This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft File: legTEe8dNuzG0SXjbILCb5FbDfc.mft (raw, json) Hash identifier: DK1AiymAkhSOLyOMd42Ir/TMIZgsTLpSrwz5R7Tp+N0= Subject key identifier: 33:C5:6D:F1:A6:93:C6:1D:DC:53:9E:33:F3:C9:03:61:74:71:75:23 Authority key identifier: 95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7 Certificate issuer: /CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7 Certificate serial: 019AF50B63DAAA96795BB8EDB6564B9DE18A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft Manifest number: 12C5 Signing time: Sat 06 Dec 2025 19:02:35 +0000 Manifest this update: Sat 06 Dec 2025 19:02:35 +0000 Manifest next update: Sun 07 Dec 2025 19:02:35 +0000 Files and hashes: 1: WYTqj2Ru4b6Ds31lFp0qL0GBiG0.roa (hash: TiMpifh1/6heVxOwrxdYBK/lz/TeczLDX2jTHHgJqNw=) 2: legTEe8dNuzG0SXjbILCb5FbDfc.crl (hash: ZEJJZyUqPjDx0awTiKoGqSN9gKPtT72gcgPEHCgSZ94=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:63:da:aa:96:79:5b:b8:ed:b6:56:4b:9d:e1:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7 Validity Not Before: Dec 6 19:02:35 2025 GMT Not After : Dec 7 19:02:35 2025 GMT Subject: CN=33c56df1a693c61ddc539e33f3c9036174717523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:22:e1:9f:dc:14:aa:ea:8a:3e:04:d1:31:5c: 62:28:cc:b2:ef:75:26:82:f8:b2:91:a3:8a:d8:94: 1f:cb:3d:5b:b0:51:02:66:47:4f:f3:67:3a:f1:75: 7c:da:31:f3:14:34:da:b1:93:9d:6a:63:88:77:7e: a2:90:a2:81:a3:27:7d:cf:06:98:86:a1:3e:82:90: 14:2a:52:90:f6:1b:16:92:01:78:8d:13:81:66:a2: 09:b8:10:66:ba:de:ae:db:bf:e3:6d:ac:c3:54:8a: 55:97:23:f8:2f:e5:c1:31:59:3d:5a:89:cc:88:76: 1a:f1:74:9c:d8:d2:47:cf:c7:3d:e9:da:21:85:3f: 06:72:67:f0:97:4d:66:3f:2f:c6:86:52:4d:66:1c: 43:11:1a:23:ee:4d:80:5b:db:24:b0:03:85:c4:5f: 73:b7:7d:7c:d0:55:4b:d6:fe:6e:2d:22:e3:bd:f3: 80:ca:b1:20:e5:2a:6b:d7:d6:85:74:b7:38:e1:3a: d1:fd:47:62:be:47:13:96:61:84:38:d4:a4:ad:92: 44:83:bf:2b:6d:4a:2c:2c:bf:8a:95:b9:f2:df:a0: 91:85:50:6e:a7:53:5d:47:75:f2:6b:98:ab:7e:70: 19:40:60:99:26:11:f8:a3:7e:66:32:19:eb:d5:9d: 1f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:C5:6D:F1:A6:93:C6:1D:DC:53:9E:33:F3:C9:03:61:74:71:75:23 X509v3 Authority Key Identifier: keyid:95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:bb:c0:3b:15:d7:c2:b2:e0:51:c8:c0:36:c7:fd:7e:f6:4f: cd:91:61:63:95:9b:c4:8c:69:91:51:60:66:d8:25:13:be:a7: 06:7e:6f:98:cb:c9:f4:98:f7:b4:41:10:f6:ee:e4:77:8f:ae: 66:0d:ec:8a:86:ad:b0:43:04:e4:36:e8:5c:ca:82:09:14:ff: 11:e1:bd:17:7c:4a:06:b5:dd:91:42:c0:60:52:ff:16:5f:84: 43:73:3e:f5:00:54:ba:98:b7:e0:68:8e:d9:1c:70:56:a4:f3: a1:d5:22:3e:de:b3:16:da:69:bb:75:21:e1:85:7d:90:9f:3a: 41:19:ce:2d:be:16:1a:a3:37:d0:61:50:a5:7a:52:e1:09:bc: 91:0b:db:6a:76:d6:61:ba:6e:ff:64:cb:1c:ae:89:ca:8d:a0: ad:b4:5c:58:22:6b:88:df:22:4b:9a:21:a0:f4:bb:ae:0a:d6: be:ad:cc:07:9e:bd:87:e5:9a:69:c8:55:3d:e4:4a:cc:c4:ff: d5:74:6c:11:00:84:d7:1d:56:59:d7:98:fa:ae:43:47:68:91: 69:62:84:97:60:32:e3:76:b6:95:a3:68:d2:ec:ea:86:d9:4b: 3d:04:d2:ac:32:1c:b6:14:ed:8a:3f:80:62:24:32:f6:ea:39: 33:e6:55:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C2PaqpZ5W7jttlZLneGKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ZTgxMzExZWYxZDM2ZWNjNmQxMjVlMzZjODJjMjZmOTE1 YjBkZjcwHhcNMjUxMjA2MTkwMjM1WhcNMjUxMjA3MTkwMjM1WjAzMTEwLwYDVQQD EygzM2M1NmRmMWE2OTNjNjFkZGM1MzllMzNmM2M5MDM2MTc0NzE3NTIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySLhn9wUquqKPgTRMVxiKMyy73Um gviykaOK2JQfyz1bsFECZkdP82c68XV82jHzFDTasZOdamOId36ikKKBoyd9zwaY hqE+gpAUKlKQ9hsWkgF4jROBZqIJuBBmut6u27/jbazDVIpVlyP4L+XBMVk9WonM iHYa8XSc2NJHz8c96dohhT8Gcmfwl01mPy/GhlJNZhxDERoj7k2AW9sksAOFxF9z t3180FVL1v5uLSLjvfOAyrEg5Spr19aFdLc44TrR/UdivkcTlmGEONSkrZJEg78r bUosLL+Klbny36CRhVBup1NdR3Xya5irfnAZQGCZJhH4o35mMhnr1Z0foQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDPFbfGmk8Yd3FOeM/PJA2F0cXUjMB8GA1UdIwQY MBaAFJXoExHvHTbsxtEl42yCwm+RWw33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgt NzM0ZmFiNmZlYzZmLzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgtNzM0ZmFiNmZlYzZm LzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkbvAOxXX wrLgUcjANsf9fvZPzZFhY5WbxIxpkVFgZtglE76nBn5vmMvJ9Jj3tEEQ9u7kd4+u Zg3sioatsEME5DboXMqCCRT/EeG9F3xKBrXdkULAYFL/Fl+EQ3M+9QBUupi34GiO 2RxwVqTzodUiPt6zFtppu3Uh4YV9kJ86QRnOLb4WGqM30GFQpXpS4Qm8kQvbanbW Ybpu/2TLHK6Jyo2grbRcWCJriN8iS5ohoPS7rgrWvq3MB569h+WaachVPeRKzMT/ 1XRsEQCE1x1WWdeY+q5DR2iRaWKEl2Ay43a2laNo0uzqhtlLPQTSrDIcthTtij+A YiQy9uo5M+ZV7w== -----END CERTIFICATE-----Generated at Sat Dec 6 21:27:08 2025 by rpki-client