This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft File: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json) Hash identifier: Ep2avWhLwIYxqp3jErX8o81Bg8AFbdIA5M5ID9BHNpc= Subject key identifier: F5:72:7D:AB:0B:C3:C9:7B:2D:59:71:4F:39:27:EF:D2:09:62:1C:D3 Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C Certificate issuer: /CN=954cf721c08c8e9bc5242d56196677217350455c Certificate serial: 019AF31C3362A28F08E1EBACAFF56B57A966 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft Manifest number: 0781 Signing time: Sat 06 Dec 2025 10:01:42 +0000 Manifest this update: Sat 06 Dec 2025 10:01:42 +0000 Manifest next update: Sun 07 Dec 2025 10:01:42 +0000 Files and hashes: 1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: 6QqU9+mrq7bYBhicF/2qHZe6/NEq9Dof9cxjqauf5Ds=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:33:62:a2:8f:08:e1:eb:ac:af:f5:6b:57:a9:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c Validity Not Before: Dec 6 10:01:42 2025 GMT Not After : Dec 7 10:01:42 2025 GMT Subject: CN=f5727dab0bc3c97b2d59714f3927efd209621cd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3d:5f:77:ab:12:e8:e3:13:c6:df:23:68:56: 95:13:95:ba:03:67:ad:28:68:2b:2a:1f:6b:a9:44: 64:be:b3:00:fd:8d:5c:99:01:ed:6c:62:71:ea:83: 32:6a:8c:a1:bb:e2:ca:5f:1b:02:e5:b5:7f:cc:34: e8:67:28:a5:a2:e0:f2:a4:79:2e:49:5e:a2:f9:d9: 20:6a:55:8f:71:b4:0a:ec:00:67:07:25:11:5e:a5: 35:df:75:c2:a0:6b:6b:c1:f8:85:cb:29:3a:9a:c4: 32:c4:c6:e5:43:f9:1c:e5:04:4a:1c:55:48:13:d6: 94:dc:12:9e:5e:55:d5:26:5d:69:c5:3a:cb:46:ff: 6d:6d:28:d4:ca:85:8a:52:44:9e:9f:88:5c:23:a3: f9:d4:6f:18:44:0e:83:97:72:f4:80:11:31:5e:f9: 28:ef:62:d2:d4:c2:88:91:d5:98:0a:60:08:b8:ea: 97:d3:4f:a2:49:9e:d4:06:fd:47:5d:cd:a7:0a:b9: 28:ce:1b:fa:51:ee:c2:be:73:b4:3e:d8:87:5d:47: 1c:9c:c9:fe:43:9d:b8:c1:84:05:37:d3:65:85:eb: 14:a6:13:f4:43:ff:b0:a9:f9:0c:db:7c:81:eb:e7: e6:ff:33:b3:19:d8:ac:14:f5:c2:96:78:a9:be:ef: 44:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:72:7D:AB:0B:C3:C9:7B:2D:59:71:4F:39:27:EF:D2:09:62:1C:D3 X509v3 Authority Key Identifier: keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:f1:77:d0:cc:4e:d8:c1:f8:f8:9c:32:6e:fb:8f:bb:b6:7f: 1f:93:12:2a:c0:fd:61:fd:8f:e1:e1:7a:97:0f:95:db:c4:20: ac:d4:90:0b:88:58:a7:ea:e5:9d:7d:dc:3c:cc:c8:b7:7b:86: 06:e6:5b:01:2e:67:45:07:0c:ec:50:16:be:3d:7b:87:54:7c: 07:65:55:71:e9:fd:32:92:bf:37:a3:e2:7b:e2:63:20:68:3c: 50:b2:3a:5c:0c:b8:49:5c:04:5a:fd:ce:36:1e:98:25:a8:e5: db:e7:06:f0:c0:1b:76:b3:72:cc:06:28:59:2a:2c:45:02:61: 75:3d:d5:b4:34:d2:d9:7c:36:a2:09:e0:df:e7:d0:e0:ea:f6: 92:f7:0d:52:13:a7:79:47:f0:13:97:21:79:43:fc:a9:91:c0: ad:9a:98:9a:9e:31:5e:42:2e:c6:a9:19:32:bc:ce:7c:05:6a: 38:6a:af:eb:22:66:37:2c:3c:b6:1e:1b:40:bd:7a:b1:16:e3: f8:3d:89:97:f9:96:aa:5d:78:1b:f0:6f:70:dd:77:1a:a7:4b: 2d:1d:e9:40:b7:cf:e1:7a:79:c1:bf:de:63:df:d6:59:af:28: 4e:01:8a:ed:cd:e4:8b:45:54:c7:f1:e1:d6:49:7e:60:6a:a7: 33:b7:5a:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHDNioo8I4eusr/VrV6lmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1 MDQ1NWMwHhcNMjUxMjA2MTAwMTQyWhcNMjUxMjA3MTAwMTQyWjAzMTEwLwYDVQQD EyhmNTcyN2RhYjBiYzNjOTdiMmQ1OTcxNGYzOTI3ZWZkMjA5NjIxY2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj1fd6sS6OMTxt8jaFaVE5W6A2et KGgrKh9rqURkvrMA/Y1cmQHtbGJx6oMyaoyhu+LKXxsC5bV/zDToZyilouDypHku SV6i+dkgalWPcbQK7ABnByURXqU133XCoGtrwfiFyyk6msQyxMblQ/kc5QRKHFVI E9aU3BKeXlXVJl1pxTrLRv9tbSjUyoWKUkSen4hcI6P51G8YRA6Dl3L0gBExXvko 72LS1MKIkdWYCmAIuOqX00+iSZ7UBv1HXc2nCrkozhv6Ue7CvnO0PtiHXUccnMn+ Q524wYQFN9NlhesUphP0Q/+wqfkM23yB6+fm/zOzGdisFPXClnipvu9E7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPVyfasLw8l7LVlxTzkn79IJYhzTMB8GA1UdIwQY MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtfF30MxO 2MH4+JwybvuPu7Z/H5MSKsD9Yf2P4eF6lw+V28QgrNSQC4hYp+rlnX3cPMzIt3uG BuZbAS5nRQcM7FAWvj17h1R8B2VVcen9MpK/N6Pie+JjIGg8ULI6XAy4SVwEWv3O Nh6YJajl2+cG8MAbdrNyzAYoWSosRQJhdT3VtDTS2Xw2ogng3+fQ4Or2kvcNUhOn eUfwE5cheUP8qZHArZqYmp4xXkIuxqkZMrzOfAVqOGqv6yJmNyw8th4bQL16sRbj +D2Jl/mWql14G/BvcN13GqdLLR3pQLfP4Xp5wb/eY9/WWa8oTgGK7c3ki0VUx/Hh 1kl+YGqnM7dapg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:59:58 2025 by rpki-client