 2e:a2:ea:cc:ce:01:81:3a:88:10:1e:4a:1f:a5:26: b8:fb:68:80:84:95:23:bc:bb:44:e8:f9:af:51:91: e7:78:95:4d:56:b8:fb:58:6b:a5:04:56:d9:5a:ff: 27:7f:e7:be:d0:0d:e0:c0:fa:37:46:f5:c5:21:31: b9:16:c3:5a:0e:dd:67:07:6d:94:c4:35:9e:71:9c: 70:96:d4:6a:e7:0e:83:40:7b:a8:1d:f3:ff:b2:91: 88:7b:d4:5a:a6:91:8f:c5:45:8d:b6:f5:d2:76:1e: 91:fc:9e:94:aa:e3:6e:e2:77:77:4d:55:4d:a2:92: 30:ee:31:eb:00:39:31:81:3c:c4:e5:02:2f:d7:53: 1a:7f:37:c2:b9:6d:2c:b3:bb:09:28:85:27:33:01: d8:9c:ea:ba:a3:fd:9f:da:88:40:cf:be:e6:0a:66: 56:f1:89:d1:05:5a:88:91:56:98:59:46:75:cb:66: 56:81:56:85:37:2a:85:ce:6b:16:49:ac:cc:ac:32: 1c:ec:dc:4f:73:82:94:5b:dd:8f:3c:50:b9:a1:f1: b0:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:DA:8F:E8:C4:58:91:BB:AF:CB:FB:99:A3:92:A4:08:A2:85:27:97 X509v3 Authority Key Identifier: keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:7e:b8:10:f1:3b:06:cb:07:3e:25:05:07:1f:bf:3d:52:2e: 79:52:5b:98:27:79:d3:13:cd:b2:70:04:22:99:37:c9:85:99: 77:58:ec:db:16:9b:ef:23:c1:9a:62:2d:75:af:ee:76:4c:2c: 3f:81:15:6a:28:bc:d2:f3:df:21:1f:80:6f:1a:f4:1e:c8:4e: f5:c4:98:6f:11:14:4b:1d:be:93:d3:e4:ea:e4:8e:85:7e:e0: 61:0a:c7:8c:4d:8e:3a:55:5f:69:ee:a6:21:df:31:11:a7:23: 3f:93:3b:f9:35:e1:cd:d5:2d:30:53:1c:72:43:87:75:b0:d5: 23:e0:50:5a:1e:cf:6a:2c:a7:ec:5e:37:43:84:af:3c:aa:00: a4:57:a0:60:24:7c:a4:f8:ab:14:5b:05:b5:e2:d6:0d:6e:19: f8:ca:ad:ee:ad:7c:ed:5a:b6:96:54:ff:d2:7c:65:18:c4:55: 95:e0:79:52:4f:5a:66:13:f9:c4:46:45:3c:bc:9b:0a:d9:01: 3c:a5:24:e0:e6:59:c6:aa:13:8b:4d:45:db:9f:ce:0f:09:8c: 49:c1:e3:91:26:9a:c3:bd:e5:91:ef:17:42:2c:57:80:4f:7d: e4:93:2a:13:56:50:c0:58:34:d2:89:33:4c:09:8d:1a:c4:73: 4a:e2:a4:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHErQtdefmTb46aLlORFKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl ZmI1M2QwHhcNMjUxMjA2MTAwMTQ4WhcNMjUxMjA3MTAwMTQ4WjAzMTEwLwYDVQQD Eyg2NmRhOGZlOGM0NTg5MWJiYWZjYmZiOTlhMzkyYTQwOGEyODUyNzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8njEKqiPeWNbS5g1ZrPI3mqkgse Dd8GXDawGY2GOki0NtB19+CJRrNpyacuourMzgGBOogQHkofpSa4+2iAhJUjvLtE 6PmvUZHneJVNVrj7WGulBFbZWv8nf+e+0A3gwPo3RvXFITG5FsNaDt1nB22UxDWe cZxwltRq5w6DQHuoHfP/spGIe9RappGPxUWNtvXSdh6R/J6UquNu4nd3TVVNopIw 7jHrADkxgTzE5QIv11MafzfCuW0ss7sJKIUnMwHYnOq6o/2f2ohAz77mCmZW8YnR BVqIkVaYWUZ1y2ZWgVaFNyqFzmsWSazMrDIc7NxPc4KUW92PPFC5ofGw3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGbaj+jEWJG7r8v7maOSpAiihSeXMB8GA1UdIwQY MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuH64EPE7 BssHPiUFBx+/PVIueVJbmCd50xPNsnAEIpk3yYWZd1js2xab7yPBmmItda/udkws P4EVaii80vPfIR+Abxr0HshO9cSYbxEUSx2+k9Pk6uSOhX7gYQrHjE2OOlVfae6m Id8xEacjP5M7+TXhzdUtMFMcckOHdbDVI+BQWh7Paiyn7F43Q4SvPKoApFegYCR8 pPirFFsFteLWDW4Z+Mqt7q187Vq2llT/0nxlGMRVleB5Uk9aZhP5xEZFPLybCtkB PKUk4OZZxqoTi01F25/ODwmMScHjkSaaw73lke8XQixXgE995JMqE1ZQwFg00okz TAmNGsRzSuKkKQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:12:52 2025 by rpki-client