This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft File: _ltNUIvcIUFbR1LuvESNSqrGNdk.mft (raw, json) Hash identifier: CaTJ6QFnNydw2zHwzRYZgroyRuhQ8/IjMmwb4ABCI40= Subject key identifier: 14:1C:CE:8F:E8:94:D3:D8:32:C5:9B:5C:A3:13:25:59:29:87:8A:F3 Authority key identifier: FE:5B:4D:50:8B:DC:21:41:5B:47:52:EE:BC:44:8D:4A:AA:C6:35:D9 Certificate issuer: /CN=fe5b4d508bdc21415b4752eebc448d4aaac635d9 Certificate serial: 019AF2AD524F4738B9A56F196F7B37E8F327 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft Manifest number: 01DE Signing time: Sat 06 Dec 2025 08:00:36 +0000 Manifest this update: Sat 06 Dec 2025 08:00:36 +0000 Manifest next update: Sun 07 Dec 2025 08:00:36 +0000 Files and hashes: 1: _ltNUIvcIUFbR1LuvESNSqrGNdk.crl (hash: 10TDicRu7gOihe0+/ZYOoVTJc8/DXDsAby0Iy+f1+yA=) 2: l_Z1ah4Z6CUki_cHx_5BaEWiOxE.roa (hash: fwZNajA2NrVuCxC49gzHtXDb0A0DV7JtszLe3wSG/eE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:52:4f:47:38:b9:a5:6f:19:6f:7b:37:e8:f3:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe5b4d508bdc21415b4752eebc448d4aaac635d9 Validity Not Before: Dec 6 08:00:36 2025 GMT Not After : Dec 7 08:00:36 2025 GMT Subject: CN=141cce8fe894d3d832c59b5ca313255929878af3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3f:95:b9:01:94:ac:00:6a:63:2d:da:c2:9f: 01:dd:09:77:8f:60:55:7d:06:40:d4:fd:0d:3a:0e: 75:84:b9:f1:b6:72:1b:d8:dc:1c:46:72:d9:5b:64: 5e:90:85:d0:98:78:37:23:c3:8c:07:2a:5e:34:9e: 20:f6:77:27:64:3a:0f:e5:6a:5a:89:00:be:d9:b0: 6f:bd:23:94:88:96:f6:1c:df:c4:41:13:bb:d8:47: ac:24:9c:d0:de:b8:7e:6b:6e:4d:c2:66:14:b7:0d: 39:d6:de:a4:7c:da:1f:c1:71:ac:2b:7d:91:75:be: 68:a5:bc:36:8c:94:e4:01:79:95:87:f9:71:42:ce: cb:bc:0a:5a:05:17:9a:55:60:40:9d:73:9b:d5:dc: 98:77:05:f2:25:87:02:8e:bb:d0:f1:cc:7e:14:7c: 3e:aa:8f:7b:7d:8e:d8:ba:2b:7c:7f:f1:08:e4:f4: 21:ab:2a:4f:d0:cb:5b:d2:2d:18:55:e3:e7:f8:77: 9f:37:4b:c7:67:5a:e5:aa:c5:9f:39:3e:63:cc:fe: 2e:b7:df:76:5a:db:9e:d6:48:5e:b1:b3:75:71:3d: 18:d1:25:ef:53:b5:c6:06:22:85:e0:31:17:dd:17: fa:78:0d:bc:6c:68:a6:f0:15:0c:1d:f9:42:1f:6f: df:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:1C:CE:8F:E8:94:D3:D8:32:C5:9B:5C:A3:13:25:59:29:87:8A:F3 X509v3 Authority Key Identifier: keyid:FE:5B:4D:50:8B:DC:21:41:5B:47:52:EE:BC:44:8D:4A:AA:C6:35:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:f2:2d:ed:66:25:b0:07:b9:8e:96:50:68:c5:f3:52:79:14: 