This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft File: LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json) Hash identifier: nrtvTNGAyZdejimjJ753dRDtw9Xuw+woeY8IvlNgR+8= Subject key identifier: 51:D9:7F:A0:86:3A:7F:47:72:9B:50:BE:77:E4:08:46:51:FC:F8:A0 Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9 Certificate issuer: /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9 Certificate serial: 019AF12DC98744C319F92245DAC2A6D5188F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft Manifest number: 0BDA Signing time: Sat 06 Dec 2025 01:01:41 +0000 Manifest this update: Sat 06 Dec 2025 01:01:41 +0000 Manifest next update: Sun 07 Dec 2025 01:01:41 +0000 Files and hashes: 1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: Bqe05+BQjcuW+AYflLCD+7AYgPSgPfZ11xYmIUU0TkU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c9:87:44:c3:19:f9:22:45:da:c2:a6:d5:18:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9 Validity Not Before: Dec 6 01:01:41 2025 GMT Not After : Dec 7 01:01:41 2025 GMT Subject: CN=51d97fa0863a7f47729b50be77e4084651fcf8a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:02:20:45:b7:90:95:78:46:16:c8:27:85:27: 49:d3:42:27:7c:6a:9d:c4:51:74:e6:5b:c9:8a:60: 61:3e:a1:d6:93:55:04:6f:5f:9f:b9:8d:25:7c:2d: e6:0d:42:cd:99:fc:5c:ad:4b:9c:01:92:02:2e:10: 37:af:c4:dd:69:24:d1:46:c3:f8:bc:3c:9d:dd:eb: 90:63:c0:0f:15:62:15:21:69:79:d4:f9:9c:1f:b5: 4b:ec:3a:67:73:c0:02:c9:08:a9:5a:5d:92:df:77: b3:9d:c8:b7:2f:d8:9e:f7:bc:8d:75:73:9b:3f:ab: 8a:bd:01:3e:c0:70:56:83:2f:c7:25:a1:f4:91:87: 8f:3c:5e:f9:b7:7e:e0:58:e3:c0:cd:39:8a:5d:54: 3e:5b:e1:08:58:b5:b0:9c:4f:0c:15:c2:4e:42:1d: 41:4c:17:ae:18:f5:23:0c:38:0c:48:c3:13:b7:ff: 47:af:ae:87:22:e5:13:42:67:bb:8e:d7:bb:9a:b9: 60:65:f9:b1:b2:2c:d6:8d:ca:f9:59:f1:64:d1:c5: 6f:20:4b:da:3f:f5:45:a2:90:b2:07:e6:7d:55:67: 4c:6e:11:a0:12:51:c7:91:ec:05:9f:3b:f2:f1:3b: 48:e1:cc:68:7d:44:ef:eb:4f:73:b1:09:2d:50:da: a0:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:D9:7F:A0:86:3A:7F:47:72:9B:50:BE:77:E4:08:46:51:FC:F8:A0 X509v3 Authority Key Identifier: keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:8a:14:b5:8d:44:00:a4:33:82:ae:43:df:3f:cb:7b:bc:a0: ed:e1:db:11:d1:53:07:75:73:6d:19:50:b5:f5:07:d3:65:95: 71:35:d0:9a:5b:20:8a:cd:a2:85:a5:2b:01:58:58:26:ae:8b: ba:22:a0:89:b1:19:54:99:58:8c:7b:62:9b:53:a9:3a:ee:51: bc:e3:f5:dc:32:2f:7f:75:33:00:42:0e:91:0e:bb:f7:01:3d: 0b:da:65:3a:56:d9:76:09:0b:0f:5f:b0:f5:3e:e2:46:38:43: 6d:fe:65:d8:18:ac:55:cd:7c:d6:28:04:e3:60:9e:fc:4c:c4: dc:00:fb:b5:7b:a0:98:a6:aa:f3:cc:43:2b:a8:fb:82:70:d8: 88:87:f5:38:d0:88:51:f7:36:f6:25:71:0b:78:71:21:cd:84: e6:50:7c:25:1a:9d:6e:d6:18:67:d7:97:0e:3b:9c:fb:90:24: 1b:d1:94:b7:8e:3d:42:c7:a0:20:fa:8d:df:1a:7e:ef:09:e1: 7b:06:08:4a:08:79:73:7c:bc:bf:3b:be:4f:11:22:dd:2f:4b: b2:6a:5f:9c:68:b7:8e:5a:01:6c:69:ac:94:22:cd:72:bc:c2: 40:68:12:e5:38:8d:bf:44:83:f9:32:6c:c7:b2:9b:d9:f9:90: 80:52:c8:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcmHRMMZ+SJF2sKm1RiPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4 ODg1ZDkwHhcNMjUxMjA2MDEwMTQxWhcNMjUxMjA3MDEwMTQxWjAzMTEwLwYDVQQD Eyg1MWQ5N2ZhMDg2M2E3ZjQ3NzI5YjUwYmU3N2U0MDg0NjUxZmNmOGEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwIgRbeQlXhGFsgnhSdJ00InfGqd xFF05lvJimBhPqHWk1UEb1+fuY0lfC3mDULNmfxcrUucAZICLhA3r8TdaSTRRsP4 vDyd3euQY8APFWIVIWl51PmcH7VL7Dpnc8ACyQipWl2S33eznci3L9ie97yNdXOb P6uKvQE+wHBWgy/HJaH0kYePPF75t37gWOPAzTmKXVQ+W+EIWLWwnE8MFcJOQh1B TBeuGPUjDDgMSMMTt/9Hr66HIuUTQme7jte7mrlgZfmxsizWjcr5WfFk0cVvIEva P/VFopCyB+Z9VWdMbhGgElHHkewFnzvy8TtI4cxofUTv609zsQktUNqgiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFHZf6CGOn9HcptQvnfkCEZR/PigMB8GA1UdIwQY MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1 LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXYoUtY1E AKQzgq5D3z/Le7yg7eHbEdFTB3VzbRlQtfUH02WVcTXQmlsgis2ihaUrAVhYJq6L uiKgibEZVJlYjHtim1OpOu5RvOP13DIvf3UzAEIOkQ679wE9C9plOlbZdgkLD1+w 9T7iRjhDbf5l2BisVc181igE42Ce/EzE3AD7tXugmKaq88xDK6j7gnDYiIf1ONCI Ufc29iVxC3hxIc2E5lB8JRqdbtYYZ9eXDjuc+5AkG9GUt449QsegIPqN3xp+7wnh ewYISgh5c3y8vzu+TxEi3S9LsmpfnGi3jloBbGmslCLNcrzCQGgS5TiNv0SD+TJs x7Kb2fmQgFLI/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:44:46 2025 by rpki-client