This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft File: LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json) Hash identifier: CpyHDT5o9WjSHrQEf4P4ATpuUcpv7tJpO6GfMIywBxw= Subject key identifier: 9E:04:C6:18:A9:85:7A:2A:4D:AE:FC:1D:C1:C5:F1:7E:68:47:43:45 Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA Certificate issuer: /CN=2f325207d5cee0ecea99e4702453407b564c39ca Certificate serial: 019AF12E255B4823795FB67879A8BA52C631 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:02:04 +0000 Manifest this update: Sat 06 Dec 2025 01:02:04 +0000 Manifest next update: Sun 07 Dec 2025 01:02:04 +0000 Files and hashes: 1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: A1Kfh5Fy8rfizuWokHhg0FcYz7zCxCNFPV2o2kB5fJw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:25:5b:48:23:79:5f:b6:78:79:a8:ba:52:c6:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca Validity Not Before: Dec 6 01:02:04 2025 GMT Not After : Dec 7 01:02:04 2025 GMT Subject: CN=9e04c618a9857a2a4daefc1dc1c5f17e68474345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:83:d5:4d:27:4f:29:7e:6c:c4:de:b6:44:c6: 0b:ee:b0:aa:44:49:70:65:ab:fd:15:c9:5d:9a:4e: 08:28:f0:e9:c1:97:a2:db:b2:dc:f4:20:27:37:ba: 0e:37:31:26:33:04:6a:f6:5d:63:fa:5c:fb:88:0d: 76:85:f9:23:94:3f:ba:a8:e3:72:7e:e6:e2:cf:82: e8:4a:e3:cf:98:75:88:00:d3:38:28:0c:e4:ac:a6: 43:8e:25:da:a9:8e:1c:eb:ae:72:4e:b1:6e:bf:8c: b8:51:9e:76:7b:79:2c:6c:fd:a8:ce:eb:b3:87:a8: e7:58:36:2a:83:75:b7:d8:07:01:8c:dc:57:a7:53: 8d:b5:1f:04:5d:ee:cb:c9:38:dd:be:05:3a:64:69: 78:73:b1:c8:df:ac:d8:ca:35:2e:6f:00:43:2f:0b: 44:77:ba:10:bf:d6:a1:b7:2d:ae:95:e4:13:58:b6: fb:3e:99:1d:19:b4:a7:37:c3:19:60:5c:27:2d:83: 5a:8c:7b:8f:7d:8e:f4:87:f9:80:3d:18:48:4b:c4: 15:38:f8:55:26:45:0c:6c:db:3c:48:79:a0:de:ea: 11:9f:f4:a2:35:23:bb:07:a9:65:db:9f:5e:54:e4: aa:fd:bf:9d:8d:c6:a6:16:40:f2:a1:34:ee:35:53: 73:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:04:C6:18:A9:85:7A:2A:4D:AE:FC:1D:C1:C5:F1:7E:68:47:43:45 X509v3 Authority Key Identifier: keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:35:53:ac:61:de:21:a0:a7:62:e7:88:41:44:aa:fe:3e:9a: c7:f9:75:f2:fc:2d:d1:ee:9a:06:33:af:d9:06:3e:e6:a1:8f: 0e:da:82:10:73:ed:b8:da:24:0a:b8:97:c2:31:77:50:9e:d0: a7:aa:fd:22:b5:03:cb:cd:42:ed:e2:d9:45:61:d1:81:90:d7: bf:8f:f3:ad:f7:66:e8:86:b9:cc:63:04:39:b9:47:3a:b9:8c: ca:94:91:c2:ac:06:3a:85:cc:01:b2:8c:c1:a2:4a:e6:e7:49: f3:7c:d5:af:ea:0f:b9:e8:ea:9d:14:a2:0a:32:5d:92:8c:ca: 97:0b:b6:5a:45:51:75:9a:e1:f6:79:84:04:97:a6:05:c7:a7: 1f:69:8e:68:d0:62:3d:ea:44:d2:48:77:45:20:b6:8e:d3:77: e5:8c:ca:8b:fc:27:b1:e8:a9:12:a1:93:28:c2:8f:31:01:7a: a9:5a:14:5d:1b:65:0d:ca:66:08:64:6b:29:37:3a:10:bf:f1: 26:b2:7e:c2:e8:83:03:04:49:4c:51:2d:e4:27:8a:7a:1b:c0: ed:7f:c5:d0:f7:de:8e:5c:f3:23:22:08:74:5f:e7:1d:e8:aa: c7:9c:2d:60:36:2e:d9:14:50:a7:5d:ac:72:78:e2:45:92:3d: 5b:24:6f:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLiVbSCN5X7Z4eai6UsYxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0 YzM5Y2EwHhcNMjUxMjA2MDEwMjA0WhcNMjUxMjA3MDEwMjA0WjAzMTEwLwYDVQQD Eyg5ZTA0YzYxOGE5ODU3YTJhNGRhZWZjMWRjMWM1ZjE3ZTY4NDc0MzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8oPVTSdPKX5sxN62RMYL7rCqRElw Zav9Fcldmk4IKPDpwZei27Lc9CAnN7oONzEmMwRq9l1j+lz7iA12hfkjlD+6qONy fubiz4LoSuPPmHWIANM4KAzkrKZDjiXaqY4c665yTrFuv4y4UZ52e3ksbP2ozuuz h6jnWDYqg3W32AcBjNxXp1ONtR8EXe7LyTjdvgU6ZGl4c7HI36zYyjUubwBDLwtE d7oQv9ahty2uleQTWLb7PpkdGbSnN8MZYFwnLYNajHuPfY70h/mAPRhIS8QVOPhV JkUMbNs8SHmg3uoRn/SiNSO7B6ll259eVOSq/b+djcamFkDyoTTuNVNztwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ4ExhiphXoqTa78HcHF8X5oR0NFMB8GA1UdIwQY MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajVTrGHe IaCnYueIQUSq/j6ax/l18vwt0e6aBjOv2QY+5qGPDtqCEHPtuNokCriXwjF3UJ7Q p6r9IrUDy81C7eLZRWHRgZDXv4/zrfdm6Ia5zGMEOblHOrmMypSRwqwGOoXMAbKM waJK5udJ83zVr+oPuejqnRSiCjJdkozKlwu2WkVRdZrh9nmEBJemBcenH2mOaNBi PepE0kh3RSC2jtN35YzKi/wnseipEqGTKMKPMQF6qVoUXRtlDcpmCGRrKTc6EL/x JrJ+wuiDAwRJTFEt5CeKehvA7X/F0PfejlzzIyIIdF/nHeiqx5wtYDYu2RRQp12s cnjiRZI9WyRveg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:01:27 2025 by rpki-client