This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft File: lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json) Hash identifier: yMAKrU2fIbPiuu4Eu8XkNuclKX3dQtTpyg8sltIiL9A= Subject key identifier: A2:3E:51:08:1A:AE:71:09:21:0F:E3:8B:E4:14:97:9C:DE:BB:42:C4 Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 Certificate issuer: /CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Certificate serial: 019AF19AC3600127C81ED68EEC4A10CB4A15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft Manifest number: 0675 Signing time: Sat 06 Dec 2025 03:00:42 +0000 Manifest this update: Sat 06 Dec 2025 03:00:42 +0000 Manifest next update: Sun 07 Dec 2025 03:00:42 +0000 Files and hashes: 1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: 6LPzvKaA54kWbHww1aFxIKaqceZkoxnXQUQMcULyu/Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:c3:60:01:27:c8:1e:d6:8e:ec:4a:10:cb:4a:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72 Validity Not Before: Dec 6 03:00:42 2025 GMT Not After : Dec 7 03:00:42 2025 GMT Subject: CN=a23e51081aae7109210fe38be414979cdebb42c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8b:65:79:85:40:f2:ff:6a:a3:6a:38:fc:88: 78:40:cc:c6:2f:b7:ac:46:96:84:47:4f:67:0d:04: cc:87:f1:f7:8d:9e:0f:8d:ec:a6:4f:63:ad:35:30: 67:d6:06:23:d7:c1:0b:60:c6:8c:a5:67:29:86:68: 7d:68:a6:88:dc:f0:da:8f:0c:2a:be:67:30:ed:bd: 0c:9e:ad:b4:9d:36:8c:c9:e6:6c:16:f6:c7:fc:40: 64:78:99:c9:2d:95:4c:97:5d:64:da:a3:10:95:48: 0a:2c:4d:1f:9a:9e:80:3e:91:78:ce:24:34:89:63: cc:bc:f4:bc:2e:62:55:bc:aa:7c:a4:ff:dd:9a:50: 55:7b:73:aa:a4:3a:fb:51:f1:3a:4c:90:c6:b3:20: 15:52:6f:b1:45:0f:ce:da:08:a7:d2:7d:0e:df:3d: 8f:11:b1:91:56:a9:74:d2:56:23:5e:a6:8f:f4:a2: 4f:5f:cc:2e:32:54:41:fa:98:36:3d:ef:76:9f:c6: f4:7f:11:e9:33:65:0f:8a:43:4e:0a:6c:a3:07:8e: 73:93:69:71:a0:69:58:00:bd:bf:5d:c4:de:ec:e8: 4c:51:e0:48:b4:8e:5d:15:44:df:ff:ed:56:7e:8c: 02:a0:0f:c5:3d:14:73:77:85:e2:83:bd:6d:f5:b5: 0d:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:3E:51:08:1A:AE:71:09:21:0F:E3:8B:E4:14:97:9C:DE:BB:42:C4 X509v3 Authority Key Identifier: keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:2a:38:f4:bc:1a:02:8a:60:ea:b7:d3:ce:f0:81:05:b6:e4: 5e:76:73:a4:4a:29:2a:9a:a6:27:a4:b0:10:5b:58:0b:70:7a: 8b:2a:4e:1f:e9:a4:7a:c1:e2:dd:42:3a:fa:29:5e:1b:d1:8d: 49:04:30:52:d5:37:57:35:7f:99:32:9c:3e:cc:45:3d:c5:0e: b0:68:f6:e1:f1:10:3b:4f:1d:17:cb:46:99:22:d4:11:93:80: 71:26:bc:78:9f:ac:a4:3d:a9:40:6f:5f:96:4d:2d:20:f4:27: 06:e7:1f:ce:59:42:bd:ae:1c:0f:dd:82:9a:19:cc:1e:a4:60: be:b6:60:2c:f6:bf:40:d5:ca:8f:58:f9:b5:c3:a6:35:4d:ef: 93:65:98:6e:1f:86:2d:e7:81:d5:c7:ab:34:73:6a:38:1f:55: 64:a1:80:29:52:07:5e:56:53:8f:c3:33:a3:5d:a7:c1:39:7b: 9e:3a:a0:08:44:f9:5a:14:a7:84:82:0d:1a:55:01:58:d7:e5: 91:90:68:32:69:86:e2:51:b4:ab:07:3d:e8:87:36:7a:80:a8: ca:60:2e:80:76:40:42:ab:1f:8e:5e:6a:d5:22:bd:7f:7a:9a: 2e:c5:18:f2:48:01:ac:3c:ed:88:41:90:6e:30:e8:cb:82:26: 79:4f:f0:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmsNgASfIHtaO7EoQy0oVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4 NjRhNzIwHhcNMjUxMjA2MDMwMDQyWhcNMjUxMjA3MDMwMDQyWjAzMTEwLwYDVQQD EyhhMjNlNTEwODFhYWU3MTA5MjEwZmUzOGJlNDE0OTc5Y2RlYmI0MmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ItleYVA8v9qo2o4/Ih4QMzGL7es RpaER09nDQTMh/H3jZ4PjeymT2OtNTBn1gYj18ELYMaMpWcphmh9aKaI3PDajwwq vmcw7b0Mnq20nTaMyeZsFvbH/EBkeJnJLZVMl11k2qMQlUgKLE0fmp6APpF4ziQ0 iWPMvPS8LmJVvKp8pP/dmlBVe3OqpDr7UfE6TJDGsyAVUm+xRQ/O2gin0n0O3z2P EbGRVql00lYjXqaP9KJPX8wuMlRB+pg2Pe92n8b0fxHpM2UPikNOCmyjB45zk2lx oGlYAL2/XcTe7OhMUeBItI5dFUTf/+1WfowCoA/FPRRzd4Xig71t9bUN8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKI+UQgarnEJIQ/ji+QUl5zeu0LEMB8GA1UdIwQY MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCo49Lwa Aopg6rfTzvCBBbbkXnZzpEopKpqmJ6SwEFtYC3B6iypOH+mkesHi3UI6+ileG9GN SQQwUtU3VzV/mTKcPsxFPcUOsGj24fEQO08dF8tGmSLUEZOAcSa8eJ+spD2pQG9f lk0tIPQnBucfzllCva4cD92CmhnMHqRgvrZgLPa/QNXKj1j5tcOmNU3vk2WYbh+G LeeB1cerNHNqOB9VZKGAKVIHXlZTj8Mzo12nwTl7njqgCET5WhSnhIINGlUBWNfl kZBoMmmG4lG0qwc96Ic2eoCoymAugHZAQqsfjl5q1SK9f3qaLsUY8kgBrDztiEGQ bjDoy4ImeU/whQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:46 2025 by rpki-client