This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.mft File: li68oqtiGOHxrgaHwxREVP1dmWs.mft (raw, json) Hash identifier: xlox0OKeyRpsC/49L/q1dHSG3sJUh53FMfKSoDOqCZ4= Subject key identifier: CD:51:CE:D9:55:1E:E4:6B:11:F5:8D:90:3D:CD:15:0C:85:2B:1B:D7 Authority key identifier: 96:2E:BC:A2:AB:62:18:E1:F1:AE:06:87:C3:14:44:54:FD:5D:99:6B Certificate issuer: /CN=962ebca2ab6218e1f1ae0687c3144454fd5d996b Certificate serial: 019B3E6C75A7B42E8F612B32D728B0B4A204 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/li68oqtiGOHxrgaHwxREVP1dmWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.mft Manifest number: 171A Signing time: Sun 21 Dec 2025 01:00:53 +0000 Manifest this update: Sun 21 Dec 2025 01:00:53 +0000 Manifest next update: Mon 22 Dec 2025 01:00:53 +0000 Files and hashes: 1: li68oqtiGOHxrgaHwxREVP1dmWs.crl (hash: CZn24Aloc8rTmvkjyt8fkTai99i0hRScPBs1X4yiKwo=) 2: o2GAlRjqrWRT3XBGB9RwTDs_Ew0.roa (hash: HIy6rjCdEt9bpDveV9D2228Lv0B3K1QWnfoHF9Amb5w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.mft rsync://rpki.ripe.net/repository/DEFAULT/li68oqtiGOHxrgaHwxREVP1dmWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 01:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:75:a7:b4:2e:8f:61:2b:32:d7:28:b0:b4:a2:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=962ebca2ab6218e1f1ae0687c3144454fd5d996b Validity Not Before: Dec 21 01:00:53 2025 GMT Not After : Dec 22 01:00:53 2025 GMT Subject: CN=cd51ced9551ee46b11f58d903dcd150c852b1bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ce:03:b3:d2:2c:8b:8e:05:18:51:8a:67:33: c2:67:f3:7c:e5:ce:3d:7a:fa:f0:f9:64:66:8a:3a: b0:c2:47:9e:2d:2e:11:5f:9b:e6:ea:ce:c2:88:85: 63:cc:bd:05:e8:03:51:79:e3:e3:f9:68:4e:9e:a8: e9:35:48:5b:22:bb:51:95:02:8c:29:fc:b1:d7:ec: 38:e4:58:b9:67:5f:ab:ed:c1:dc:cb:da:6b:46:81: e7:47:1c:66:92:8e:fe:3b:6e:92:2b:f3:2b:a4:f7: 7d:de:5d:70:a7:b2:0f:ba:db:0a:5f:bf:d1:39:91: f2:86:2f:98:42:ff:26:71:59:8e:08:92:b0:10:df: 8d:ef:52:03:74:b9:de:b7:60:4f:2a:75:00:9b:3b: 43:1d:29:c3:39:1d:9c:a7:7e:76:9f:aa:af:60:1d: bc:b4:b9:0a:1c:19:a1:a5:50:a0:63:74:1e:b7:6a: 44:ec:4b:25:1a:ee:b1:6a:dd:54:6a:0c:27:90:83: 6d:8f:b6:31:61:76:fb:38:d4:ab:ba:d6:92:b4:4b: be:40:18:43:68:c5:76:91:66:5c:b4:c4:14:83:16: ad:72:cb:e7:04:05:69:b2:01:89:39:1b:79:1b:26: 6e:23:e7:6c:61:e8:2c:79:ea:4d:aa:06:32:91:8e: 22:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:51:CE:D9:55:1E:E4:6B:11:F5:8D:90:3D:CD:15:0C:85:2B:1B:D7 X509v3 Authority Key Identifier: keyid:96:2E:BC:A2:AB:62:18:E1:F1:AE:06:87:C3:14:44:54:FD:5D:99:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/li68oqtiGOHxrgaHwxREVP1dmWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/560ac6-194f-4b1b-b5ac-fd87b7335955/1/li68oqtiGOHxrgaHwxREVP1dmWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:02:e5:c7:e0:28:d6:3d:a4:09:d0:24:c7:b6:99:c7:d0:89: 21:bd:24:53:11:50:99:bb:3c:9b:59:af:88:ba:45:8c:70:9f: 1d:f1:c8:15:9a:c3:55:2d:2f:38:b2:f0:02:f9:3f:4c:55:d6: 0d:a8:03:ba:c0:31:06:7e:82:5a:01:a3:c1:bb:b0:9f:3f:62: 0b:d8:72:0e:16:ae:a1:91:c3:55:3b:ad:b8:88:b2:b6:0c:f7: c3:ee:35:06:a3:d0:32:71:f7:16:0d:44:fd:8d:18:32:1d:2b: 0d:fa:ba:be:32:30:00:0c:73:75:0e:e6:1e:2a:5d:e5:fd:e0: 31:78:ca:93:d4:2a:2b:c5:ad:4e:76:e7:5a:e8:89:b8:be:38: f3:18:76:2a:f5:6f:b4:86:f7:0d:9d:dd:10:fd:fe:d0:aa:26: a5:0f:54:8f:34:46:a0:ec:c3:76:d4:f3:b7:63:f4:bf:5f:c6: 46:a7:69:ba:7f:03:9e:e1:3d:e9:c3:c7:61:21:0c:f9:0b:ec: 49:00:47:1c:52:5b:bb:e8:30:f3:c5:66:06:49:04:bc:92:b1: 84:96:b1:95:4b:ca:e0:5b:06:bc:1f:03:2d:22:76:81:dc:42: cc:7d:9c:2a:b6:c0:f8:05:f5:d5:da:49:f9:b6:44:7b:eb:0b: 88:13:9e:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bHWntC6PYSsy1yiwtKIEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2MmViY2EyYWI2MjE4ZTFmMWFlMDY4N2MzMTQ0NDU0ZmQ1 ZDk5NmIwHhcNMjUxMjIxMDEwMDUzWhcNMjUxMjIyMDEwMDUzWjAzMTEwLwYDVQQD EyhjZDUxY2VkOTU1MWVlNDZiMTFmNThkOTAzZGNkMTUwYzg1MmIxYmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM4Ds9Isi44FGFGKZzPCZ/N85c49 evrw+WRmijqwwkeeLS4RX5vm6s7CiIVjzL0F6ANReePj+WhOnqjpNUhbIrtRlQKM Kfyx1+w45Fi5Z1+r7cHcy9prRoHnRxxmko7+O26SK/MrpPd93l1wp7IPutsKX7/R OZHyhi+YQv8mcVmOCJKwEN+N71IDdLnet2BPKnUAmztDHSnDOR2cp352n6qvYB28 tLkKHBmhpVCgY3Qet2pE7EslGu6xat1UagwnkINtj7YxYXb7ONSrutaStEu+QBhD aMV2kWZctMQUgxatcsvnBAVpsgGJORt5GyZuI+dsYegseepNqgYykY4iGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1RztlVHuRrEfWNkD3NFQyFKxvXMB8GA1UdIwQY MBaAFJYuvKKrYhjh8a4Gh8MURFT9XZlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGk2OG9xdGlHT0h4cmdhSHd4UkVWUDFkbVdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81NjBhYzYtMTk0Zi00YjFiLWI1YWMt ZmQ4N2I3MzM1OTU1LzEvbGk2OG9xdGlHT0h4cmdhSHd4UkVWUDFkbVdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy81NjBhYzYtMTk0Zi00YjFiLWI1YWMtZmQ4N2I3MzM1OTU1 LzEvbGk2OG9xdGlHT0h4cmdhSHd4UkVWUDFkbVdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwLlx+Ao 1j2kCdAkx7aZx9CJIb0kUxFQmbs8m1mviLpFjHCfHfHIFZrDVS0vOLLwAvk/TFXW DagDusAxBn6CWgGjwbuwnz9iC9hyDhauoZHDVTutuIiytgz3w+41BqPQMnH3Fg1E /Y0YMh0rDfq6vjIwAAxzdQ7mHipd5f3gMXjKk9QqK8WtTnbnWuiJuL448xh2KvVv tIb3DZ3dEP3+0KompQ9UjzRGoOzDdtTzt2P0v1/GRqdpun8DnuE96cPHYSEM+Qvs SQBHHFJbu+gw88VmBkkEvJKxhJaxlUvK4FsGvB8DLSJ2gdxCzH2cKrbA+AX11dpJ +bZEe+sLiBOeVg== -----END CERTIFICATE-----Generated at Sun Dec 21 11:17:55 2025 by rpki-client