This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.mft File: Lep4sS1DW5fe-_ksdCZcNDO70Ck.mft (raw, json) Hash identifier: t4BNyGXpy0wL5EGSI7H5wDHaziR3tUPsrE+jeBwBEsw= Subject key identifier: 0A:0A:4E:EE:85:1E:06:BA:21:BE:02:12:D8:85:4A:55:63:35:C5:D3 Authority key identifier: 2D:EA:78:B1:2D:43:5B:97:DE:FB:F9:2C:74:26:5C:34:33:BB:D0:29 Certificate issuer: /CN=2dea78b12d435b97defbf92c74265c3433bbd029 Certificate serial: 019B337AFCA8AA1CC513005D5E261F211E9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lep4sS1DW5fe-_ksdCZcNDO70Ck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.mft Manifest number: 0BD7 Signing time: Thu 18 Dec 2025 22:00:56 +0000 Manifest this update: Thu 18 Dec 2025 22:00:56 +0000 Manifest next update: Fri 19 Dec 2025 22:00:56 +0000 Files and hashes: 1: Lep4sS1DW5fe-_ksdCZcNDO70Ck.crl (hash: vDPArtXmFTKG1KDKh2X3NeKrptxw7EYfufkDC88jYLc=) 2: qHOxf7Ag_8u24Noxu2kog83ptRg.roa (hash: oxynD/JaNR7ZZdHYCXCJyIHb4WE74vGw/oNyjiWqUm4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.mft rsync://rpki.ripe.net/repository/DEFAULT/Lep4sS1DW5fe-_ksdCZcNDO70Ck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7a:fc:a8:aa:1c:c5:13:00:5d:5e:26:1f:21:1e:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2dea78b12d435b97defbf92c74265c3433bbd029 Validity Not Before: Dec 18 22:00:56 2025 GMT Not After : Dec 19 22:00:56 2025 GMT Subject: CN=0a0a4eee851e06ba21be0212d8854a556335c5d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ed:7a:09:ca:03:79:23:11:ef:d2:77:4f:50: a2:e9:5f:6f:f7:a1:de:13:7c:fe:b3:6d:f9:92:34: 2e:87:1c:c1:9a:24:7a:e9:3b:20:f1:e5:8d:19:b5: 48:f2:02:ff:19:a1:5e:e9:43:86:1f:9b:73:47:db: eb:f9:74:11:14:2b:7c:5f:7b:ad:e1:bd:78:c1:86: d3:06:5b:ab:ee:a6:92:31:73:c0:a4:6f:31:e9:18: 45:d3:b0:95:3e:ca:b1:97:68:ca:51:b2:9a:60:7b: ee:2b:62:c7:2a:88:92:c4:8e:85:21:1a:b4:39:c4: ae:19:c2:f7:4c:23:29:91:b1:21:e9:18:66:5a:44: 7f:ad:64:2d:c9:3f:8a:2a:83:3f:85:5f:84:0e:9f: 08:0b:5b:6c:1e:1d:ac:98:7b:4b:2a:1f:dd:1f:82: bd:2d:d6:b7:54:35:21:0a:fa:65:d9:b6:d0:82:f7: 12:fc:a6:11:36:5e:79:15:71:28:f5:c7:ad:c6:09: 32:4d:20:e2:a8:4f:a8:27:9c:a0:f1:b4:ee:7c:f8: c8:b1:70:f1:05:7f:ed:37:1d:b4:a7:03:5f:27:c8: 29:c9:6b:ab:bb:ef:f1:6a:89:4a:72:08:e2:67:8d: b9:31:2b:32:fb:5b:9a:c8:aa:ac:ff:5c:ba:3b:33: 66:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:0A:4E:EE:85:1E:06:BA:21:BE:02:12:D8:85:4A:55:63:35:C5:D3 X509v3 Authority Key Identifier: keyid:2D:EA:78:B1:2D:43:5B:97:DE:FB:F9:2C:74:26:5C:34:33:BB:D0:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lep4sS1DW5fe-_ksdCZcNDO70Ck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:dc:a4:02:08:25:9f:84:cc:b8:85:62:43:c3:92:f5:0b:dd: ef:fe:0d:66:4f:2a:65:de:67:d6:43:27:ef:4e:64:c0:d9:71: 86:ff:51:65:63:b3:2c:28:53:fe:21:f3:a5:d4:28:d0:45:b9: 47:11:08:b8:0c:b4:29:f5:07:eb:8d:bf:ab:45:f7:f2:19:8b: 4a:a6:44:c3:8d:da:5b:0b:8c:5e:51:d8:c6:41:a9:c4:d0:db: c7:31:e7:39:90:ee:46:b9:6f:04:21:ba:29:d7:89:dc:c5:3d: 1c:7e:fa:1d:4d:2c:d1:ca:e8:d5:10:e8:f6:86:7e:2a:ab:10: 15:1f:15:92:84:d8:24:9d:84:f5:26:ad:d1:76:09:ba:b0:58: b3:d9:8e:83:da:6b:32:9a:5e:00:1b:86:fe:b3:ab:6e:a3:19: 08:96:db:7d:76:29:1b:07:b3:77:48:9c:3d:22:6e:2a:fe:57: d9:29:6c:a6:b7:07:49:fd:73:d9:ff:78:f2:2e:76:be:49:e5: 2e:4f:32:bc:9e:d2:2f:2b:46:43:54:83:8f:59:ae:a4:96:cd: 9e:71:e6:d3:a5:f4:ad:ae:5e:b9:ea:6f:b3:49:cb:1d:81:63: e7:32:2f:20:1c:91:2b:7b:69:29:16:c6:cf:62:c6:23:5a:98: d3:19:25:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszevyoqhzFEwBdXiYfIR6aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZWE3OGIxMmQ0MzViOTdkZWZiZjkyYzc0MjY1YzM0MzNi YmQwMjkwHhcNMjUxMjE4MjIwMDU2WhcNMjUxMjE5MjIwMDU2WjAzMTEwLwYDVQQD EygwYTBhNGVlZTg1MWUwNmJhMjFiZTAyMTJkODg1NGE1NTYzMzVjNWQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+16CcoDeSMR79J3T1Ci6V9v96He E3z+s235kjQuhxzBmiR66Tsg8eWNGbVI8gL/GaFe6UOGH5tzR9vr+XQRFCt8X3ut 4b14wYbTBlur7qaSMXPApG8x6RhF07CVPsqxl2jKUbKaYHvuK2LHKoiSxI6FIRq0 OcSuGcL3TCMpkbEh6RhmWkR/rWQtyT+KKoM/hV+EDp8IC1tsHh2smHtLKh/dH4K9 Lda3VDUhCvpl2bbQgvcS/KYRNl55FXEo9cetxgkyTSDiqE+oJ5yg8bTufPjIsXDx BX/tNx20pwNfJ8gpyWuru+/xaolKcgjiZ425MSsy+1uayKqs/1y6OzNmHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAoKTu6FHga6Ib4CEtiFSlVjNcXTMB8GA1UdIwQY MBaAFC3qeLEtQ1uX3vv5LHQmXDQzu9ApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGVwNHNTMURXNWZlLV9rc2RDWmNORE83MENrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85NmZhZWQtODdjMC00YjAwLTgxNzgt YTFkY2MzZmI5YTRmLzEvTGVwNHNTMURXNWZlLV9rc2RDWmNORE83MENrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS85NmZhZWQtODdjMC00YjAwLTgxNzgtYTFkY2MzZmI5YTRm LzEvTGVwNHNTMURXNWZlLV9rc2RDWmNORE83MENrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF9ykAggl n4TMuIViQ8OS9Qvd7/4NZk8qZd5n1kMn705kwNlxhv9RZWOzLChT/iHzpdQo0EW5 RxEIuAy0KfUH642/q0X38hmLSqZEw43aWwuMXlHYxkGpxNDbxzHnOZDuRrlvBCG6 KdeJ3MU9HH76HU0s0cro1RDo9oZ+KqsQFR8VkoTYJJ2E9Sat0XYJurBYs9mOg9pr MppeABuG/rOrbqMZCJbbfXYpGwezd0icPSJuKv5X2SlsprcHSf1z2f948i52vknl Lk8yvJ7SLytGQ1SDj1mupJbNnnHm06X0ra5euepvs0nLHYFj5zIvIByRK3tpKRbG z2LGI1qY0xkl3g== -----END CERTIFICATE-----Generated at Fri Dec 19 01:22:57 2025 by rpki-client