This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft File: lQ8oTPXDnybd0jUufyrfeo3GD44.mft (raw, json) Hash identifier: SD/J+J3FZj/qtfXxG7ShBu2ua/JqXXnZEMxSTtUFBo4= Subject key identifier: 20:45:08:E3:78:97:B9:1E:D6:A0:E6:4F:8F:1A:79:CD:CF:05:01:46 Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e Certificate serial: 019AF653D33FF4DF6040AB18F75243EB5658 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft Manifest number: 0D5F Signing time: Sun 07 Dec 2025 01:01:19 +0000 Manifest this update: Sun 07 Dec 2025 01:01:19 +0000 Manifest next update: Mon 08 Dec 2025 01:01:19 +0000 Files and hashes: 1: CIXcSM8wlZUJc9_olM2z-Sxe_fI.roa (hash: mDiY7MPNQSCh1DaHA5s1SG/E+/9GUkWw11IjIEdP7WU=) 2: lQ8oTPXDnybd0jUufyrfeo3GD44.crl (hash: e4trHjGRftZGxDCspMIy8gvzpZ6okG6jI97iqNoA4bY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:53:d3:3f:f4:df:60:40:ab:18:f7:52:43:eb:56:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e Validity Not Before: Dec 7 01:01:19 2025 GMT Not After : Dec 8 01:01:19 2025 GMT Subject: CN=204508e37897b91ed6a0e64f8f1a79cdcf050146 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:6f:85:d5:b1:50:3a:64:ee:ec:50:bd:e1:b9: 2a:49:9f:ae:d9:28:e2:ab:64:b2:e5:38:5a:41:6b: b0:ad:4c:0e:62:a0:01:63:13:95:f7:84:9a:50:79: 54:9e:6d:23:35:9c:60:b2:3c:1b:b7:23:19:35:53: 26:3b:36:ed:d7:32:f6:ac:b0:e2:34:60:ea:a6:2b: 8c:e8:b2:83:bf:45:b9:20:a0:07:31:72:c8:2b:5b: 5d:c9:5c:3f:65:a9:5e:66:f4:88:91:78:44:f0:2c: 14:95:b9:bf:86:20:9c:3d:f8:d7:76:2d:35:2f:4d: 73:bb:5f:f8:06:77:cb:d1:16:14:3e:12:9a:b8:d7: 8b:ad:2f:81:f5:91:10:35:64:3c:65:b5:e1:ef:e3: 4e:56:9f:de:c3:94:0c:30:dc:12:08:98:1c:a9:ba: 8a:a2:8f:ba:84:30:e2:59:99:6a:2f:3a:2a:fa:f0: c3:ef:a4:9b:fd:80:4a:b2:ff:19:05:c3:e7:d0:4b: 18:d8:fb:ef:c9:c3:fa:dd:98:ac:23:2e:3a:3d:ee: a6:80:d2:60:1b:4b:34:32:1d:13:ad:ae:cf:fb:e4: 6a:8f:72:0f:82:ca:6b:fb:34:b8:99:ec:b9:af:ab: 76:bc:b9:6a:b8:56:8b:92:cf:94:fe:5e:93:95:27: 80:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:45:08:E3:78:97:B9:1E:D6:A0:E6:4F:8F:1A:79:CD:CF:05:01:46 X509v3 Authority Key Identifier: keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:12:d2:4b:52:da:b1:be:ce:be:08:77:c2:a7:8b:d0:75:40: 7c:23:a1:4e:e8:10:11:9e:ae:8a:b2:af:10:18:33:d9:21:8f: a8:f5:ba:2a:be:39:49:b3:b9:e2:16:75:cf:77:4e:1b:0e:82: 77:ca:26:bf:0e:f3:c1:76:7a:85:4e:70:ce:64:db:c4:ab:07: 9c:95:9f:c2:f5:a2:2b:0c:fa:3b:5d:fb:18:df:dd:14:35:ea: df:e5:30:69:36:c5:a5:5c:23:d4:6e:2d:d5:07:21:d9:a1:2b: 52:54:fe:75:dc:5e:24:06:77:aa:19:f4:51:9f:ee:5a:ad:90: f6:21:7f:40:b5:88:9d:94:30:43:aa:e6:26:17:78:c1:3e:7b: 59:57:3b:19:60:33:83:11:2f:74:c2:c8:dc:e4:4d:21:ee:f6: bb:56:33:59:b1:0e:69:84:1a:98:12:23:e3:2f:5c:95:18:de: 58:ce:cd:be:0a:82:f7:fd:fc:9c:14:5f:de:6a:e1:38:2d:a1: 32:b4:52:86:73:4b:d8:a4:81:74:29:2e:a7:09:47:6d:b0:48: df:59:62:8f:9b:4e:c2:2f:aa:34:63:0b:44:69:66:98:26:22: e0:dc:ef:34:a5:9a:c0:72:47:a9:63:69:75:bb:85:c0:1e:51: 74:c5:c9:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2U9M/9N9gQKsY91JD61ZYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj NjBmOGUwHhcNMjUxMjA3MDEwMTE5WhcNMjUxMjA4MDEwMTE5WjAzMTEwLwYDVQQD EygyMDQ1MDhlMzc4OTdiOTFlZDZhMGU2NGY4ZjFhNzljZGNmMDUwMTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim+F1bFQOmTu7FC94bkqSZ+u2Sji q2Sy5ThaQWuwrUwOYqABYxOV94SaUHlUnm0jNZxgsjwbtyMZNVMmOzbt1zL2rLDi NGDqpiuM6LKDv0W5IKAHMXLIK1tdyVw/ZaleZvSIkXhE8CwUlbm/hiCcPfjXdi01 L01zu1/4BnfL0RYUPhKauNeLrS+B9ZEQNWQ8ZbXh7+NOVp/ew5QMMNwSCJgcqbqK oo+6hDDiWZlqLzoq+vDD76Sb/YBKsv8ZBcPn0EsY2PvvycP63ZisIy46Pe6mgNJg G0s0Mh0Tra7P++Rqj3IPgspr+zS4mey5r6t2vLlquFaLks+U/l6TlSeAAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCBFCON4l7ke1qDmT48aec3PBQFGMB8GA1UdIwQY MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt ZmEyZjBkNTRiMWQxLzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBLSS1La sb7Ovgh3wqeL0HVAfCOhTugQEZ6uirKvEBgz2SGPqPW6Kr45SbO54hZ1z3dOGw6C d8omvw7zwXZ6hU5wzmTbxKsHnJWfwvWiKwz6O137GN/dFDXq3+UwaTbFpVwj1G4t 1Qch2aErUlT+ddxeJAZ3qhn0UZ/uWq2Q9iF/QLWInZQwQ6rmJhd4wT57WVc7GWAz gxEvdMLI3ORNIe72u1YzWbEOaYQamBIj4y9clRjeWM7NvgqC9/38nBRf3mrhOC2h MrRShnNL2KSBdCkupwlHbbBI31lij5tOwi+qNGMLRGlmmCYi4NzvNKWawHJHqWNp dbuFwB5RdMXJhg== -----END CERTIFICATE-----Generated at Sun Dec 7 03:16:38 2025 by rpki-client