This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft File: lJQumzXZGQbREkXXO9WM3Y7KSdE.mft (raw, json) Hash identifier: WI3GG3yS+35o8eXrwhmxFhe3rylfhYZ6rbwELDk6k9A= Subject key identifier: 38:1D:F5:15:E9:93:F8:BB:41:3E:4F:1A:6C:6B:4D:1E:0F:97:C8:48 Authority key identifier: 94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 Certificate issuer: /CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Certificate serial: 019B32D7AD973BA4220B17F3ABC77951D4F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft Manifest number: 16DA Signing time: Thu 18 Dec 2025 19:02:34 +0000 Manifest this update: Thu 18 Dec 2025 19:02:34 +0000 Manifest next update: Fri 19 Dec 2025 19:02:34 +0000 Files and hashes: 1: V6dzQYTukirsU-gqtCUSWtxmwyw.roa (hash: TAhPxTUSZwI4JsrpdkkvjRG18+wELOBapOWsonm/zpw=) 2: lJQumzXZGQbREkXXO9WM3Y7KSdE.crl (hash: ctL/rHIsw+5nlD1laj715eHXnn9xCpTIAdQcf0cckPg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:ad:97:3b:a4:22:0b:17:f3:ab:c7:79:51:d4:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94942e9b35d91906d11245d73bd58cdd8eca49d1 Validity Not Before: Dec 18 19:02:34 2025 GMT Not After : Dec 19 19:02:34 2025 GMT Subject: CN=381df515e993f8bb413e4f1a6c6b4d1e0f97c848 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:0d:0c:89:f8:65:e2:e5:18:52:1b:fa:09:d8: 22:d0:32:75:53:1a:70:8c:9f:c7:59:0a:a0:7d:42: 5a:55:44:6c:99:bc:65:5e:77:17:ac:d6:a9:06:22: 7c:8f:70:2b:82:1a:7c:35:43:46:ab:07:2d:82:f1: cc:08:ea:76:b5:d8:be:d2:6d:58:c4:0d:47:f0:22: 15:a2:9e:06:26:8a:3a:ba:be:4a:70:d6:b0:99:fc: a0:f3:c4:10:0c:66:ed:80:9a:b0:67:9d:3b:e5:84: 34:2a:90:b3:52:72:17:f8:f0:3a:8a:6f:25:e6:6c: d7:1b:15:a6:ec:59:97:1d:80:8e:1f:cc:a7:50:88: 63:f8:45:a0:ee:c9:41:ca:e8:2b:9e:4a:c1:32:38: 77:cf:4b:03:f3:7c:1f:a9:4b:e4:2d:73:53:22:26: cc:85:7a:14:12:50:6d:6c:00:69:7f:fd:39:d9:f3: 28:0c:f2:a4:9e:2f:59:9d:0d:e9:79:fb:33:fc:03: 63:ef:63:d5:f7:b7:68:10:07:e2:f8:81:1d:83:db: a5:a0:1f:61:b2:0b:2a:f8:36:49:7d:1d:0c:17:49: 6d:27:ad:47:e5:d3:d1:a9:5d:43:13:4e:5b:5c:de: 83:ea:b4:0a:5a:77:d9:ce:e4:e0:d2:d8:78:e8:de: d9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:1D:F5:15:E9:93:F8:BB:41:3E:4F:1A:6C:6B:4D:1E:0F:97:C8:48 X509v3 Authority Key Identifier: keyid:94:94:2E:9B:35:D9:19:06:D1:12:45:D7:3B:D5:8C:DD:8E:CA:49:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJQumzXZGQbREkXXO9WM3Y7KSdE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c60980-a1de-4390-a0a3-32c20caf08ed/1/lJQumzXZGQbREkXXO9WM3Y7KSdE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:eb:f8:0b:9d:81:b9:2c:97:0d:e0:b5:0a:17:b0:be:c9:4d: 