This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft File: LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json) Hash identifier: 6ytez77GVIufg4HkKstCanMOqf8tS3scxHxtYfLhpAk= Subject key identifier: BC:41:C9:40:1B:D8:3D:57:2A:AE:BB:DD:3A:DE:DB:C3:86:EB:E7:F5 Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79 Certificate issuer: /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979 Certificate serial: 019AF42E1551AFB5CF30FD2FABC32B127116 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft Manifest number: 073A Signing time: Sat 06 Dec 2025 15:00:52 +0000 Manifest this update: Sat 06 Dec 2025 15:00:52 +0000 Manifest next update: Sun 07 Dec 2025 15:00:52 +0000 Files and hashes: 1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: gVWN7qGZRYCUlgIEgyyf+63d9Z/XBTF+bNAHgFlpaUo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:15:51:af:b5:cf:30:fd:2f:ab:c3:2b:12:71:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979 Validity Not Before: Dec 6 15:00:52 2025 GMT Not After : Dec 7 15:00:52 2025 GMT Subject: CN=bc41c9401bd83d572aaebbdd3adedbc386ebe7f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:56:b2:cb:20:b1:c4:f2:0b:e2:a4:b5:99:43: bf:a9:61:7d:e1:15:8f:f8:9e:d6:75:e2:65:eb:07: 76:a5:b2:61:fa:7c:0d:45:92:91:e8:b9:11:95:a9: 9f:db:02:31:c4:8c:35:66:68:e0:e9:24:47:66:5b: 74:a9:99:17:fd:50:19:b6:95:f2:39:47:b7:25:d6: 4b:2f:29:45:1d:3f:82:e0:67:d2:75:30:61:2b:ef: 6a:43:41:8a:ac:c5:3c:70:ad:15:6b:35:8f:b4:d9: 1f:0d:8b:29:5a:95:0b:c0:de:19:f5:4e:39:a5:26: 37:d5:33:f6:f6:8a:80:f8:34:aa:b0:85:07:d8:04: 3f:63:67:6f:fd:f3:2c:19:99:62:0b:20:9f:53:de: c2:aa:ed:8a:e3:c0:d2:8b:82:ff:ea:52:0b:04:6a: df:1a:4a:71:2b:88:76:1e:a7:96:d7:41:4c:84:d9: 2b:3e:95:e5:80:3a:a7:46:99:48:ca:b4:30:05:1f: 86:65:f7:ba:93:41:35:e6:ee:90:d7:14:89:83:fd: 8b:2f:f3:56:8e:9e:ab:2c:01:80:23:85:d7:35:0f: 95:b8:66:be:1e:c4:92:67:f5:6e:36:9f:c5:5c:8e: a4:fd:c1:ae:e5:1d:9f:4b:bc:7d:ba:9a:de:3e:72: d4:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:41:C9:40:1B:D8:3D:57:2A:AE:BB:DD:3A:DE:DB:C3:86:EB:E7:F5 X509v3 Authority Key Identifier: keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:21:0d:da:08:9b:0a:10:65:e1:36:e9:9e:e3:14:0c:15:e6: f7:a3:7c:b6:ba:21:8b:c0:a6:6d:fe:35:5d:49:71:cc:4a:23: 7f:80:89:5f:f7:21:f5:4a:84:42:e0:cf:bc:95:d6:18:c5:60: 06:56:9e:93:c1:d4:d9:84:12:15:b1:15:64:10:da:dd:ea:2a: 53:17:61:c3:f0:c3:aa:65:83:e0:22:76:3a:07:3f:56:76:85: 2a:5f:21:80:34:3c:69:09:50:9c:91:76:aa:f1:27:84:2e:2a: 2f:7d:09:ad:ec:50:bf:60:1a:a8:ec:45:be:dc:0d:af:5e:56: b4:06:73:0d:a9:6a:90:2d:cf:41:6d:a1:79:fe:62:6a:34:5e: 0c:b3:e1:de:3f:5d:a9:b9:bb:2b:c4:f9:aa:13:77:27:38:df: a8:1c:58:78:6a:c8:c2:eb:be:86:30:a3:e9:2f:55:fc:34:21: 5c:f8:8f:50:1d:08:72:b5:6e:06:0f:cd:de:47:b1:87:92:b8: 64:dd:75:4a:f1:62:8f:09:cc:55:e4:44:2e:48:8d:11:fc:11: 8a:74:f8:32:3f:8a:33:e1:5d:fd:c6:eb:dc:7b:16:3d:49:89: 74:12:21:4a:05:fc:1d:9c:d0:03:77:97:b1:15:05:85:13:0c: d5:d4:7b:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LhVRr7XPMP0vq8MrEnEWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2 Yjc5NzkwHhcNMjUxMjA2MTUwMDUyWhcNMjUxMjA3MTUwMDUyWjAzMTEwLwYDVQQD EyhiYzQxYzk0MDFiZDgzZDU3MmFhZWJiZGQzYWRlZGJjMzg2ZWJlN2Y1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1ayyyCxxPIL4qS1mUO/qWF94RWP +J7WdeJl6wd2pbJh+nwNRZKR6LkRlamf2wIxxIw1Zmjg6SRHZlt0qZkX/VAZtpXy OUe3JdZLLylFHT+C4GfSdTBhK+9qQ0GKrMU8cK0VazWPtNkfDYspWpULwN4Z9U45 pSY31TP29oqA+DSqsIUH2AQ/Y2dv/fMsGZliCyCfU97Cqu2K48DSi4L/6lILBGrf GkpxK4h2HqeW10FMhNkrPpXlgDqnRplIyrQwBR+GZfe6k0E15u6Q1xSJg/2LL/NW jp6rLAGAI4XXNQ+VuGa+HsSSZ/VuNp/FXI6k/cGu5R2fS7x9uprePnLUcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLxByUAb2D1XKq673Tre28OG6+f1MB8GA1UdIwQY MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2 LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsyEN2gib ChBl4TbpnuMUDBXm96N8trohi8Cmbf41XUlxzEojf4CJX/ch9UqEQuDPvJXWGMVg Blaek8HU2YQSFbEVZBDa3eoqUxdhw/DDqmWD4CJ2Ogc/VnaFKl8hgDQ8aQlQnJF2 qvEnhC4qL30JrexQv2AaqOxFvtwNr15WtAZzDalqkC3PQW2hef5iajReDLPh3j9d qbm7K8T5qhN3JzjfqBxYeGrIwuu+hjCj6S9V/DQhXPiPUB0IcrVuBg/N3kexh5K4 ZN11SvFijwnMVeRELkiNEfwRinT4Mj+KM+Fd/cbr3HsWPUmJdBIhSgX8HZzQA3eX sRUFhRMM1dR7Nw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:27:18 2025 by rpki-client