This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft File: lNmOj-xoB3WhVyZuDGt4sUGjT14.mft (raw, json) Hash identifier: Nw3wzKsOyu7Z407zrH1buCDQC31/C0hmQdDGT9ZPKMs= Subject key identifier: 49:8D:D7:7E:31:11:97:64:E1:F1:E5:A2:52:41:47:92:3E:81:69:32 Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e Certificate serial: 019AF19AAE8D4464CB0B355944B7074C4AF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft Manifest number: 1046 Signing time: Sat 06 Dec 2025 03:00:37 +0000 Manifest this update: Sat 06 Dec 2025 03:00:37 +0000 Manifest next update: Sun 07 Dec 2025 03:00:37 +0000 Files and hashes: 1: 0YppZtvRSXBHB8NFrLn_rzdM4Wg.roa (hash: AIX2Owt5viXo6Wp2eQTWR2x2rHaX/2g8xn17pbf1zi4=) 2: H0U-Km3rz_YtidSX7xAdJ-A_RzA.roa (hash: L4ck5kUvwk5NkXR5fk3e/8692feGx3cZZTXMDkDHo6o=) 3: jk5DLmbJDPFvDX_KRrXRzuIQONk.roa (hash: QsbO4bJZnkw7RxYXi6mJ0xpqtRhxRs42uhmxBRFdmEI=) 4: lNmOj-xoB3WhVyZuDGt4sUGjT14.crl (hash: E61NV/zT2X4wo3GVr5qdWVPuT3EoZsPjSJafsB909qk=) 5: sYNq23EbdC4t0IdwpQDOgH5L4bA.roa (hash: 0lkFdLqNWcSIUxzZEBi9m/kq7AF/EimUAe9h4IymUms=) 6: uNzKfKgIpPbpXrUU6oGeZECqr9M.roa (hash: s2axTj5E8SUZbZUz5S5Jplmoh/pA2RgMQVViMaq+JJo=) 7: vP0VJrJmKW9-lmRN_sGvd9GiOjQ.roa (hash: olwIbl5Siou5wUh96CRmMWnDTZ9SiZIYbaP5/hjT0zA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:ae:8d:44:64:cb:0b:35:59:44:b7:07:4c:4a:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e Validity Not Before: Dec 6 03:00:37 2025 GMT Not After : Dec 7 03:00:37 2025 GMT Subject: CN=498dd77e31119764e1f1e5a2524147923e816932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:0c:67:5c:63:32:e8:2e:8a:8b:03:09:eb:e2: 0f:4e:2b:74:4e:ef:83:5a:d9:c5:57:52:08:02:13: 17:71:46:cc:a6:5f:db:28:cb:06:61:b1:2e:68:27: 6d:df:95:69:c6:a2:bb:23:b9:b4:db:50:8a:ad:84: 0c:c5:ed:1a:13:25:47:16:bd:bc:6c:b6:08:dd:9d: 2c:84:22:e9:ea:9d:f5:38:d5:dc:b5:45:12:43:4e: 14:d8:56:01:57:46:8f:75:52:5c:4a:d1:d6:f5:81: 8f:ad:f0:e5:b8:db:cc:32:c3:59:9a:9b:85:89:87: 80:98:43:81:b7:30:ce:0b:66:23:55:04:8f:96:8d: 58:28:5f:2a:75:ad:de:1b:96:75:54:29:60:49:d3: b4:64:3e:5e:db:44:c6:86:5e:13:7f:21:17:67:8e: 1c:7d:91:29:8b:ae:3d:a8:3c:e5:94:3a:72:10:3c: 7e:26:61:b8:45:31:a7:c3:fe:d6:cf:93:5e:dd:e0: 5f:ba:44:8d:e1:5f:06:8b:36:0e:74:07:08:0d:fd: 00:a3:46:3f:72:d8:30:a7:4e:08:5f:72:a9:b0:4c: 74:f7:40:ae:ec:f4:eb:2b:52:bd:b9:fc:f0:cb:0d: 