This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft File: L42NDO68zXW2BrpJaPXHlG6NR8A.mft (raw, json) Hash identifier: jhYW5BLZK9xUpj770mT9Js6mcJK+XpjXuctbMVAW37g= Subject key identifier: 70:A8:3E:30:E9:9D:53:93:05:BE:F3:82:F2:FD:71:ED:1D:8B:18:6C Authority key identifier: 2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0 Certificate issuer: /CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0 Certificate serial: 019AF49C2A766F6193EC1995FA8DAB432A34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft Manifest number: 0D50 Signing time: Sat 06 Dec 2025 17:01:06 +0000 Manifest this update: Sat 06 Dec 2025 17:01:06 +0000 Manifest next update: Sun 07 Dec 2025 17:01:06 +0000 Files and hashes: 1: KvErQkIa-7bptS15YPSXyRA9CSc.roa (hash: oCFio8e2SnoXuYWAJDUSo/+OUQCG41H/KpmIERPwk3M=) 2: L42NDO68zXW2BrpJaPXHlG6NR8A.crl (hash: DfNMrZ/qPlt0Ch/4K4yEW9ZC1LLzJ1tZ/f48Ude/uyc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.crl rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:2a:76:6f:61:93:ec:19:95:fa:8d:ab:43:2a:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f8d8d0ceebccd75b606ba4968f5c7946e8d47c0 Validity Not Before: Dec 6 17:01:06 2025 GMT Not After : Dec 7 17:01:06 2025 GMT Subject: CN=70a83e30e99d539305bef382f2fd71ed1d8b186c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:83:93:86:ee:40:55:e9:c2:74:66:50:42:8c: 7e:45:83:57:15:3b:bd:56:87:9b:a8:f8:48:49:27: af:44:9c:66:be:ec:01:a7:c6:0e:91:7d:41:1e:cc: 1e:fa:da:cb:d7:46:11:c4:ee:ab:78:69:e4:ea:f1: fb:77:6f:fe:d6:6f:1d:18:af:a2:b6:7a:74:b4:27: 66:05:65:3a:7b:21:af:52:4a:2e:31:9e:53:2e:44: 7a:8a:ef:04:82:6a:71:7c:95:e2:3a:77:c7:d3:c1: 0a:7e:89:8e:63:ca:f2:94:5b:05:bb:57:fb:04:60: 6a:4c:37:99:18:19:22:32:11:a8:22:13:df:3c:72: ef:88:e7:ee:be:b3:4a:2f:7d:f8:48:fd:da:14:dc: 7d:74:68:ab:fa:5b:1e:db:03:9c:c4:1b:c0:b0:99: 9a:f9:29:60:2d:48:00:30:e7:74:c9:e7:60:22:65: 8a:db:ca:3c:7a:58:69:69:1b:1f:09:98:97:7f:45: 46:70:33:1e:4e:70:bf:15:50:af:c4:7f:66:14:78: 4f:00:41:62:2a:7d:fd:d5:e1:9d:97:0a:31:e0:e5: b8:e5:72:e9:74:b5:db:da:21:20:ad:36:34:e9:04: 3b:03:0d:ca:eb:1e:1b:bc:40:cd:1f:7f:3f:2a:0f: 3f:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:A8:3E:30:E9:9D:53:93:05:BE:F3:82:F2:FD:71:ED:1D:8B:18:6C X509v3 Authority Key Identifier: