This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft File: L-QXNib0YCZA6NTpa1ShoJar54s.mft (raw, json) Hash identifier: gxYfiv5UypUYqYvyzzW4A7bGkIGvv9lMvmuuOTjgAcg= Subject key identifier: A5:23:24:0F:61:13:EA:A2:78:38:24:AA:C8:EB:9D:05:3D:17:BD:0B Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B Certificate issuer: /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b Certificate serial: 019AF20945E08CA4C612CBD60A30E7B0E3BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft Manifest number: 124F Signing time: Sat 06 Dec 2025 05:01:25 +0000 Manifest this update: Sat 06 Dec 2025 05:01:25 +0000 Manifest next update: Sun 07 Dec 2025 05:01:25 +0000 Files and hashes: 1: 8PzBSdujNIrE9ZxwXkq7Jh0bBAs.roa (hash: 4Awpnumk+tPfHQxPVq+VsOA860hCJdP+GfTQ/2K+zcA=) 2: L-QXNib0YCZA6NTpa1ShoJar54s.crl (hash: lYTR+z1Bw+7vVdcLYQvrcGQH2nF+u/PSZADCFaKXAR4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:45:e0:8c:a4:c6:12:cb:d6:0a:30:e7:b0:e3:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b Validity Not Before: Dec 6 05:01:25 2025 GMT Not After : Dec 7 05:01:25 2025 GMT Subject: CN=a523240f6113eaa2783824aac8eb9d053d17bd0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0e:23:32:a2:23:39:a9:7b:2b:70:ae:2f:2e: 82:39:06:2a:ed:28:79:3b:c2:ae:09:ba:a7:2f:73: 05:be:ff:3c:48:ee:83:c3:fb:03:1e:41:1b:b5:b2: 45:1e:d4:06:8c:a0:f3:3f:22:7e:61:d3:f0:a8:a0: fd:56:9e:2c:b5:fa:ce:8a:ae:ea:d7:43:b4:23:98: ea:88:69:de:df:3d:bb:b0:9d:65:cc:d0:0c:cd:61: 3b:80:03:19:c9:b4:09:7e:93:92:15:ca:3b:8d:f2: 75:71:57:be:1a:a2:2e:d8:eb:69:2d:8a:25:c0:00: 5d:6b:ce:65:57:fa:63:60:1d:a6:1b:e9:b9:e7:d2: 20:5d:e3:e0:4e:b5:3f:4e:b1:0e:53:d6:e1:60:e5: 26:a1:16:fd:0b:f3:51:b7:04:ee:cb:9e:2a:2d:68: 20:a8:c7:24:67:4c:72:99:a2:92:16:92:cd:a1:5a: 29:5e:d9:dc:2a:00:f6:c5:11:0f:25:ad:da:c7:f9: ab:4d:d2:0e:49:d3:58:1b:f0:53:97:3c:92:b8:7a: a8:09:7c:44:a8:f5:c6:8b:1b:3c:57:3a:31:e8:e6: 54:45:82:c8:95:3d:71:99:79:89:44:53:24:15:72: 6e:fa:86:88:76:a1:7e:06:5d:ed:1b:68:40:42:b7: c9:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:23:24:0F:61:13:EA:A2:78:38:24:AA:C8:EB:9D:05:3D:17:BD:0B X509v3 Authority Key Identifier: keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:cb:19:ea:df:33:1a:5b:97:bb:db:42:37:17:0d:99:c4:1f: 3f:c7:f9:49:ba:4b:de:c0:3b:e7:09:6c:34:11:88:b6:86:4b: 22:82:31:4a:70:d6:ff:2f:ed:31:ba:77:0d:ae:02:05:26:ba: ca:93:7b:8a:d0:49:f5:b3:55:4b:76:ef:de:1d:4e:1b:0d:c9: a1:a0:3d:0c:d1:d3:3b:2c:26:c9:0c:4a:a8:ae:1d:83:37:96: b8:66:b3:ea:c3:9f:54:34:ce:a6:7a:f9:58:f2:3b:73:4e:ec: c5:51:76:08:7a:d3:50:a7:29:0c:11:01:04:06:6a:93:6d:92: 2e:e3:d1:c8:09:01:41:c6:31:69:d5:10:d4:d0:01:0d:9c:da: c2:be:85:13:35:e5:53:24:67:8a:fa:0c:29:67:78:ce:38:8c: 36:17:3c:27:0b:05:4b:a9:2a:9d:83:78:eb:fa:2f:88:40:43: a1:dd:ed:47:9b:f1:24:25:0c:8a:95:c7:b0:81:a7:52:b6:23: 51:4f:41:54:41:16:59:ce:e7:c9:64:a1:37:8c:65:26:39:d6: 3b:9e:77:36:d2:93:47:fc:1f:dc:fa:7f:09:43:ad:2a:5d:88: a3:7b:59:2e:a7:cf:c2:b3:4f:08:0d:c2:4d:6d:d1:b2:da:42: 17:39:c9:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCUXgjKTGEsvWCjDnsOO7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh YmU3OGIwHhcNMjUxMjA2MDUwMTI1WhcNMjUxMjA3MDUwMTI1WjAzMTEwLwYDVQQD EyhhNTIzMjQwZjYxMTNlYWEyNzgzODI0YWFjOGViOWQwNTNkMTdiZDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ4jMqIjOal7K3CuLy6COQYq7Sh5 O8KuCbqnL3MFvv88SO6Dw/sDHkEbtbJFHtQGjKDzPyJ+YdPwqKD9Vp4stfrOiq7q 10O0I5jqiGne3z27sJ1lzNAMzWE7gAMZybQJfpOSFco7jfJ1cVe+GqIu2OtpLYol wABda85lV/pjYB2mG+m559IgXePgTrU/TrEOU9bhYOUmoRb9C/NRtwTuy54qLWgg qMckZ0xymaKSFpLNoVopXtncKgD2xREPJa3ax/mrTdIOSdNYG/BTlzySuHqoCXxE qPXGixs8Vzox6OZURYLIlT1xmXmJRFMkFXJu+oaIdqF+Bl3tG2hAQrfJSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUjJA9hE+qieDgkqsjrnQU9F70LMB8GA1UdIwQY MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt MzU0NzljNTRkY2JkLzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWcsZ6t8z GluXu9tCNxcNmcQfP8f5SbpL3sA75wlsNBGItoZLIoIxSnDW/y/tMbp3Da4CBSa6 ypN7itBJ9bNVS3bv3h1OGw3JoaA9DNHTOywmyQxKqK4dgzeWuGaz6sOfVDTOpnr5 WPI7c07sxVF2CHrTUKcpDBEBBAZqk22SLuPRyAkBQcYxadUQ1NABDZzawr6FEzXl UyRnivoMKWd4zjiMNhc8JwsFS6kqnYN46/oviEBDod3tR5vxJCUMipXHsIGnUrYj UU9BVEEWWc7nyWShN4xlJjnWO553NtKTR/wf3Pp/CUOtKl2Io3tZLqfPwrNPCA3C TW3RstpCFznJaQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:31:32 2025 by rpki-client