This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft File: LdrykZbO5YxjJjDwK-69C1p1qdk.mft (raw, json) Hash identifier: Rlsmy7qf6uaTzU836RR4lMlFrB5PMkssmmfI5q4OWM4= Subject key identifier: 41:11:4B:D2:4D:3B:AE:49:C5:88:3D:22:91:85:22:60:77:23:02:13 Authority key identifier: 2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9 Certificate issuer: /CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9 Certificate serial: 019AF31D0E77C68311F8543C1FCB55693ABD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft Manifest number: 01F1 Signing time: Sat 06 Dec 2025 10:02:38 +0000 Manifest this update: Sat 06 Dec 2025 10:02:38 +0000 Manifest next update: Sun 07 Dec 2025 10:02:38 +0000 Files and hashes: 1: LdrykZbO5YxjJjDwK-69C1p1qdk.crl (hash: 8I4LTNttMw7XeKrQ7UYS4/As6d4pyAh9KO7CjpWAfrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:0e:77:c6:83:11:f8:54:3c:1f:cb:55:69:3a:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9 Validity Not Before: Dec 6 10:02:38 2025 GMT Not After : Dec 7 10:02:38 2025 GMT Subject: CN=41114bd24d3bae49c5883d229185226077230213 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9b:c0:a6:3a:e1:23:28:00:fa:9e:48:5b:26: ac:12:46:2b:37:e6:f4:22:55:83:bb:9a:53:e5:ad: c7:b9:c2:aa:30:e8:93:a8:27:96:bb:d3:bf:78:47: 01:11:0c:e3:9b:91:73:84:b0:66:2c:1e:2b:51:1b: f6:51:d8:6c:7f:27:7d:ca:66:c9:cd:ad:94:90:2f: 5c:0f:bf:b7:47:27:dc:9c:c8:61:a2:29:86:e3:a7: 48:93:65:31:11:26:83:e5:70:00:c2:f8:00:40:0b: 32:76:d5:c1:b1:ef:54:95:29:3a:a4:e7:a9:4f:2a: c2:72:d4:0c:18:ba:0d:05:c6:71:88:bb:f5:1e:b3: d5:91:86:bc:2e:e4:73:97:6d:1c:5b:38:0d:ba:42: 31:1b:e6:01:fd:1e:f7:09:75:65:d8:03:15:86:4d: 73:09:dc:0b:df:82:0f:73:7f:7c:f7:90:d6:cc:50: 2d:6e:88:d2:3e:7c:64:ce:8d:82:08:db:9c:ee:f7: d3:59:dd:71:ae:11:b8:ff:1e:95:45:22:ae:41:94: 0c:71:af:f0:32:bf:cb:2f:f6:c4:5b:31:21:14:99: 16:8b:e6:1e:b7:6f:f7:f0:e3:6f:19:e3:8b:62:0e: a3:87:95:ec:63:2b:b7:d8:6c:b3:ff:e3:f3:98:cf: fc:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:11:4B:D2:4D:3B:AE:49:C5:88:3D:22:91:85:22:60:77:23:02:13 X509v3 Authority Key Identifier: keyid:2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:73:12:ee:82:fc:04:3d:29:ab:c4:bc:ae:4c:b2:a1:66:3a: 3a:c5:eb:21:16:75:ee:d9:20:b8:4f:e6:95:dc:55:b1:51:d0: fa:f2:e0:aa:81:ee:6d:06:b9:d6:96:73:f4:19:c9:83:88:2e: 82:0d:2c:17:6d:78:5c:7b:96:4e:90:d1:10:4c:1e:2c:ec:7b: 4b:f1:15:82:ad:f7:9d:26:39:9e:dc:4b:ba:cb:3c:9c:16:df: c9:e9:bf:2b:0f:47:f0:b6:e6:80:68:44:a9:35:7b:bf:7b:1d: 17:d2:e0:bc:59:da:1e:ea:f7:8f:2f:e6:0d:92:ea:f5:4b:96: 23:b8:61:42:a6:cb:77:25:40:a2:58:17:a8:17:b7:95:4b:4f: fc:c2:57:20:27:5a:1f:c7:a3:ef:0b:45:8e:86:a4:73:d9:f4: 48:f2:f9:f2:03:0c:4e:2b:57:09:55:41:6d:ba:72:79:f3:c8: 55:a4:1c:3e:90:c2:4c:a2:95:94:d5:48:14:e5:10:85:7b:6f: 2e:94:dc:72:c4:82:30:be:a7:e1:74:32:12:f6:1c:42:37:e9: be:71:eb:ce:b8:96:42:03:55:b1:90:3a:f7:7b:d8:b4:b2:83: 4f:47:39:5a:3a:35:3a:05:2b:e0:30:a6:48:db:9a:04:cc:28: b3:4c:65:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHQ53xoMR+FQ8H8tVaTq9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZGFmMjkxOTZjZWU1OGM2MzI2MzBmMDJiZWViZDBiNWE3 NWE5ZDkwHhcNMjUxMjA2MTAwMjM4WhcNMjUxMjA3MTAwMjM4WjAzMTEwLwYDVQQD Eyg0MTExNGJkMjRkM2JhZTQ5YzU4ODNkMjI5MTg1MjI2MDc3MjMwMjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5vApjrhIygA+p5IWyasEkYrN+b0 IlWDu5pT5a3HucKqMOiTqCeWu9O/eEcBEQzjm5FzhLBmLB4rURv2Udhsfyd9ymbJ za2UkC9cD7+3RyfcnMhhoimG46dIk2UxESaD5XAAwvgAQAsydtXBse9UlSk6pOep TyrCctQMGLoNBcZxiLv1HrPVkYa8LuRzl20cWzgNukIxG+YB/R73CXVl2AMVhk1z CdwL34IPc39895DWzFAtbojSPnxkzo2CCNuc7vfTWd1xrhG4/x6VRSKuQZQMca/w Mr/LL/bEWzEhFJkWi+Yet2/38ONvGeOLYg6jh5XsYyu32Gyz/+PzmM/8HQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEERS9JNO65JxYg9IpGFImB3IwITMB8GA1UdIwQY MBaAFC3a8pGWzuWMYyYw8CvuvQtadanZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUt ODQwMTk1MmFjODk3LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUtODQwMTk1MmFjODk3 LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnMS7oL8 BD0pq8S8rkyyoWY6OsXrIRZ17tkguE/mldxVsVHQ+vLgqoHubQa51pZz9BnJg4gu gg0sF214XHuWTpDREEweLOx7S/EVgq33nSY5ntxLuss8nBbfyem/Kw9H8LbmgGhE qTV7v3sdF9LgvFnaHur3jy/mDZLq9UuWI7hhQqbLdyVAolgXqBe3lUtP/MJXICda H8ej7wtFjoakc9n0SPL58gMMTitXCVVBbbpyefPIVaQcPpDCTKKVlNVIFOUQhXtv LpTccsSCML6n4XQyEvYcQjfpvnHrzriWQgNVsZA693vYtLKDT0c5Wjo1OgUr4DCm SNuaBMwos0xlGw== -----END CERTIFICATE-----Generated at Sat Dec 6 19:32:31 2025 by rpki-client