This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft File: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json) Hash identifier: zLVeW1L7WueZlrBPd3ePV3p5kKKehvAOrqg+/G+ffSI= Subject key identifier: 8F:A3:8B:20:A1:ED:EF:E0:31:2E:60:E5:B7:15:0E:1E:A6:0E:09:7E Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD Certificate issuer: /CN=2f70532664343cb3d2897023a127f60ba917a5dd Certificate serial: 019AF3C0B28135303FE16702409F0E8B2EAC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft Manifest number: 0D55 Signing time: Sat 06 Dec 2025 13:01:23 +0000 Manifest this update: Sat 06 Dec 2025 13:01:23 +0000 Manifest next update: Sun 07 Dec 2025 13:01:23 +0000 Files and hashes: 1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: ScMVBfaiUngFB2RwltnoqofEnuhPp3/x2W2NOqUMOW8=) 2: oXOzqFKOXP3W4QFBtQoblsrTovg.roa (hash: kz8J5VBJEC5JGo2WZcJjdy6PbbTAbAu9KBrjeHE5F9Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:b2:81:35:30:3f:e1:67:02:40:9f:0e:8b:2e:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd Validity Not Before: Dec 6 13:01:23 2025 GMT Not After : Dec 7 13:01:23 2025 GMT Subject: CN=8fa38b20a1edefe0312e60e5b7150e1ea60e097e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3f:84:56:08:97:79:4e:77:7e:ac:6a:2b:ff: 62:b1:c4:66:ad:89:12:ad:bd:7b:79:b2:26:12:48: 0d:dc:24:93:f1:67:ca:93:00:17:ea:21:0b:93:b6: a6:8b:92:de:dd:c0:8e:d6:b3:d9:6f:84:c7:4a:5c: 7e:4e:95:9c:bf:47:05:55:59:10:4b:b4:bb:27:89: 0f:a7:f0:61:7b:c5:a8:76:37:69:fe:c5:d4:f3:da: 3f:1f:23:60:fd:de:24:09:d6:68:04:ab:26:c8:fe: 0c:8f:37:66:74:64:7e:a5:af:11:a2:37:6f:32:ff: 5f:d1:81:c2:d2:7e:45:64:67:fc:72:0e:86:f0:82: d5:a9:1b:10:0d:de:bf:1e:df:76:67:e3:f7:82:a9: 8b:6d:b6:4c:fc:c6:cb:50:25:0f:70:fc:d5:b9:cd: 0c:1c:1f:30:e0:73:08:23:a0:f5:a5:07:97:b1:66: 82:3a:ea:b4:c3:9d:37:a1:30:cf:63:19:78:64:17: 2e:4b:bf:d2:ed:f3:39:e5:eb:05:23:90:f8:0b:16: 2b:73:81:98:1e:47:b0:3c:e4:18:27:0c:ca:20:40: 5b:7c:57:fe:54:bd:0b:c9:b7:3d:73:1b:c4:86:c9: b7:50:42:62:1d:e0:51:1b:e4:11:a5:06:8e:5b:7e: 72:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A3:8B:20:A1:ED:EF:E0:31:2E:60:E5:B7:15:0E:1E:A6:0E:09:7E X509v3 Authority Key Identifier: keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:8c:e5:c7:96:c7:bb:4c:c7:cb:f2:34:bb:11:b0:7e:d3:46: c4:6f:29:9b:3f:f6:f0:32:0d:ad:50:69:0d:14:3d:c8:e4:c9: 5a:5e:cc:34:65:3b:57:06:0e:3c:66:67:2f:9e:1b:6a:cc:59: d2:fa:6c:f0:b9:9d:84:cf:6f:a4:35:5d:c7:73:14:27:c5:52: fa:0e:d7:1a:cd:22:c4:6e:5a:3a:42:4f:f2:e9:d0:91:8e:90: 60:49:9c:a6:05:3a:52:e8:60:8e:7e:94:5a:ed:0f:9d:5b:68: 2b:4a:dd:06:b6:23:e4:d6:4a:d8:8a:9c:10:d1:d1:37:bb:43: b8:57:1e:29:70:5a:92:59:01:18:65:17:90:ac:5f:70:77:e6: 0b:6b:b7:ea:45:7b:15:14:41:71:0f:c2:9d:e4:60:d0:7e:5b: fe:0b:9c:90:42:02:0e:b4:fd:33:b9:b1:34:cd:dd:b6:9b:1e: 52:d0:d5:4d:ff:ab:89:c5:5a:0e:39:59:1d:fb:c8:d9:20:82: 13:25:ec:d3:93:ee:46:8d:08:40:f7:6e:da:f3:23:13:28:63: 53:a0:95:f7:bd:ad:a7:ac:f2:9b:cc:5b:99:48:57:0f:4c:5f: 58:4a:30:fc:98:1a:49:49:99:cd:ef:85:83:08:7b:e2:b8:8a: 43:5c:09:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwLKBNTA/4WcCQJ8Oiy6sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx N2E1ZGQwHhcNMjUxMjA2MTMwMTIzWhcNMjUxMjA3MTMwMTIzWjAzMTEwLwYDVQQD Eyg4ZmEzOGIyMGExZWRlZmUwMzEyZTYwZTViNzE1MGUxZWE2MGUwOTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD+EVgiXeU53fqxqK/9iscRmrYkS rb17ebImEkgN3CST8WfKkwAX6iELk7ami5Le3cCO1rPZb4THSlx+TpWcv0cFVVkQ S7S7J4kPp/Bhe8Wodjdp/sXU89o/HyNg/d4kCdZoBKsmyP4MjzdmdGR+pa8Rojdv Mv9f0YHC0n5FZGf8cg6G8ILVqRsQDd6/Ht92Z+P3gqmLbbZM/MbLUCUPcPzVuc0M HB8w4HMII6D1pQeXsWaCOuq0w503oTDPYxl4ZBcuS7/S7fM55esFI5D4CxYrc4GY HkewPOQYJwzKIEBbfFf+VL0Lybc9cxvEhsm3UEJiHeBRG+QRpQaOW35yvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI+jiyCh7e/gMS5g5bcVDh6mDgl+MB8GA1UdIwQY MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4 LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYzlx5bH u0zHy/I0uxGwftNGxG8pmz/28DINrVBpDRQ9yOTJWl7MNGU7VwYOPGZnL54basxZ 0vps8LmdhM9vpDVdx3MUJ8VS+g7XGs0ixG5aOkJP8unQkY6QYEmcpgU6Uuhgjn6U Wu0PnVtoK0rdBrYj5NZK2IqcENHRN7tDuFceKXBaklkBGGUXkKxfcHfmC2u36kV7 FRRBcQ/CneRg0H5b/guckEICDrT9M7mxNM3dtpseUtDVTf+ricVaDjlZHfvI2SCC EyXs05PuRo0IQPdu2vMjEyhjU6CV972tp6zym8xbmUhXD0xfWEow/JgaSUmZze+F gwh74riKQ1wJyA== -----END CERTIFICATE-----Generated at Sat Dec 6 19:56:08 2025 by rpki-client