4d:ea:79:20:a0:05:03:48:8d:bb:e3:88:6b:c8:1f:e5:f3:1a: 5b:81:e9:b8:2f:92:9a:3a:66:fe:14:bb:27:59:a0:ef:8c:90: ba:37:85:57:27:e4:99:1e:59:52:80:74:ac:ff:3e:1d:99:c2: df:65:b4:33:be:3d:ec:0d:97:19:4c:ab:c1:33:00:1c:09:9b: 22:23:b8:06:0d:de:86:0d:b2:65:10:93:b2:02:d0:d4:7e:25: 9b:2a:f4:ba:35:eb:24:df:5a:c5:c7:1c:75:ec:59:a8:d8:95: f2:f6:85:04:aa:6d:79:0a:8f:09:b1:e0:64:75:ae:76:93:c9: e2:61:7a:cb:f5:65:91:35:9f:b0:0f:3c:45:dc:c9:93:ca:50: c8:a2:a4:5f:03:fc:82:d9:04:ce:ca:3d:d3:8f:7c:59:a9:77: 2d:96:12:86:68:09:bf:ba:1e:ed:3d:41:bb:7e:bb:9a:3a:20: a3:4f:28:76:fa:1e:7a:6d:a8:08:b5:1d:53:44:ec:de:1e:ed: 1d:ad:88:3d:bc:bb:f0:db:20:42:18:f1:cd:18:fb:6e:20:fc: 10:56:22:66:40:34:0f:33:9f:8d:01:df:5f:8f:af:0a:d4:73: b8:67:fd:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy162XO6QiCxfzq8d5UdT2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0OTQyZTliMzVkOTE5MDZkMTEyNDVkNzNiZDU4Y2RkOGVj YTQ5ZDEwHhcNMjUxMjE4MTkwMjM0WhcNMjUxMjE5MTkwMjM0WjAzMTEwLwYDVQQD EygzODFkZjUxNWU5OTNmOGJiNDEzZTRmMWE2YzZiNGQxZTBmOTdjODQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA0Mifhl4uUYUhv6Cdgi0DJ1Uxpw jJ/HWQqgfUJaVURsmbxlXncXrNapBiJ8j3Arghp8NUNGqwctgvHMCOp2tdi+0m1Y xA1H8CIVop4GJoo6ur5KcNawmfyg88QQDGbtgJqwZ5075YQ0KpCzUnIX+PA6im8l 5mzXGxWm7FmXHYCOH8ynUIhj+EWg7slByugrnkrBMjh3z0sD83wfqUvkLXNTIibM hXoUElBtbABpf/052fMoDPKkni9ZnQ3pefsz/ANj72PV97doEAfi+IEdg9uloB9h sgsq+DZJfR0MF0ltJ61H5dPRqV1DE05bXN6D6rQKWnfZzuTg0th46N7ZBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDgd9RXpk/i7QT5PGmxrTR4Pl8hIMB8GA1UdIwQY MBaAFJSULps12RkG0RJF1zvVjN2OyknRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMt MzJjMjBjYWYwOGVkLzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9jNjA5ODAtYTFkZS00MzkwLWEwYTMtMzJjMjBjYWYwOGVk LzEvbEpRdW16WFpHUWJSRWtYWE85V00zWTdLU2RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+v4C52B uSyXDeC1ChewvslNTep5IKAFA0iNu+OIa8gf5fMaW4HpuC+Smjpm/hS7J1mg74yQ ujeFVyfkmR5ZUoB0rP8+HZnC32W0M7497A2XGUyrwTMAHAmbIiO4Bg3ehg2yZRCT sgLQ1H4lmyr0ujXrJN9axcccdexZqNiV8vaFBKpteQqPCbHgZHWudpPJ4mF6y/Vl kTWfsA88RdzJk8pQyKKkXwP8gtkEzso90498Wal3LZYShmgJv7oe7T1Bu367mjog o08odvoeem2oCLUdU0Ts3h7tHa2IPby78NsgQhjxzRj7biD8EFYiZkA0DzOfjQHf X4+vCtRzuGf9vg== -----END CERTIFICATE-----Generated at Thu Dec 18 22:09:35 2025 by rpki-client