This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft File: X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json) Hash identifier: jwONFucT9vtVrY8kciC3TUoXSx7BBG/7Uq92A1QaiHA= Subject key identifier: 2F:62:F5:3C:D4:F8:CE:77:3E:B1:73:97:D7:F5:7C:10:FD:08:1D:4B Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C Certificate issuer: /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c Certificate serial: 019B31FA8F3E5A2B709893C279927342E5B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft Manifest number: 0D9D Signing time: Thu 18 Dec 2025 15:01:02 +0000 Manifest this update: Thu 18 Dec 2025 15:01:02 +0000 Manifest next update: Fri 19 Dec 2025 15:01:02 +0000 Files and hashes: 1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: pbFK3ShlaYNyu68eiK4X3tjmTYRhmDYYYVeG2OqaL1o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:8f:3e:5a:2b:70:98:93:c2:79:92:73:42:e5:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c Validity Not Before: Dec 18 15:01:02 2025 GMT Not After : Dec 19 15:01:02 2025 GMT Subject: CN=2f62f53cd4f8ce773eb17397d7f57c10fd081d4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:58:10:b1:3d:01:96:0b:bd:b9:35:b5:0d:f9: 16:da:f3:89:0f:23:61:ee:3f:ab:0c:95:20:88:95: e5:27:e9:a8:2c:8b:60:aa:57:63:f3:a8:52:92:be: c1:22:3a:33:5e:c7:54:45:20:6e:d3:e7:68:ec:24: 41:bc:5a:51:bd:a2:fb:81:d2:e0:40:2d:4b:0f:b8: 9f:36:3e:b9:ad:71:77:c5:79:4d:5a:fb:17:f9:56: 5b:06:64:6a:b9:57:3e:3c:c2:28:7f:32:b5:c7:b0: 46:c8:24:cf:ee:20:9b:b7:d8:da:0d:6e:36:0b:d4: 0b:2e:29:e2:82:02:d7:e6:c8:75:7a:f9:1a:bd:bf: eb:12:29:02:79:11:e6:48:a5:d8:c5:62:56:ff:55: eb:63:b0:fe:f8:12:27:49:b2:1a:7b:7a:0b:0f:3a: cb:5f:37:f5:a0:96:33:15:e1:75:7d:7b:69:1c:04: a8:8a:b0:dd:a1:15:ac:e4:8d:cb:8e:a2:f5:4c:e3: 8e:94:fe:0a:c8:5c:9b:d9:41:59:a0:90:d9:1b:b2: 74:9a:41:26:8b:f5:39:0c:7c:0b:8f:2c:d0:1f:62: 11:27:1e:77:45:3d:95:61:72:e1:95:44:12:6a:04: 44:20:31:9c:30:9f:7e:87:d9:5d:c9:51:d6:0e:9d: 8a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:62:F5:3C:D4:F8:CE:77:3E:B1:73:97:D7:F5:7C:10:FD:08:1D:4B X509v3 Authority Key Identifier: keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:ad:e1:bf:9f:be:df:e0:50:d0:62:c1:e2:9c:c4:88:14:3b: f5:92:b3:3c:89:05:6f:86:c7:f3:41:65:08:8a:cf:0f:d9:a0: 11:65:ca:fe:98:b8:86:d9:16:43:6d:d1:cb:c2:91:13:b3:2a: 1f:2b:3d:bb:ac:ba:45:ef:c4:0b:ba:8d:82:64:4b:86:11:76: 60:61:b3:98:b2:09:e8:b9:cf:f9:8f:aa:a3:68:11:1b:28:a4: 83:eb:80:07:fc:96:f2:7b:56:93:2d:91:76:cb:c4:a3:57:cd: 19:cc:8e:ce:5c:d0:07:8e:d4:6b:9f:96:95:0f:20:ff:60:71: 0f:06:5e:1a:71:10:b2:9a:13:fc:0e:4c:7f:5d:ce:87:4a:75: ed:03:4d:91:77:7f:52:eb:7e:8d:a1:0f:e6:19:da:ba:e6:1d: eb:9c:5a:8f:08:44:e5:6c:c7:38:84:22:18:aa:ff:1a:3a:4f: 00:e3:0c:a9:9b:a5:ee:34:cc:05:1b:b6:8e:59:4e:8e:81:5f: 12:fd:56:a0:df:f4:93:d9:30:60:e6:77:47:ed:0b:4a:58:b7: 29:28:55:73:53:ba:1e:90:a5:45:1e:1d:35:18:d5:73:c9:ba: 4c:51:4d:22:0a:e6:41:8c:f7:01:ee:bf:81:7e:49:f1:d0:cc: 89:c1:5c:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+o8+WitwmJPCeZJzQuWwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl MWY4NmMwHhcNMjUxMjE4MTUwMTAyWhcNMjUxMjE5MTUwMTAyWjAzMTEwLwYDVQQD EygyZjYyZjUzY2Q0ZjhjZTc3M2ViMTczOTdkN2Y1N2MxMGZkMDgxZDRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1gQsT0Blgu9uTW1DfkW2vOJDyNh 7j+rDJUgiJXlJ+moLItgqldj86hSkr7BIjozXsdURSBu0+do7CRBvFpRvaL7gdLg QC1LD7ifNj65rXF3xXlNWvsX+VZbBmRquVc+PMIofzK1x7BGyCTP7iCbt9jaDW42 C9QLLiniggLX5sh1evkavb/rEikCeRHmSKXYxWJW/1XrY7D++BInSbIae3oLDzrL Xzf1oJYzFeF1fXtpHASoirDdoRWs5I3LjqL1TOOOlP4KyFyb2UFZoJDZG7J0mkEm i/U5DHwLjyzQH2IRJx53RT2VYXLhlUQSagREIDGcMJ9+h9ldyVHWDp2KWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC9i9TzU+M53PrFzl9f1fBD9CB1LMB8GA1UdIwQY MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1 LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUq3hv5++ 3+BQ0GLB4pzEiBQ79ZKzPIkFb4bH80FlCIrPD9mgEWXK/pi4htkWQ23Ry8KRE7Mq Hys9u6y6Re/EC7qNgmRLhhF2YGGzmLIJ6LnP+Y+qo2gRGyikg+uAB/yW8ntWky2R dsvEo1fNGcyOzlzQB47Ua5+WlQ8g/2BxDwZeGnEQspoT/A5Mf13Oh0p17QNNkXd/ Uut+jaEP5hnauuYd65xajwhE5WzHOIQiGKr/GjpPAOMMqZul7jTMBRu2jllOjoFf Ev1WoN/0k9kwYOZ3R+0LSli3KShVc1O6HpClRR4dNRjVc8m6TFFNIgrmQYz3Ae6/ gX5J8dDMicFcbw== -----END CERTIFICATE-----Generated at Thu Dec 18 17:50:30 2025 by rpki-client