This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft File: XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft (raw, json) Hash identifier: upuBdSOfc24AxYOimeak/nkR8E32ie08rSn24wV2FkA= Subject key identifier: 32:01:6A:EA:19:CF:1E:E2:A8:4D:46:05:D8:1F:54:B6:62:AA:3C:13 Authority key identifier: 5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47 Certificate issuer: /CN=5e55afde34211bcee6a7fd992488a24927b46947 Certificate serial: 019AF23FC0C6772A461F3CBB30B6502B0AE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft Manifest number: 03AB Signing time: Sat 06 Dec 2025 06:00:55 +0000 Manifest this update: Sat 06 Dec 2025 06:00:55 +0000 Manifest next update: Sun 07 Dec 2025 06:00:55 +0000 Files and hashes: 1: XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl (hash: 1dz6X7b1ioI9LN+S/0iPYYOdoQ5o5n1btI3iCDsyW8Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:c0:c6:77:2a:46:1f:3c:bb:30:b6:50:2b:0a:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e55afde34211bcee6a7fd992488a24927b46947 Validity Not Before: Dec 6 06:00:55 2025 GMT Not After : Dec 7 06:00:55 2025 GMT Subject: CN=32016aea19cf1ee2a84d4605d81f54b662aa3c13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:9f:33:05:cb:ca:73:7b:8f:ea:b9:f6:90:76: d5:32:b9:b2:14:f6:a0:5f:c5:9b:a7:82:c5:2a:50: a2:03:e8:ad:ff:8e:0f:a3:e9:bc:c8:1c:15:ef:66: 8c:4a:52:44:66:02:c1:81:52:3a:2c:9a:6f:8d:53: 02:09:47:ba:70:13:b3:3d:40:7c:9b:10:8b:61:e0: be:a2:79:e9:88:7c:96:12:eb:3f:28:0c:f7:e9:f8: 41:7d:26:e7:0b:58:a2:d0:7c:c8:6a:bd:f9:d4:73: 8e:e0:6f:a1:e1:e1:6a:ad:72:eb:77:12:b6:62:ba: 1e:54:6c:a9:3d:ab:09:fe:38:17:c0:d4:b9:e5:86: aa:da:da:15:90:3b:60:bc:cd:ef:25:61:e1:ca:dc: 28:c4:83:26:d8:49:e6:48:c6:b9:13:bc:41:72:f9: df:fc:e5:59:d8:99:92:b1:99:67:5a:b6:3c:bf:5e: a2:78:82:5c:30:d8:b0:4c:bf:e1:d7:8b:bd:4b:6d: d0:53:eb:a0:81:18:89:86:24:01:4b:94:97:ab:67: c5:bb:29:87:a1:1f:83:f3:70:65:c1:5d:2b:46:4e: a5:5c:e3:51:d6:d4:bc:96:29:12:1c:53:26:b3:b0: 52:60:9b:9e:a2:88:f7:e4:7c:6b:8d:b5:65:c3:73: 7b:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:01:6A:EA:19:CF:1E:E2:A8:4D:46:05:D8:1F:54:B6:62:AA:3C:13 X509v3 Authority Key Identifier: keyid:5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:fb:23:b8:05:bc:e9:38:53:d7:ae:a2:96:93:46:27:71:2f: 85:2a:a0:e7:4f:6d:9b:05:df:56:32:01:52:39:45:f7:e3:2f: 36:83:96:53:d2:35:a6:16:a8:20:ff:82:6a:e6:1f:ac:d5:6e: d6:a4:90:e8:fc:29:7a:8c:c0:8d:3b:8c:2f:1d:eb:7c:77:57: 1f:df:50:f7:41:08:cc:10:aa:38:df:d5:fe:11:6e:88:ac:d1: 77:6e:82:d0:c8:a2:94:bb:ef:53:38:ea:78:35:14:75:94:3c: f2:a9:44:28:ae:f4:08:ee:02:ca:ae:fa:d2:1d:43:00:1b:d9: f3:cb:25:cc:11:04:c0:11:b8:29:3d:a0:df:be:05:77:cc:2f: 60:fe:9f:a2:5a:c4:f8:5f:97:6f:39:ad:a6:88:7d:15:b9:23: 66:3e:6c:36:cd:f9:01:fb:2f:b8:ae:cf:58:bd:fd:83:da:04: 85:21:9f:88:c7:b6:13:12:53:44:aa:1e:14:31:8a:40:01:70: b0:07:9e:fd:44:41:27:59:d0:ca:27:fa:f5:27:4e:ed:c8:fd: 76:dc:72:fe:e4:64:83:eb:3a:60:36:7a:7e:13:fc:8e:05:76: 0c:fe:d3:76:8f:22:2b:f9:2b:3e:c9:5f:50:ae:69:b2:fe:c2: c3:88:43:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP8DGdypGHzy7MLZQKwriMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNTVhZmRlMzQyMTFiY2VlNmE3ZmQ5OTI0ODhhMjQ5Mjdi NDY5NDcwHhcNMjUxMjA2MDYwMDU1WhcNMjUxMjA3MDYwMDU1WjAzMTEwLwYDVQQD EygzMjAxNmFlYTE5Y2YxZWUyYTg0ZDQ2MDVkODFmNTRiNjYyYWEzYzEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz58zBcvKc3uP6rn2kHbVMrmyFPag X8Wbp4LFKlCiA+it/44Po+m8yBwV72aMSlJEZgLBgVI6LJpvjVMCCUe6cBOzPUB8 mxCLYeC+onnpiHyWEus/KAz36fhBfSbnC1ii0HzIar351HOO4G+h4eFqrXLrdxK2 YroeVGypPasJ/jgXwNS55Yaq2toVkDtgvM3vJWHhytwoxIMm2EnmSMa5E7xBcvnf /OVZ2JmSsZlnWrY8v16ieIJcMNiwTL/h14u9S23QU+uggRiJhiQBS5SXq2fFuymH oR+D83BlwV0rRk6lXONR1tS8likSHFMms7BSYJueooj35HxrjbVlw3N7GQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDIBauoZzx7iqE1GBdgfVLZiqjwTMB8GA1UdIwQY MBaAFF5Vr940IRvO5qf9mSSIokkntGlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMt ZGU3YjQxNjc4YjZmLzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMtZGU3YjQxNjc4YjZm LzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/sjuAW8 6ThT166ilpNGJ3EvhSqg509tmwXfVjIBUjlF9+MvNoOWU9I1phaoIP+CauYfrNVu 1qSQ6PwpeozAjTuMLx3rfHdXH99Q90EIzBCqON/V/hFuiKzRd26C0MiilLvvUzjq eDUUdZQ88qlEKK70CO4Cyq760h1DABvZ88slzBEEwBG4KT2g374Fd8wvYP6folrE +F+Xbzmtpoh9FbkjZj5sNs35AfsvuK7PWL39g9oEhSGfiMe2ExJTRKoeFDGKQAFw sAee/URBJ1nQyif69SdO7cj9dtxy/uRkg+s6YDZ6fhP8jgV2DP7Tdo8iK/krPslf UK5psv7Cw4hDoQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:51 2025 by rpki-client