keyid:2F:8D:8D:0C:EE:BC:CD:75:B6:06:BA:49:68:F5:C7:94:6E:8D:47:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L42NDO68zXW2BrpJaPXHlG6NR8A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f3bbd-4a61-42c5-8b07-3cbd5257b03e/1/L42NDO68zXW2BrpJaPXHlG6NR8A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:ce:ee:26:6f:63:fc:13:ac:2d:e2:d6:37:5a:99:96:ff:4b: f9:f7:c4:50:84:ea:40:be:9b:c9:13:8a:2a:a6:bb:ef:05:05: 20:53:ec:35:0d:a7:6f:4d:10:fa:5c:67:b5:36:55:6f:e3:06: 07:3a:a5:43:26:f5:b5:e9:9b:a1:46:5f:74:e5:17:a9:88:50: 34:47:ed:3c:d9:ae:83:0b:0a:ed:a5:76:e2:6e:83:f3:37:9a: ae:3d:26:98:29:57:94:46:74:bf:e1:73:af:50:10:86:7b:a5: 75:e4:18:a5:04:20:f8:6d:aa:66:8d:3a:80:3d:ef:96:c4:fa: b7:ae:2d:c9:90:46:c7:8e:54:d2:b0:84:3b:8f:a7:c4:9f:7d: f3:49:90:e6:2e:8f:b2:6e:90:57:5c:7c:2a:78:4a:41:54:ed: 06:32:9d:f5:6b:59:7e:1d:dc:01:5b:3b:92:df:f9:c0:30:ca: 31:5b:90:3e:94:ff:c7:d8:fa:1c:ae:36:ed:53:63:24:82:0b: 9e:62:f7:5c:30:6f:15:03:cb:2e:4c:65:68:76:2d:05:9b:72: 83:da:b2:ab:87:37:13:a5:f9:86:f6:26:cf:08:46:8d:88:8f: ac:22:97:ea:33:95:7a:a3:d3:d9:33:cb:a3:f7:b3:86:5d:fd: e0:94:89:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nCp2b2GT7BmV+o2rQyo0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmOGQ4ZDBjZWViY2NkNzViNjA2YmE0OTY4ZjVjNzk0NmU4 ZDQ3YzAwHhcNMjUxMjA2MTcwMTA2WhcNMjUxMjA3MTcwMTA2WjAzMTEwLwYDVQQD Eyg3MGE4M2UzMGU5OWQ1MzkzMDViZWYzODJmMmZkNzFlZDFkOGIxODZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYOThu5AVenCdGZQQox+RYNXFTu9 VoebqPhISSevRJxmvuwBp8YOkX1BHswe+trL10YRxO6reGnk6vH7d2/+1m8dGK+i tnp0tCdmBWU6eyGvUkouMZ5TLkR6iu8EgmpxfJXiOnfH08EKfomOY8rylFsFu1f7 BGBqTDeZGBkiMhGoIhPfPHLviOfuvrNKL334SP3aFNx9dGir+lse2wOcxBvAsJma +SlgLUgAMOd0yedgImWK28o8elhpaRsfCZiXf0VGcDMeTnC/FVCvxH9mFHhPAEFi Kn391eGdlwox4OW45XLpdLXb2iEgrTY06QQ7Aw3K6x4bvEDNH38/Kg8/pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHCoPjDpnVOTBb7zgvL9ce0dixhsMB8GA1UdIwQY MBaAFC+NjQzuvM11tga6SWj1x5RujUfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDct M2NiZDUyNTdiMDNlLzEvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni80ZjNiYmQtNGE2MS00MmM1LThiMDctM2NiZDUyNTdiMDNl LzEvTDQyTkRPNjh6WFcyQnJwSmFQWEhsRzZOUjhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN87uJm9j /BOsLeLWN1qZlv9L+ffEUITqQL6byROKKqa77wUFIFPsNQ2nb00Q+lxntTZVb+MG BzqlQyb1temboUZfdOUXqYhQNEftPNmugwsK7aV24m6D8zearj0mmClXlEZ0v+Fz r1AQhnuldeQYpQQg+G2qZo06gD3vlsT6t64tyZBGx45U0rCEO4+nxJ9980mQ5i6P sm6QV1x8KnhKQVTtBjKd9WtZfh3cAVs7kt/5wDDKMVuQPpT/x9j6HK427VNjJIIL nmL3XDBvFQPLLkxlaHYtBZtyg9qyq4c3E6X5hvYmzwhGjYiPrCKX6jOVeqPT2TPL o/ezhl394JSJNg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:50:40 2025 by rpki-client