This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft File: lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json) Hash identifier: D8Aegp1c+fnSQF0ZNrnc+Z5LvTKbdHiMM+spsJ/Rqg8= Subject key identifier: AF:91:09:77:2E:53:5E:4F:2E:D5:7E:5F:4C:DD:CE:93:E7:5B:52:49 Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D Certificate issuer: /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d Certificate serial: 019B34C475A08443BE779EDF403CEE236277 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft Manifest number: 03C1 Signing time: Fri 19 Dec 2025 04:00:48 +0000 Manifest this update: Fri 19 Dec 2025 04:00:48 +0000 Manifest next update: Sat 20 Dec 2025 04:00:48 +0000 Files and hashes: 1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: sblsxLFZtdTgK5DHLzYJSdcRP0gS8omkDuR3K1uAxOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:75:a0:84:43:be:77:9e:df:40:3c:ee:23:62:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d Validity Not Before: Dec 19 04:00:48 2025 GMT Not After : Dec 20 04:00:48 2025 GMT Subject: CN=af9109772e535e4f2ed57e5f4cddce93e75b5249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:57:8b:eb:e5:80:67:29:bb:1c:ea:14:af:fc: d2:6e:04:49:7e:9c:ee:52:55:8d:7c:b4:5e:be:13: 0a:15:bf:e4:0e:72:35:93:48:bc:7f:cc:b4:26:b4: f5:35:87:de:57:8b:2f:4d:53:46:cc:8d:31:65:0d: 16:fd:30:24:8f:4b:df:e1:24:2f:c9:24:eb:df:7b: 67:98:a2:28:c3:de:c4:c9:81:87:8a:97:98:f9:19: 0b:5e:77:72:f4:fd:bf:bc:d8:ce:c6:45:70:32:b7: b0:80:9d:71:fc:28:6d:3e:9c:7b:00:35:5c:86:85: ab:38:82:4b:24:7b:e3:43:1f:d8:2b:9a:10:dc:0f: 49:19:46:27:b2:a5:af:16:5b:43:91:f1:87:94:b4: bb:41:80:0e:11:57:ac:8a:e4:74:8e:5c:66:80:9c: e8:f6:e3:c3:3d:4d:a7:26:82:2a:92:a6:84:77:71: 8f:a4:63:49:70:e3:33:db:73:73:74:5a:96:29:3f: 1f:7d:69:35:96:35:b8:b4:c3:e4:13:5b:de:53:d6: 34:8b:e2:24:13:83:4d:fc:e0:a5:8d:e5:9f:a2:0c: 51:c9:b4:33:fa:23:8f:48:d3:c4:b7:50:17:a1:60: d7:97:3a:83:ff:7f:e3:fe:99:da:a9:6c:5c:23:8f: 61:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:91:09:77:2E:53:5E:4F:2E:D5:7E:5F:4C:DD:CE:93:E7:5B:52:49 X509v3 Authority Key Identifier: keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:16:fc:15:57:e0:19:ae:24:26:79:25:71:44:51:4c:3d:c4: fc:f3:0f:ff:20:9e:3b:e4:03:a4:32:fe:62:a5:4b:d9:7e:03: e2:05:92:df:74:b0:df:ab:f3:e0:ac:af:2b:bb:b4:35:4c:cd: 91:9b:90:74:db:72:df:78:fb:ff:b2:71:b1:2c:7a:0c:09:9c: c5:0a:60:a7:63:5b:8a:42:f1:fa:e1:84:66:a7:a3:c1:88:34: e6:12:5d:d7:c4:2c:14:e2:97:d0:f6:38:10:c8:e2:a2:0e:99: a8:b9:f3:8e:48:5c:c4:97:c3:01:4f:4f:48:9c:61:74:ad:d9: 98:8e:80:21:1b:ba:57:3e:0c:60:1d:26:f2:98:b6:d2:ed:9d: bc:8a:71:20:17:e8:b4:3a:18:8e:ec:f9:28:42:d4:bc:e5:f8: 73:7c:5b:67:f3:31:ed:2b:1a:96:81:e5:e6:6e:c2:c2:55:09: 33:48:c1:41:74:cc:8b:f7:b0:c8:48:98:9c:6d:78:8f:16:8d: f0:58:64:b9:dc:e0:38:ec:84:ae:45:76:90:39:57:f2:bc:36: 76:4d:ae:0a:06:0c:ef:bc:21:e6:31:05:c4:70:ea:b6:a4:49: 64:82:66:4b:13:64:69:41:c9:a1:8c:85:13:68:7f:ac:92:87: c5:e2:f6:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xHWghEO+d57fQDzuI2J3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl ZmI1M2QwHhcNMjUxMjE5MDQwMDQ4WhcNMjUxMjIwMDQwMDQ4WjAzMTEwLwYDVQQD EyhhZjkxMDk3NzJlNTM1ZTRmMmVkNTdlNWY0Y2RkY2U5M2U3NWI1MjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7leL6+WAZym7HOoUr/zSbgRJfpzu UlWNfLRevhMKFb/kDnI1k0i8f8y0JrT1NYfeV4svTVNGzI0xZQ0W/TAkj0vf4SQv ySTr33tnmKIow97EyYGHipeY+RkLXndy9P2/vNjOxkVwMrewgJ1x/ChtPpx7ADVc hoWrOIJLJHvjQx/YK5oQ3A9JGUYnsqWvFltDkfGHlLS7QYAOEVesiuR0jlxmgJzo 9uPDPU2nJoIqkqaEd3GPpGNJcOMz23NzdFqWKT8ffWk1ljW4tMPkE1veU9Y0i+Ik E4NN/OCljeWfogxRybQz+iOPSNPEt1AXoWDXlzqD/3/j/pnaqWxcI49hfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+RCXcuU15PLtV+X0zdzpPnW1JJMB8GA1UdIwQY MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIhb8FVfg Ga4kJnklcURRTD3E/PMP/yCeO+QDpDL+YqVL2X4D4gWS33Sw36vz4KyvK7u0NUzN kZuQdNty33j7/7JxsSx6DAmcxQpgp2NbikLx+uGEZqejwYg05hJd18QsFOKX0PY4 EMjiog6ZqLnzjkhcxJfDAU9PSJxhdK3ZmI6AIRu6Vz4MYB0m8pi20u2dvIpxIBfo tDoYjuz5KELUvOX4c3xbZ/Mx7SsaloHl5m7CwlUJM0jBQXTMi/ewyEiYnG14jxaN 8FhkudzgOOyErkV2kDlX8rw2dk2uCgYM77wh5jEFxHDqtqRJZIJmSxNkaUHJoYyF E2h/rJKHxeL2ag== -----END CERTIFICATE-----Generated at Fri Dec 19 12:51:37 2025 by rpki-client