20:f9:b0:e2:59:c3:58:67:e8:8c:d3:43:1b:71:93:aa:fd:41: 5a:f2:34:61:bf:66:2a:12:6f:ab:7e:7e:30:f2:e1:c0:81:6c: 3b:00:2e:90:cb:99:76:d7:c7:0f:3b:b2:5c:cf:98:9c:28:4e: 36:03:55:28:6f:28:78:c7:17:19:7a:2f:72:65:15:41:f5:96: 45:ba:f4:2f:b6:ea:e8:90:ba:a8:f7:a1:c3:22:c0:7e:ce:5c: c4:01:58:de:0d:3d:0b:13:8f:60:6b:cc:d6:a3:b9:26:18:e6: fd:e6:3c:4c:12:71:c1:32:d7:ae:49:25:88:ae:f2:28:a8:c1: 59:ab:ef:e5:98:dd:35:a8:2f:79:29:8a:06:b6:52:77:90:84: 94:6a:09:9d:81:3b:1b:91:83:0f:d2:5a:3c:b2:a8:e5:a0:93: 2f:3f:f2:f2:20:3f:f3:3d:7c:23:94:93:c9:59:04:47:e3:71: 31:c7:14:16:a9:4e:0d:06:cd:21:66:ee:de:df:2b:92:6d:59: 18:6a:56:75:d0:f3:51:49:32:fd:d4:ee:24:e8:fc:b4:a6:d7: 91:ec:5a:a5:4b:8d:8e:af:e6:39:2b:bb:4c:12:0c:bd:b4:76: 73:df:1d:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrVJPRzi5pW8Zb3s36PMnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlNWI0ZDUwOGJkYzIxNDE1YjQ3NTJlZWJjNDQ4ZDRhYWFj NjM1ZDkwHhcNMjUxMjA2MDgwMDM2WhcNMjUxMjA3MDgwMDM2WjAzMTEwLwYDVQQD EygxNDFjY2U4ZmU4OTRkM2Q4MzJjNTliNWNhMzEzMjU1OTI5ODc4YWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j+VuQGUrABqYy3awp8B3Ql3j2BV fQZA1P0NOg51hLnxtnIb2NwcRnLZW2RekIXQmHg3I8OMBypeNJ4g9ncnZDoP5Wpa iQC+2bBvvSOUiJb2HN/EQRO72EesJJzQ3rh+a25NwmYUtw051t6kfNofwXGsK32R db5opbw2jJTkAXmVh/lxQs7LvApaBReaVWBAnXOb1dyYdwXyJYcCjrvQ8cx+FHw+ qo97fY7Yuit8f/EI5PQhqypP0Mtb0i0YVePn+HefN0vHZ1rlqsWfOT5jzP4ut992 Wtue1khesbN1cT0Y0SXvU7XGBiKF4DEX3Rf6eA28bGim8BUMHflCH2/fewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBQczo/olNPYMsWbXKMTJVkph4rzMB8GA1UdIwQY MBaAFP5bTVCL3CFBW0dS7rxEjUqqxjXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9jOWY3YWItM2ZhMC00NzFmLWJiOTUt MDBiNGZiYjM4NDlkLzEvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9jOWY3YWItM2ZhMC00NzFmLWJiOTUtMDBiNGZiYjM4NDlk LzEvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvIt7WYl sAe5jpZQaMXzUnkUIPmw4lnDWGfojNNDG3GTqv1BWvI0Yb9mKhJvq35+MPLhwIFs OwAukMuZdtfHDzuyXM+YnChONgNVKG8oeMcXGXovcmUVQfWWRbr0L7bq6JC6qPeh wyLAfs5cxAFY3g09CxOPYGvM1qO5Jhjm/eY8TBJxwTLXrkkliK7yKKjBWavv5Zjd NagveSmKBrZSd5CElGoJnYE7G5GDD9JaPLKo5aCTLz/y8iA/8z18I5STyVkER+Nx MccUFqlODQbNIWbu3t8rkm1ZGGpWddDzUUky/dTuJOj8tKbXkexapUuNjq/mOSu7 TBIMvbR2c98dHA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:59:53 2025 by rpki-client