This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft File: lb24W36o8fqvdR52xBR8gbYOmU0.mft (raw, json) Hash identifier: UDYB801GXZS6727sYftTP1nClMOz8AA1iCnK9gDjYM4= Subject key identifier: E8:16:1F:DB:C5:7C:CC:5F:96:3C:EF:77:BB:0E:11:C8:CC:DD:DB:DF Authority key identifier: 95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D Certificate issuer: /CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d Certificate serial: 019AF12E3FCE634EC150632A579505E93BC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft Manifest number: 0114 Signing time: Sat 06 Dec 2025 01:02:11 +0000 Manifest this update: Sat 06 Dec 2025 01:02:11 +0000 Manifest next update: Sun 07 Dec 2025 01:02:11 +0000 Files and hashes: 1: 5R1-l58ft4GhxzonN9PpLF0e3rg.roa (hash: ld57U57oSYCdX19ANUoiIqFJmCosw0zLo2ypqpVfq5A=) 2: lb24W36o8fqvdR52xBR8gbYOmU0.crl (hash: MfbsK3nUKKCC7ezdxzs9aQFkZzCXUhy6yJUz2bZ9fLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:3f:ce:63:4e:c1:50:63:2a:57:95:05:e9:3b:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d Validity Not Before: Dec 6 01:02:11 2025 GMT Not After : Dec 7 01:02:11 2025 GMT Subject: CN=e8161fdbc57ccc5f963cef77bb0e11c8ccdddbdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c6:ad:30:54:58:ef:ed:00:46:3f:0e:41:e7: 0d:be:1c:c1:79:fe:27:3d:a7:e9:0a:19:d5:d7:7e: 0e:f3:c3:51:d4:80:52:df:e1:4a:19:47:be:ca:c5: 34:f3:9d:a3:6a:00:58:e0:28:ec:17:ab:9d:6f:07: 5a:f2:57:9a:f8:48:22:c6:42:d6:5c:73:80:ab:50: 45:ff:64:40:8c:bb:9a:0a:89:96:b5:f9:8d:61:9e: 49:7a:8b:0d:04:d6:b2:16:41:f8:d3:80:48:3c:04: 15:e1:c2:e7:59:1e:d3:44:b1:a9:c2:06:19:4d:1b: dd:78:cb:e0:ab:7a:3d:dc:08:5f:6c:6a:a7:b1:a0: a7:42:4f:8c:ea:94:08:4e:37:28:5b:16:fc:85:14: f7:1f:7e:4c:57:61:93:b7:f7:98:3b:80:a9:e0:da: 67:1d:5d:6d:d1:f8:3c:f1:ac:49:ac:90:3f:66:c0: 59:98:38:41:1b:59:6a:6c:9e:bb:59:6b:62:8f:c1: 9d:11:1b:4a:35:02:c1:30:ae:c8:ac:04:fc:09:8d: 2b:40:b1:95:40:91:a5:21:02:09:6c:2e:57:e3:61: 58:43:b5:eb:b1:f7:f4:c3:86:1b:c5:40:98:49:af: fe:e0:5b:4d:c2:68:4e:75:4d:a6:55:a6:03:4e:29: 07:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:16:1F:DB:C5:7C:CC:5F:96:3C:EF:77:BB:0E:11:C8:CC:DD:DB:DF X509v3 Authority Key Identifier: keyid:95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:48:fd:eb:8b:9d:c1:23:cc:c3:7b:b1:17:21:bf:67:71:bd: a4:ef:a9:e8:0f:a3:d6:62:eb:03:d4:18:a0:2c:7f:95:57:f5: dc:12:d9:ee:14:70:a5:a9:65:a7:cb:79:af:71:bb:a6:fe:3d: c5:7c:32:1a:1f:be:0c:ce:90:4b:59:c4:b1:35:09:cb:fd:75: 5f:af:03:94:c5:0c:06:77:aa:79:98:82:a7:f1:f3:9b:18:b4: 94:65:f2:50:04:cb:1c:56:7a:cb:48:f7:91:18:bf:a7:37:6f: 9b:d7:e1:1b:27:25:f7:4a:05:e0:99:ad:50:54:08:a8:f2:b0: e1:68:cc:9a:08:07:64:aa:1a:93:63:68:fd:48:a9:43:65:d1: 91:46:83:5c:0f:98:a8:c2:7b:91:b7:38:b7:9c:97:75:a2:08: 31:69:2c:18:aa:c9:a9:c2:fb:e5:9c:71:b0:8c:e3:2f:5c:9a: 78:ac:fb:af:40:56:de:37:39:f2:fa:21:a3:b4:35:30:12:b5: 89:84:0d:13:fe:04:f7:54:d7:e7:8e:0c:fe:40:f6:82:65:0a: 57:e5:b0:d2:2d:85:d6:1c:16:fa:6b:44:fe:b9:0e:ec:ac:df: a9:e3:6b:31:9d:72:14:f2:f4:65:97:ff:6a:7d:ea:f6:ea:0f: e5:15:f6:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLj/OY07BUGMqV5UF6TvEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YmRiODViN2VhOGYxZmFhZjc1MWU3NmM0MTQ3YzgxYjYw ZTk5NGQwHhcNMjUxMjA2MDEwMjExWhcNMjUxMjA3MDEwMjExWjAzMTEwLwYDVQQD EyhlODE2MWZkYmM1N2NjYzVmOTYzY2VmNzdiYjBlMTFjOGNjZGRkYmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8atMFRY7+0ARj8OQecNvhzBef4n PafpChnV134O88NR1IBS3+FKGUe+ysU0852jagBY4CjsF6udbwda8lea+EgixkLW XHOAq1BF/2RAjLuaComWtfmNYZ5JeosNBNayFkH404BIPAQV4cLnWR7TRLGpwgYZ TRvdeMvgq3o93AhfbGqnsaCnQk+M6pQITjcoWxb8hRT3H35MV2GTt/eYO4Cp4Npn HV1t0fg88axJrJA/ZsBZmDhBG1lqbJ67WWtij8GdERtKNQLBMK7IrAT8CY0rQLGV QJGlIQIJbC5X42FYQ7Xrsff0w4YbxUCYSa/+4FtNwmhOdU2mVaYDTikHEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOgWH9vFfMxfljzvd7sOEcjM3dvfMB8GA1UdIwQY MBaAFJW9uFt+qPH6r3UedsQUfIG2DplNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMt MTAyNDBjYTBiMTgyLzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMtMTAyNDBjYTBiMTgy LzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtEj964ud wSPMw3uxFyG/Z3G9pO+p6A+j1mLrA9QYoCx/lVf13BLZ7hRwpallp8t5r3G7pv49 xXwyGh++DM6QS1nEsTUJy/11X68DlMUMBneqeZiCp/Hzmxi0lGXyUATLHFZ6y0j3 kRi/pzdvm9fhGycl90oF4JmtUFQIqPKw4WjMmggHZKoak2No/UipQ2XRkUaDXA+Y qMJ7kbc4t5yXdaIIMWksGKrJqcL75ZxxsIzjL1yaeKz7r0BW3jc58voho7Q1MBK1 iYQNE/4E91TX544M/kD2gmUKV+Ww0i2F1hwW+mtE/rkO7KzfqeNrMZ1yFPL0ZZf/ an3q9uoP5RX2BA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:39 2025 by rpki-client