This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft File: lKpBiudwvajvBRax0cYzpn6R84s.mft (raw, json) Hash identifier: yGLpL0cwkVBsRV8C4K5DQshEjVDZPdRNogWDTEmXgTo= Subject key identifier: 05:4C:1A:60:8D:1D:38:68:0A:1E:70:E6:5C:3A:33:89:30:7A:32:77 Authority key identifier: 94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B Certificate issuer: /CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b Certificate serial: 019AF12ED65AD94B11E524CA17AF9A86DA90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft Manifest number: 1129 Signing time: Sat 06 Dec 2025 01:02:49 +0000 Manifest this update: Sat 06 Dec 2025 01:02:49 +0000 Manifest next update: Sun 07 Dec 2025 01:02:49 +0000 Files and hashes: 1: JDbsNRiv_WMTlViBQXQ3g59gK5M.roa (hash: 5BHapuXzcbpJhpfOa/evo44J0f0F6BTnvXfMcpPhdEU=) 2: lKpBiudwvajvBRax0cYzpn6R84s.crl (hash: /pLuK7VLXEHcP+41V98yudF6tVg8hLiqpqPVGy6V0Cc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:d6:5a:d9:4b:11:e5:24:ca:17:af:9a:86:da:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b Validity Not Before: Dec 6 01:02:49 2025 GMT Not After : Dec 7 01:02:49 2025 GMT Subject: CN=054c1a608d1d38680a1e70e65c3a3389307a3277 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f9:5d:1f:40:39:be:fd:ad:db:62:a6:1c:36: d4:9d:b1:8c:50:63:11:76:99:82:30:42:da:69:3f: 90:44:06:d0:c3:c5:06:7a:a4:7b:cb:09:87:46:60: 8c:46:ac:71:45:13:60:15:3e:33:2c:06:24:eb:c7: 2b:11:b7:7b:d4:19:d3:3a:1c:1b:e2:79:1f:9f:23: 3a:f0:68:ae:bb:2a:fe:68:d1:ce:72:77:c3:23:44: 52:c4:b9:6a:46:97:b7:8a:2b:ce:f4:8d:ac:45:16: ed:f2:1b:86:eb:60:1c:d8:0d:a6:d2:9d:1a:fc:47: 34:97:e3:4c:61:d3:07:10:e9:f5:c8:30:a3:0a:d2: 10:e8:0b:1c:3e:97:68:18:94:bb:4b:9e:4d:31:d7: 87:59:1c:9d:9a:c6:56:77:76:43:8c:67:ac:1b:35: 70:fb:fb:ba:9a:be:96:49:48:96:2f:c8:7a:ae:48: ea:f0:06:5d:b9:24:bc:50:d3:76:91:4b:26:46:41: 3c:9d:d6:c9:2f:32:a4:0a:3a:c9:d0:10:2a:61:a9: ef:c3:b2:ef:19:46:55:ad:4e:e7:e9:6f:8c:7b:1d: b9:79:4b:06:42:10:32:de:f0:3c:d8:bc:35:af:5a: aa:cc:23:00:ce:7d:d3:a9:52:7b:f9:f2:e0:c7:0d: f3:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:4C:1A:60:8D:1D:38:68:0A:1E:70:E6:5C:3A:33:89:30:7A:32:77 X509v3 Authority Key Identifier: keyid:94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:0a:2b:95:a3:3e:8a:98:1f:dc:60:66:b7:1d:21:62:ff:7e: a7:7a:f5:19:66:0e:fc:88:d0:4c:88:35:ba:52:0c:7d:9a:36: 7a:72:46:59:2e:e5:af:3e:1a:53:76:ed:59:ba:84:4a:87:54: 0a:7e:47:a4:f5:e8:aa:b7:52:ba:83:fb:76:a1:c9:8d:13:98: ea:5c:b8:7d:f7:51:de:c0:bf:cf:0e:48:c0:ab:0a:aa:10:1f: 5e:f8:ce:ca:92:99:1a:bb:8b:b4:28:b9:5f:21:cc:42:48:48: d8:be:bd:dd:c4:bb:b0:4e:7e:48:d7:73:43:c9:e3:76:a6:16: 8f:53:ec:d7:91:e4:db:30:f1:54:9a:86:a4:9a:1a:12:8b:f8: fa:31:b1:f6:35:22:90:99:82:ad:c7:6c:20:ad:39:34:27:42: f2:2c:25:dd:09:b0:c6:b3:87:c0:c9:ab:02:80:65:17:31:dc: 7c:1a:e3:6b:36:50:c5:ce:7f:9c:17:b5:3a:05:40:fc:44:a6: ad:81:14:e5:d7:78:b9:c6:21:c1:12:33:1c:23:17:f5:d1:ce: b1:a1:89:e7:da:82:b1:77:e1:4e:2f:ac:de:48:fe:8d:d0:f6: 2e:ef:f2:4f:f1:3b:69:d6:46:2e:ac:e8:61:fa:07:c5:f6:b9: 49:e8:86:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLtZa2UsR5STKF6+ahtqQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0YWE0MThhZTc3MGJkYThlZjA1MTZiMWQxYzYzM2E2N2U5 MWYzOGIwHhcNMjUxMjA2MDEwMjQ5WhcNMjUxMjA3MDEwMjQ5WjAzMTEwLwYDVQQD EygwNTRjMWE2MDhkMWQzODY4MGExZTcwZTY1YzNhMzM4OTMwN2EzMjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/ldH0A5vv2t22KmHDbUnbGMUGMR dpmCMELaaT+QRAbQw8UGeqR7ywmHRmCMRqxxRRNgFT4zLAYk68crEbd71BnTOhwb 4nkfnyM68Giuuyr+aNHOcnfDI0RSxLlqRpe3iivO9I2sRRbt8huG62Ac2A2m0p0a /Ec0l+NMYdMHEOn1yDCjCtIQ6AscPpdoGJS7S55NMdeHWRydmsZWd3ZDjGesGzVw +/u6mr6WSUiWL8h6rkjq8AZduSS8UNN2kUsmRkE8ndbJLzKkCjrJ0BAqYanvw7Lv GUZVrU7n6W+Mex25eUsGQhAy3vA82Lw1r1qqzCMAzn3TqVJ7+fLgxw3z+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAVMGmCNHThoCh5w5lw6M4kwejJ3MB8GA1UdIwQY MBaAFJSqQYrncL2o7wUWsdHGM6Z+kfOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUt YzM5NjIwMGZlMGJmLzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUtYzM5NjIwMGZlMGJm LzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAorlaM+ ipgf3GBmtx0hYv9+p3r1GWYO/IjQTIg1ulIMfZo2enJGWS7lrz4aU3btWbqESodU Cn5HpPXoqrdSuoP7dqHJjROY6ly4ffdR3sC/zw5IwKsKqhAfXvjOypKZGruLtCi5 XyHMQkhI2L693cS7sE5+SNdzQ8njdqYWj1Ps15Hk2zDxVJqGpJoaEov4+jGx9jUi kJmCrcdsIK05NCdC8iwl3QmwxrOHwMmrAoBlFzHcfBrjazZQxc5/nBe1OgVA/ESm rYEU5dd4ucYhwRIzHCMX9dHOsaGJ59qCsXfhTi+s3kj+jdD2Lu/yT/E7adZGLqzo YfoHxfa5SeiG2Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:26 2025 by rpki-client