This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft File: lJQumzXZGQbREkXXO9WM3Y7KSdE.mft (raw, json) Hash identifier: cG1pgVyVDcgGinIgM6djaJPVLp+GlfbJUfkUmAk7nMU= Subject key identifier: C9:66:0B:B6:37:8E:A2:23:53:95:C5:56:9F:CF:4A:EB:61:FE:E2:AB Authority key identifier: 94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 Certificate issuer: /CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Certificate serial: 019AF12DE6324502507EB5685D6F90D77ACA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft Manifest number: 16B8 Signing time: Sat 06 Dec 2025 01:01:48 +0000 Manifest this update: Sat 06 Dec 2025 01:01:48 +0000 Manifest next update: Sun 07 Dec 2025 01:01:48 +0000 Files and hashes: 1: V6dzQYTukirsU-gqtCUSWtxmwyw.roa (hash: TAhPxTUSZwI4JsrpdkkvjRG18+wELOBapOWsonm/zpw=) 2: lJQumzXZGQbREkXXO9WM3Y7KSdE.crl (hash: up/1HSBR47ASZJk33nVnOhErSuKD38ARaNPMTYzsbLA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:e6:32:45:02:50:7e:b5:68:5d:6f:90:d7:7a:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Validity Not Before: Dec 6 01:01:48 2025 GMT Not After : Dec 7 01:01:48 2025 GMT Subject: CN=c9660bb6378ea2235395c5569fcf4aeb61fee2ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7d:a2:f6:64:6d:8e:4e:07:60:a7:0b:ba:ad: b8:d3:12:0c:66:c7:23:c8:92:10:48:69:49:3d:5c: 41:02:d9:2a:e9:a6:21:53:0b:6a:90:fa:c8:a8:65: 2e:3f:24:2d:9e:d0:b7:cc:62:54:4a:ac:2b:74:77: 86:c8:d8:5e:1b:af:15:30:8d:8d:73:9d:82:03:09: 7d:64:6a:44:d5:eb:c4:ca:0c:a6:d0:88:35:78:32: 93:74:82:14:71:3e:8b:ad:5e:e5:f3:4c:f2:64:b3: e0:cb:27:8b:d5:5c:75:3a:26:08:15:fc:87:5a:07: e7:4f:21:de:d7:c4:f3:a1:00:c9:53:1d:b8:a1:e7: d4:16:6b:79:59:cb:d7:cc:2d:f2:36:f5:3d:7e:e1: ea:b0:65:2b:c8:6e:43:27:25:fb:ab:8d:d3:bb:c3: 11:13:06:81:c5:9c:13:36:db:07:9e:9f:df:48:3d: 9d:b0:0c:d5:10:9f:91:9b:b5:d9:76:49:57:b8:31: e0:dd:e1:65:86:1a:27:f3:96:4b:c8:82:df:42:cd: ca:5c:4f:03:62:8e:7c:0c:b9:97:c3:c6:6b:99:ff: 46:40:79:9f:8e:1e:0b:05:7c:41:1e:ed:1e:20:ec: 59:e3:f8:45:08:2c:66:8b:8a:e7:78:7c:eb:3a:e0: 4a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:66:0B:B6:37:8E:A2:23:53:95:C5:56:9F:CF:4A:EB:61:FE:E2:AB X509v3 Authority Key Identifier: keyid:94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:3f:d3:ff:10:b3:48:70:1d:c4:1a:cc:b0:e3:c2:98:4b:d6: 99:77:8a:03:d4:50:02:fa:4b:b6:bc:3f:1c:d1:95:0e:a2:95: dd:83:10:d4:b2:31:d5:a8:ab:4a:3f:be:8a:f4:4d:53:8d:03: 9d:be:3a:69:a2:ef:3f:3f:d5:c7:c9:7a:57:42:f1:c0:6f:4e: 49:59:86:3a:14:02:a7:26:d6:eb:ae:3d:f0:79:ce:97:9b:de: 1e:19:e8:d9:18:12:0f:ab:ed:cc:c3:c6:b0:fb:05:17:4a:7c: cc:60:00:1e:3d:ef:6f:ca:49:e8:bb:1a:df:d1:12:0f:a5:ad: 63:2d:d9:20:30:5a:da:61:be:84:83:5a:33:09:95:4b:69:cc: ea:0b:77:52:ae:69:73:0b:a4:af:0a:07:88:32:dc:96:bb:c9: 26:4e:9b:ed:2a:a4:35:7f:d8:61:96:e0:28:3c:75:59:5f:05: d3:c4:3d:3c:eb:37:2e:51:6b:57:a6:6b:9b:7f:67:06:f1:19: 48:da:3b:75:ce:79:ca:83:4e:9a:e7:08:41:ab:da:01:ab:2e: ce:ef:b3:72:89:a1:8b:f1:7f:f4:fc:a5:c3:a3:68:57:a0:d5: 41:d7:ae:e0:b9:04:24:d5:33:db:5a:08:85:0b:00:58:ec:64: dd:8e:8e:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLeYyRQJQfrVoXW+Q13rKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0OTQyZTliMzVkOTE5MDZkMTEyNDVkNzNiZDU4Y2RkOGVj YTQ5ZDEwHhcNMjUxMjA2MDEwMTQ4WhcNMjUxMjA3MDEwMTQ4WjAzMTEwLwYDVQQD EyhjOTY2MGJiNjM3OGVhMjIzNTM5NWM1NTY5ZmNmNGFlYjYxZmVlMmFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr32i9mRtjk4HYKcLuq240xIMZscj yJIQSGlJPVxBAtkq6aYhUwtqkPrIqGUuPyQtntC3zGJUSqwrdHeGyNheG68VMI2N c52CAwl9ZGpE1evEygym0Ig1eDKTdIIUcT6LrV7l80zyZLPgyyeL1Vx1OiYIFfyH WgfnTyHe18TzoQDJUx24oefUFmt5WcvXzC3yNvU9fuHqsGUryG5DJyX7q43Tu8MR EwaBxZwTNtsHnp/fSD2dsAzVEJ+Rm7XZdklXuDHg3eFlhhon85ZLyILfQs3KXE8D Yo58DLmXw8Zrmf9GQHmfjh4LBXxBHu0eIOxZ4/hFCCxmi4rneHzrOuBKSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMlmC7Y3jqIjU5XFVp/PSuth/uKrMB8GA1UdIwQY MBaAFJSULps12RkG0RJF1zvVjN2OyknRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMt MzJjMjBjYWYwOGVkLzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMtMzJjMjBjYWYwOGVk LzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKj/T/xCz SHAdxBrMsOPCmEvWmXeKA9RQAvpLtrw/HNGVDqKV3YMQ1LIx1airSj++ivRNU40D nb46aaLvPz/Vx8l6V0LxwG9OSVmGOhQCpybW66498HnOl5veHhno2RgSD6vtzMPG sPsFF0p8zGAAHj3vb8pJ6Lsa39ESD6WtYy3ZIDBa2mG+hINaMwmVS2nM6gt3Uq5p cwukrwoHiDLclrvJJk6b7SqkNX/YYZbgKDx1WV8F08Q9POs3LlFrV6Zrm39nBvEZ SNo7dc55yoNOmucIQavaAasuzu+zcomhi/F/9Pylw6NoV6DVQdeu4LkEJNUz21oI hQsAWOxk3Y6OiQ== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:07 2025 by rpki-client