4f:a9:d4:74:21:38:88:e7:a7:00:d1:52:bb:14:92: 0a:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:8D:D7:7E:31:11:97:64:E1:F1:E5:A2:52:41:47:92:3E:81:69:32 X509v3 Authority Key Identifier: keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:b4:a5:cc:68:16:34:f0:57:ec:d4:4f:eb:f1:de:72:12:36: 4c:70:18:0c:e7:98:fd:11:0d:c9:fb:fe:cc:50:bc:94:3b:3f: d5:5b:3b:0a:c3:82:18:84:85:38:de:e9:47:59:1d:1e:a3:80: c8:22:5e:8c:16:bf:d3:22:c8:26:4b:f2:95:02:84:b8:72:db: e4:47:5e:95:a5:7f:01:a8:ad:e0:cf:5c:e1:70:a0:0a:8d:f3: 97:e3:fd:15:05:81:6d:1e:77:a2:45:84:83:e5:c6:68:f3:75: 3c:60:35:0a:c1:bf:8d:e0:89:08:78:d4:45:58:6f:4e:96:4b: 72:74:c2:a3:5a:c6:e4:1b:1b:9a:12:5a:10:6a:79:6f:7d:44: 34:17:20:db:1c:4b:45:38:e5:7a:25:c0:0b:de:b0:e0:6d:61: d4:83:9c:27:d9:ea:f5:26:e6:3c:89:f1:b8:63:33:09:c2:f2: f5:65:b0:d8:39:eb:bb:b2:92:b8:30:fe:30:d5:1b:70:6e:86: 8d:6f:54:94:b3:23:99:61:e7:82:49:53:84:2d:fb:be:21:d7: 32:48:90:f0:59:db:f8:dc:48:5a:01:32:fc:ac:80:d3:a5:6a: 7f:e9:24:64:f1:14:96:01:d3:eb:07:2d:ab:0f:77:e6:66:d9: 3d:ae:81:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmq6NRGTLCzVZRLcHTEr3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh MzRmNWUwHhcNMjUxMjA2MDMwMDM3WhcNMjUxMjA3MDMwMDM3WjAzMTEwLwYDVQQD Eyg0OThkZDc3ZTMxMTE5NzY0ZTFmMWU1YTI1MjQxNDc5MjNlODE2OTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwxnXGMy6C6KiwMJ6+IPTit0Tu+D WtnFV1IIAhMXcUbMpl/bKMsGYbEuaCdt35VpxqK7I7m021CKrYQMxe0aEyVHFr28 bLYI3Z0shCLp6p31ONXctUUSQ04U2FYBV0aPdVJcStHW9YGPrfDluNvMMsNZmpuF iYeAmEOBtzDOC2YjVQSPlo1YKF8qda3eG5Z1VClgSdO0ZD5e20TGhl4TfyEXZ44c fZEpi649qDzllDpyEDx+JmG4RTGnw/7Wz5Ne3eBfukSN4V8GizYOdAcIDf0Ao0Y/ ctgwp04IX3KpsEx090Cu7PTrK1K9ufzwyw1PqdR0ITiI56cA0VK7FJIKewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEmN134xEZdk4fHlolJBR5I+gWkyMB8GA1UdIwQY MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt ODdkMTdkZjc0YzdlLzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrSlzGgW NPBX7NRP6/HechI2THAYDOeY/RENyfv+zFC8lDs/1Vs7CsOCGISFON7pR1kdHqOA yCJejBa/0yLIJkvylQKEuHLb5EdelaV/Aait4M9c4XCgCo3zl+P9FQWBbR53okWE g+XGaPN1PGA1CsG/jeCJCHjURVhvTpZLcnTCo1rG5BsbmhJaEGp5b31ENBcg2xxL RTjleiXAC96w4G1h1IOcJ9nq9SbmPInxuGMzCcLy9WWw2Dnru7KSuDD+MNUbcG6G jW9UlLMjmWHngklThC37viHXMkiQ8Fnb+NxIWgEy/KyA06Vqf+kkZPEUlgHT6wct qw935mbZPa6Bqw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:33 2025 by rpki-client