This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft File: lkyqlAOgjTc7kLcQpW0-roE5T_A.mft (raw, json) Hash identifier: YqUtBLeHTV5W14CELzFjOAbPFnqOVCwU2tlNm2AfFZM= Subject key identifier: DB:15:BC:75:62:F5:BC:AB:6E:3A:25:06:08:64:BA:99:3B:67:C1:85 Authority key identifier: 96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0 Certificate issuer: /CN=964caa9403a08d373b90b710a56d3eae81394ff0 Certificate serial: 019AF389F16F89AC346085A3CFD715AE686C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft Manifest number: 16EF Signing time: Sat 06 Dec 2025 12:01:34 +0000 Manifest this update: Sat 06 Dec 2025 12:01:34 +0000 Manifest next update: Sun 07 Dec 2025 12:01:34 +0000 Files and hashes: 1: lkyqlAOgjTc7kLcQpW0-roE5T_A.crl (hash: VyXNDZqstAxHz8gLdiiFerCXc6mViNUM6ZQtzOSe2CA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:f1:6f:89:ac:34:60:85:a3:cf:d7:15:ae:68:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=964caa9403a08d373b90b710a56d3eae81394ff0 Validity Not Before: Dec 6 12:01:34 2025 GMT Not After : Dec 7 12:01:34 2025 GMT Subject: CN=db15bc7562f5bcab6e3a25060864ba993b67c185 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:05:52:93:b8:7d:cd:9b:2e:1b:47:3d:66:e2: 24:d4:fb:fc:58:28:9d:9e:77:b1:7d:6a:07:00:a3: 33:6a:5e:c6:72:92:a2:14:2e:4a:05:8b:79:14:18: ef:46:47:9b:ed:33:51:58:73:e2:72:9c:bc:d7:43: 09:12:12:7f:0b:06:48:80:e8:03:0c:0f:7e:05:4b: a9:ef:e6:70:da:c7:7c:56:b9:3e:1f:39:f3:15:68: 84:96:18:e1:50:79:6e:92:e6:e3:90:77:e8:52:46: ce:e9:9b:b9:99:d5:35:ce:51:56:4d:03:9a:64:c3: c0:2c:25:73:c5:1a:9c:87:2e:5b:11:3d:75:71:2d: f9:e3:fe:00:af:ce:e6:e1:00:1c:3b:a0:37:f0:38: b8:c4:61:4f:3e:2e:8f:0c:e5:29:dc:c9:e3:bd:95: 9a:37:5b:d8:ae:1e:ad:26:35:a6:b3:2a:59:ed:5f: e3:ed:31:0c:c7:4b:5f:f0:a4:ac:75:65:66:22:94: ab:72:67:76:cf:a0:10:57:0c:b5:b1:6d:55:e4:b5: 9f:f3:22:97:be:b9:a9:bd:20:4b:7c:42:de:88:3c: e3:ef:3f:95:0a:1d:e7:b2:ab:76:34:93:e6:f1:10: d5:5f:8a:43:b9:11:ca:26:d7:24:1e:59:a6:15:a8: ed:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:15:BC:75:62:F5:BC:AB:6E:3A:25:06:08:64:BA:99:3B:67:C1:85 X509v3 Authority Key Identifier: keyid:96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:d1:56:b0:ec:71:9a:72:c6:92:3e:e8:5e:03:19:bc:3d:19: 60:35:4d:3d:33:95:7f:d5:8f:49:ab:e3:4a:05:6d:a9:14:ed: e4:6c:de:d2:0a:73:5b:3b:85:e8:09:a8:fa:38:f0:a6:b0:87: 59:cb:e4:8d:ee:1b:ab:2d:5c:8c:b7:34:67:28:32:2d:48:4c: 5c:1d:46:af:7f:9a:f6:97:3b:b5:ab:37:d7:51:ea:ce:e3:ed: c7:c8:75:05:8e:07:ec:84:f0:a7:43:d4:ea:ed:0e:af:a9:ca: db:37:45:4d:44:80:6c:40:7a:a6:c2:17:22:c6:41:db:bc:f2: 68:04:e2:2f:42:be:a6:fb:97:47:af:04:14:ff:16:4a:17:17: 49:bd:d8:fc:08:c5:ff:3a:4a:19:b1:d2:b7:00:c9:0a:a4:f9: d0:6b:e3:ea:3a:9e:28:d5:3d:74:67:21:5b:7d:56:bc:ef:9c: 18:06:08:b3:03:b8:91:e8:11:be:16:5b:32:3e:f8:f7:7d:64: 15:8c:9a:3a:c1:ca:9e:1b:15:1e:d5:e1:ce:28:57:28:b5:95: 5b:4c:5a:3a:15:90:4e:9f:a2:26:70:cc:4e:de:ae:8e:29:6f: 35:49:80:5d:66:3c:83:fc:40:2a:f4:d4:b1:07:44:b4:2b:ac: ba:d9:77:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzifFviaw0YIWjz9cVrmhsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2NGNhYTk0MDNhMDhkMzczYjkwYjcxMGE1NmQzZWFlODEz OTRmZjAwHhcNMjUxMjA2MTIwMTM0WhcNMjUxMjA3MTIwMTM0WjAzMTEwLwYDVQQD EyhkYjE1YmM3NTYyZjViY2FiNmUzYTI1MDYwODY0YmE5OTNiNjdjMTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgVSk7h9zZsuG0c9ZuIk1Pv8WCid nnexfWoHAKMzal7GcpKiFC5KBYt5FBjvRkeb7TNRWHPicpy810MJEhJ/CwZIgOgD DA9+BUup7+Zw2sd8Vrk+HznzFWiElhjhUHlukubjkHfoUkbO6Zu5mdU1zlFWTQOa ZMPALCVzxRqchy5bET11cS354/4Ar87m4QAcO6A38Di4xGFPPi6PDOUp3MnjvZWa N1vYrh6tJjWmsypZ7V/j7TEMx0tf8KSsdWVmIpSrcmd2z6AQVwy1sW1V5LWf8yKX vrmpvSBLfELeiDzj7z+VCh3nsqt2NJPm8RDVX4pDuRHKJtckHlmmFajtXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNsVvHVi9byrbjolBghkupk7Z8GFMB8GA1UdIwQY MBaAFJZMqpQDoI03O5C3EKVtPq6BOU/wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDkt NmJmZjFjMGU2OGFlLzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDktNmJmZjFjMGU2OGFl LzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktFWsOxx mnLGkj7oXgMZvD0ZYDVNPTOVf9WPSavjSgVtqRTt5Gze0gpzWzuF6Amo+jjwprCH Wcvkje4bqy1cjLc0ZygyLUhMXB1Gr3+a9pc7tas311HqzuPtx8h1BY4H7ITwp0PU 6u0Or6nK2zdFTUSAbEB6psIXIsZB27zyaATiL0K+pvuXR68EFP8WShcXSb3Y/AjF /zpKGbHStwDJCqT50Gvj6jqeKNU9dGchW31WvO+cGAYIswO4kegRvhZbMj74931k FYyaOsHKnhsVHtXhzihXKLWVW0xaOhWQTp+iJnDMTt6ujilvNUmAXWY8g/xAKvTU sQdEtCusutl3HA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:04:14 2025 by rpki-client