This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft File: l9nve9MDJN7fcLrOS72ldgwyaxo.mft (raw, json) Hash identifier: MVoHCQAaW3RyBuL2IgUGfJZI2iLFpsTDgiKPIjlrC8E= Subject key identifier: BA:E2:7F:82:72:7E:8E:50:CB:42:C4:A4:AE:50:95:5F:D6:BB:28:FC Authority key identifier: 97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A Certificate issuer: /CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a Certificate serial: 019AF49C03A6BD59BA11184A013B13FCD563 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft Manifest number: 102A Signing time: Sat 06 Dec 2025 17:00:56 +0000 Manifest this update: Sat 06 Dec 2025 17:00:56 +0000 Manifest next update: Sun 07 Dec 2025 17:00:56 +0000 Files and hashes: 1: N0s8xKfa_bF09tlRJvpRIiwnl5w.roa (hash: 90x2GkpRoKN6DUPIyJuUzKhNvSMsOvRGP9u2xtqB9lE=) 2: l9nve9MDJN7fcLrOS72ldgwyaxo.crl (hash: RnJys2tTh35DdJJHDRJV3MT1eF+WdpXiWMg2DZ9qhxc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:03:a6:bd:59:ba:11:18:4a:01:3b:13:fc:d5:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a Validity Not Before: Dec 6 17:00:56 2025 GMT Not After : Dec 7 17:00:56 2025 GMT Subject: CN=bae27f82727e8e50cb42c4a4ae50955fd6bb28fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:61:be:88:e0:c9:8d:00:52:5e:dd:c6:b2:70: 83:18:52:19:d8:cb:97:e1:26:be:c2:8d:ca:12:d2: b0:e2:95:e4:eb:1a:2f:9c:f8:cc:cc:05:65:0e:93: 6b:09:fb:72:d8:f0:b1:4a:d3:2f:06:99:8f:a9:d3: bf:9b:8a:35:9a:fe:db:0b:92:53:a3:a8:10:0d:99: bc:ae:d7:6f:bc:bd:c3:03:10:e5:a9:b4:23:52:14: f3:bc:75:9f:4a:8d:85:82:ba:02:ae:05:8a:ef:73: 32:10:af:e5:26:bc:d4:31:d0:da:52:a3:57:41:06: 90:b7:78:18:b5:ab:98:c6:31:bc:85:02:f8:36:d3: bc:02:4f:24:a2:02:bd:1a:b8:5a:5e:a4:a8:47:68: d3:df:5a:03:fa:32:95:40:f0:34:2d:0f:50:27:49: 2d:10:ad:4d:f1:29:2a:29:22:7e:6e:c4:35:cb:6b: 31:3d:82:cb:62:47:d2:57:2f:d5:fb:0b:49:cb:3b: 96:90:61:74:80:53:57:4c:c9:ec:23:7d:aa:04:ac: c7:cf:2d:0b:ee:7c:40:33:a2:bc:7a:ec:cf:2b:f6: 75:5d:91:ed:ca:cc:7a:10:b8:5c:bb:9a:0f:3a:cb: 9b:44:a6:0c:a5:06:ef:e5:4e:89:2b:d7:ef:79:f2: 1f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:E2:7F:82:72:7E:8E:50:CB:42:C4:A4:AE:50:95:5F:D6:BB:28:FC X509v3 Authority Key Identifier: keyid:97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:57:da:ab:8b:ed:ad:0b:08:6e:fb:bc:17:f1:31:93:b5:68: 85:a1:de:90:e7:e5:2f:8a:4f:9c:b1:fd:a9:44:c3:ba:ae:d2: 49:81:df:fe:de:1c:a0:53:92:d7:37:b3:18:81:24:c6:10:b9: 76:be:08:99:2f:cd:87:20:bb:f0:91:68:38:c7:9f:bf:89:e5: 9e:b6:58:75:ff:fb:34:e8:99:4f:74:bd:9b:6d:02:91:95:8c: 36:61:bc:08:a8:c2:9c:b9:84:2a:d2:a5:66:b7:8c:c1:f2:5b: 95:ec:9a:f2:88:ec:ab:3e:47:44:6c:bd:4e:54:13:bb:c5:1e: d3:78:c7:9f:40:8b:b0:d8:82:c3:08:6e:9f:16:4d:48:ff:2f: e5:44:c3:63:32:77:f1:60:ca:b4:c8:a5:13:92:52:32:c4:69: 6a:68:00:78:e0:fd:3f:2f:7d:c6:9a:02:07:72:df:1c:d7:f6: af:02:e0:1d:7b:29:97:ab:4d:16:0e:7f:f5:df:4a:70:64:9e: 33:0c:e5:27:55:f9:4a:25:ab:09:13:3a:3a:43:1e:f3:e5:cf: 34:05:79:d8:66:2e:33:72:f9:a5:4e:fb:5f:0f:74:f7:e3:08: d5:fc:bc:25:c3:71:d5:f2:d0:31:88:34:44:0a:7e:00:23:37: 88:04:5d:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nAOmvVm6ERhKATsT/NVjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ZDllZjdiZDMwMzI0ZGVkZjcwYmFjZTRiYmRhNTc2MGMz MjZiMWEwHhcNMjUxMjA2MTcwMDU2WhcNMjUxMjA3MTcwMDU2WjAzMTEwLwYDVQQD EyhiYWUyN2Y4MjcyN2U4ZTUwY2I0MmM0YTRhZTUwOTU1ZmQ2YmIyOGZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGG+iODJjQBSXt3GsnCDGFIZ2MuX 4Sa+wo3KEtKw4pXk6xovnPjMzAVlDpNrCfty2PCxStMvBpmPqdO/m4o1mv7bC5JT o6gQDZm8rtdvvL3DAxDlqbQjUhTzvHWfSo2FgroCrgWK73MyEK/lJrzUMdDaUqNX QQaQt3gYtauYxjG8hQL4NtO8Ak8kogK9GrhaXqSoR2jT31oD+jKVQPA0LQ9QJ0kt EK1N8SkqKSJ+bsQ1y2sxPYLLYkfSVy/V+wtJyzuWkGF0gFNXTMnsI32qBKzHzy0L 7nxAM6K8euzPK/Z1XZHtysx6ELhcu5oPOsubRKYMpQbv5U6JK9fvefIfLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLrif4Jyfo5Qy0LEpK5QlV/Wuyj8MB8GA1UdIwQY MBaAFJfZ73vTAyTe33C6zku9pXYMMmsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUt ZjgwNWFiM2EzMjdlLzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUtZjgwNWFiM2EzMjdl LzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkVfaq4vt rQsIbvu8F/Exk7VohaHekOflL4pPnLH9qUTDuq7SSYHf/t4coFOS1zezGIEkxhC5 dr4ImS/NhyC78JFoOMefv4nlnrZYdf/7NOiZT3S9m20CkZWMNmG8CKjCnLmEKtKl ZreMwfJbleya8ojsqz5HRGy9TlQTu8Ue03jHn0CLsNiCwwhunxZNSP8v5UTDYzJ3 8WDKtMilE5JSMsRpamgAeOD9Py99xpoCB3LfHNf2rwLgHXspl6tNFg5/9d9KcGSe MwzlJ1X5SiWrCRM6OkMe8+XPNAV52GYuM3L5pU77Xw909+MI1fy8JcNx1fLQMYg0 RAp+ACM3iARddA== -----END CERTIFICATE-----Generated at Sun Dec 7 02:55:16 2025 by rpki-client