This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft File: lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json) Hash identifier: qYl6DFVR8yMmDZezzGbDgIXi7+WKUWf1UefB4c51u8I= Subject key identifier: 5E:5D:C8:F6:33:17:F3:CA:C6:F2:BE:33:84:36:9F:70:F9:B7:4B:BA Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B Certificate issuer: /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b Certificate serial: 019AF12D8DB1490295ADA235BCD4C4F687C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft Manifest number: 0638 Signing time: Sat 06 Dec 2025 01:01:25 +0000 Manifest this update: Sat 06 Dec 2025 01:01:25 +0000 Manifest next update: Sun 07 Dec 2025 01:01:25 +0000 Files and hashes: 1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: ElwPVme8KrhJlBQjIlg8nLCLNcGEhyw1NDIF4v+RyQk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:8d:b1:49:02:95:ad:a2:35:bc:d4:c4:f6:87:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b Validity Not Before: Dec 6 01:01:25 2025 GMT Not After : Dec 7 01:01:25 2025 GMT Subject: CN=5e5dc8f63317f3cac6f2be3384369f70f9b74bba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:44:2b:0c:b7:c5:82:da:9c:ac:cc:72:0d:69: 4a:37:62:f2:e9:1d:fe:0e:c8:7e:96:99:c6:9c:63: 45:7b:48:3f:5f:72:17:c4:ac:72:ce:22:ce:27:3d: ce:ae:13:e2:c3:67:7c:b2:97:a5:69:3a:07:5c:8b: 51:b0:4c:e1:d4:33:a5:5f:85:a2:1a:b5:63:93:54: 7b:7b:45:42:e1:d7:34:c3:f9:e7:39:ee:38:72:02: a7:ac:24:38:af:07:40:b6:3e:18:c6:80:e7:ed:0a: d7:10:5c:07:6e:ed:db:f6:44:8c:b3:aa:f9:72:7b: 96:37:dc:28:a4:81:d2:34:20:1a:1e:42:71:9c:b3: 59:30:62:35:1d:38:bf:60:67:ca:a8:01:fb:d3:8c: 61:db:b4:31:45:4a:82:cd:da:2b:99:ab:9a:c1:f8: d0:8e:07:12:ca:5a:4d:db:2f:97:b8:e5:b1:9b:99: e7:f6:fa:f6:b7:2b:58:1d:ea:07:ca:ab:cc:d8:0a: 2f:c1:cb:a5:a5:93:27:8e:c8:66:ef:69:ac:01:a0: 5f:38:9f:dd:9b:e8:d8:19:b0:2a:54:d9:eb:02:6a: ee:77:ae:de:28:b3:f1:0f:bc:b7:9b:9b:38:3c:d9: 98:a3:73:8a:eb:84:a0:20:d1:7a:2f:e4:bc:1b:a3: 4a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:5D:C8:F6:33:17:F3:CA:C6:F2:BE:33:84:36:9F:70:F9:B7:4B:BA X509v3 Authority Key Identifier: keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:95:38:5c:45:a7:2d:eb:0d:f0:6f:de:70:f1:23:28:b8:61: 9f:45:2b:b4:fc:29:e7:ba:92:a6:a0:42:a6:76:d5:be:21:6d: 30:73:c5:19:9b:88:f1:ad:a0:69:7f:78:80:4a:c7:35:4a:52: b9:a4:7f:45:7f:24:ce:87:40:80:cb:20:00:a9:b2:6f:d7:3e: 2c:67:36:48:6d:20:f7:69:b4:02:a6:18:b3:cd:94:31:69:20: af:6d:f9:d5:64:a5:6a:0b:3a:9e:6d:c8:a6:22:ff:ab:33:8f: 3f:ac:95:bd:1e:a0:01:35:e8:32:bc:12:ec:ae:a9:e5:f2:1f: 42:ee:ab:32:a8:8d:3b:12:e1:3f:52:c8:e5:03:79:a3:49:48: 33:d6:78:03:83:6d:f4:65:a8:14:ef:cf:f0:86:4b:9a:84:36: 75:ce:c4:1d:d6:d1:55:be:fc:97:17:ef:77:da:89:ae:92:81: 26:7b:51:2e:17:b9:51:9c:da:0a:cc:6c:67:9e:33:9b:90:f0: e4:98:97:f7:a2:61:25:28:ad:7f:c7:d6:b7:e2:91:4b:b5:b7: ed:c3:64:c1:25:c7:39:7f:50:85:de:6b:89:13:61:84:a8:0b: 4c:cd:c5:6c:20:e9:8e:0b:5d:4a:42:53:ab:81:5e:28:79:63: a8:82:cb:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLY2xSQKVraI1vNTE9ofAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi MTMwNWIwHhcNMjUxMjA2MDEwMTI1WhcNMjUxMjA3MDEwMTI1WjAzMTEwLwYDVQQD Eyg1ZTVkYzhmNjMzMTdmM2NhYzZmMmJlMzM4NDM2OWY3MGY5Yjc0YmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EQrDLfFgtqcrMxyDWlKN2Ly6R3+ Dsh+lpnGnGNFe0g/X3IXxKxyziLOJz3OrhPiw2d8spelaToHXItRsEzh1DOlX4Wi GrVjk1R7e0VC4dc0w/nnOe44cgKnrCQ4rwdAtj4YxoDn7QrXEFwHbu3b9kSMs6r5 cnuWN9wopIHSNCAaHkJxnLNZMGI1HTi/YGfKqAH704xh27QxRUqCzdormauawfjQ jgcSylpN2y+XuOWxm5nn9vr2tytYHeoHyqvM2AovwculpZMnjshm72msAaBfOJ/d m+jYGbAqVNnrAmrud67eKLPxD7y3m5s4PNmYo3OK64SgINF6L+S8G6NKfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF5dyPYzF/PKxvK+M4Q2n3D5t0u6MB8GA1UdIwQY MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpU4XEWn LesN8G/ecPEjKLhhn0UrtPwp57qSpqBCpnbVviFtMHPFGZuI8a2gaX94gErHNUpS uaR/RX8kzodAgMsgAKmyb9c+LGc2SG0g92m0AqYYs82UMWkgr2351WSlags6nm3I piL/qzOPP6yVvR6gATXoMrwS7K6p5fIfQu6rMqiNOxLhP1LI5QN5o0lIM9Z4A4Nt 9GWoFO/P8IZLmoQ2dc7EHdbRVb78lxfvd9qJrpKBJntRLhe5UZzaCsxsZ54zm5Dw 5JiX96JhJSitf8fWt+KRS7W37cNkwSXHOX9Qhd5riRNhhKgLTM3FbCDpjgtdSkJT q4FeKHljqILLNg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:32:38 2025 by rpki-client