This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.mft File: lHEhWA7QLt309eWofTfgF7Mt9xs.mft (raw, json) Hash identifier: DrOOtjC+Xj25BES64Q73cm1eFFm+8GeK9ylvj3ksnEg= Subject key identifier: 59:3F:15:64:BE:67:F4:B3:B2:FD:CC:5C:3A:29:79:5E:E9:C3:95:D6 Authority key identifier: 94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B Certificate issuer: /CN=947121580ed02eddf4f5e5a87d37e017b32df71b Certificate serial: 019B424A6DC2D5784EC7CEC44807B6E0B042 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.mft Manifest number: 178B Signing time: Sun 21 Dec 2025 19:02:12 +0000 Manifest this update: Sun 21 Dec 2025 19:02:12 +0000 Manifest next update: Mon 22 Dec 2025 19:02:12 +0000 Files and hashes: 1: lHEhWA7QLt309eWofTfgF7Mt9xs.crl (hash: LvmePgz1u4Lxp4nZOUxjlF3XA1jTjMWflEr6Cypdo4M=) 2: qxUZWESkWfPvrh5nMLtmisJ-xm0.roa (hash: QiH9IyXND+kMiLoL1S1ImhCqyZcezaR+0IjNSX+Zg6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.mft rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:6d:c2:d5:78:4e:c7:ce:c4:48:07:b6:e0:b0:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=947121580ed02eddf4f5e5a87d37e017b32df71b Validity Not Before: Dec 21 19:02:12 2025 GMT Not After : Dec 22 19:02:12 2025 GMT Subject: CN=593f1564be67f4b3b2fdcc5c3a29795ee9c395d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:7c:e2:b6:61:ec:cf:46:f9:ff:05:6f:03:54: 5b:07:e6:7f:21:82:4b:7f:8e:33:de:9c:7b:d4:5f: 39:2a:eb:1e:6a:6f:31:cf:c8:1d:13:66:b9:c5:5b: 4a:7d:45:b0:4d:4b:ab:d6:fb:99:ae:d2:37:93:d5: a0:d8:8e:34:3a:57:ad:02:ef:15:68:a5:38:c3:12: 6e:86:aa:f4:0e:a2:e6:11:94:6c:8c:93:1b:3a:0d: 0b:af:c8:6e:a4:75:18:c1:60:98:0d:a9:8c:b9:31: b3:45:08:a8:d1:6b:70:85:84:9d:42:e2:57:a9:c6: 08:a8:47:75:3b:88:eb:72:f0:6b:75:20:45:73:44: f9:71:ca:5f:b1:f1:bf:9f:7f:34:2e:61:ed:cf:25: f3:f1:e0:0c:f4:86:e9:46:32:04:94:a2:2c:ed:76: 7b:ba:3c:11:cb:83:6a:d4:ac:00:5b:01:38:5d:9b: 63:1d:f9:2a:24:3a:3d:36:b8:22:7b:30:f2:41:08: 3d:16:db:73:bf:b5:e3:49:44:b0:01:76:fa:2f:6c: 4f:a8:58:2e:c0:5d:a4:84:a0:00:f7:c6:ad:48:dc: 3f:4a:ff:e6:fc:35:ef:e6:e6:3c:95:a3:ee:c1:a2: 94:ff:dd:b2:f0:1d:28:18:a7:e2:67:7a:65:de:c8: 29:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:3F:15:64:BE:67:F4:B3:B2:FD:CC:5C:3A:29:79:5E:E9:C3:95:D6 X509v3 Authority Key Identifier: keyid:94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:27:55:0f:80:0b:f8:16:59:41:49:11:bf:09:c7:3f:57:bd: ec:b5:0a:22:cd:be:c9:ab:45:7c:95:04:5f:2e:be:c0:a0:e2: f5:1c:64:25:b5:f6:b6:d9:88:82:12:d1:1d:c6:d7:84:29:63: 98:f0:39:a0:a8:bd:a2:75:f3:bf:05:12:09:2c:93:d1:96:9f: dd:05:53:39:cb:aa:08:9a:85:0f:a6:41:0e:98:55:fb:c8:ff: 79:55:e7:36:7e:d0:8e:17:e5:9c:4d:b6:7c:6f:c2:a6:34:e2: 16:d2:a4:50:8f:3d:b8:9b:b9:e3:a8:bc:ae:45:8f:c3:a3:9d: ca:70:4b:9b:8d:64:cf:63:14:9f:51:ad:08:1a:7e:88:3e:0a: 82:46:6d:47:68:f3:8c:c4:8a:db:f2:5d:47:9e:3f:9e:34:89: 93:fc:0d:67:57:7f:93:3f:59:3a:0f:da:e2:3d:e2:40:4e:ef: c8:06:39:de:80:b9:5c:b3:27:c3:1c:3b:27:44:4d:c3:20:a9: bf:6f:d9:26:3e:b3:6a:01:c6:14:85:84:76:93:31:fa:ff:99: 9e:49:a7:b1:b8:ac:0a:14:ae:5d:30:70:f8:17:fd:ea:28:15: bf:76:78:8c:e3:2a:7c:e9:cf:c9:b0:01:43:d9:f5:2f:ba:01: e0:a2:26:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSm3C1XhOx87ESAe24LBCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NzEyMTU4MGVkMDJlZGRmNGY1ZTVhODdkMzdlMDE3YjMy ZGY3MWIwHhcNMjUxMjIxMTkwMjEyWhcNMjUxMjIyMTkwMjEyWjAzMTEwLwYDVQQD Eyg1OTNmMTU2NGJlNjdmNGIzYjJmZGNjNWMzYTI5Nzk1ZWU5YzM5NWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXzitmHsz0b5/wVvA1RbB+Z/IYJL f44z3px71F85Kuseam8xz8gdE2a5xVtKfUWwTUur1vuZrtI3k9Wg2I40OletAu8V aKU4wxJuhqr0DqLmEZRsjJMbOg0Lr8hupHUYwWCYDamMuTGzRQio0WtwhYSdQuJX qcYIqEd1O4jrcvBrdSBFc0T5ccpfsfG/n380LmHtzyXz8eAM9IbpRjIElKIs7XZ7 ujwRy4Nq1KwAWwE4XZtjHfkqJDo9NrgiezDyQQg9Fttzv7XjSUSwAXb6L2xPqFgu wF2khKAA98atSNw/Sv/m/DXv5uY8laPuwaKU/92y8B0oGKfiZ3pl3sgpUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFk/FWS+Z/Szsv3MXDopeV7pw5XWMB8GA1UdIwQY MBaAFJRxIVgO0C7d9PXlqH034BezLfcbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDkt YTJmNDI1NjAwZGIzLzEvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDktYTJmNDI1NjAwZGIz LzEvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANydVD4AL +BZZQUkRvwnHP1e97LUKIs2+yatFfJUEXy6+wKDi9RxkJbX2ttmIghLRHcbXhClj mPA5oKi9onXzvwUSCSyT0Zaf3QVTOcuqCJqFD6ZBDphV+8j/eVXnNn7QjhflnE22 fG/CpjTiFtKkUI89uJu546i8rkWPw6OdynBLm41kz2MUn1GtCBp+iD4KgkZtR2jz jMSK2/JdR54/njSJk/wNZ1d/kz9ZOg/a4j3iQE7vyAY53oC5XLMnwxw7J0RNwyCp v2/ZJj6zagHGFIWEdpMx+v+ZnkmnsbisChSuXTBw+Bf96igVv3Z4jOMqfOnPybAB Q9n1L7oB4KImjg== -----END CERTIFICATE-----Generated at Sun Dec 21 21:48:45 2025 by rpki-client