This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft File: XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json) Hash identifier: 8EhKksH9SWhGmkxAZ4y87pMbIKqEWJEQ/4C1xehiuJA= Subject key identifier: DC:C4:2D:CC:DA:93:53:97:E0:14:7C:8D:49:2B:18:3D:5D:3A:24:D6 Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E Certificate issuer: /CN=5dba263214a1170551980ee91719f8d88c626b5e Certificate serial: 019AF208A951039CF7DFE218DF97DE286D43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft Manifest number: 12CC Signing time: Sat 06 Dec 2025 05:00:45 +0000 Manifest this update: Sat 06 Dec 2025 05:00:45 +0000 Manifest next update: Sun 07 Dec 2025 05:00:45 +0000 Files and hashes: 1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: mufEAzmo0OZEKUuYKOTLD/BtHKbb+f5EjvCodrrcQS8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:a9:51:03:9c:f7:df:e2:18:df:97:de:28:6d:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e Validity Not Before: Dec 6 05:00:45 2025 GMT Not After : Dec 7 05:00:45 2025 GMT Subject: CN=dcc42dccda935397e0147c8d492b183d5d3a24d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:94:d6:a2:19:0a:53:45:26:73:ef:30:37:03: c7:58:3d:c3:ad:c7:97:f6:32:94:fb:2a:38:17:02: 0e:82:0e:25:f9:e4:9b:08:f0:1f:8d:89:ba:ac:22: 0b:a0:51:dc:6c:b6:12:75:89:5f:66:1f:1a:d4:00: 6c:94:41:64:be:e4:de:a1:34:59:a6:c5:e6:f0:16: f8:81:da:8a:b6:46:d7:81:85:38:f0:ba:d1:98:d2: 3b:e2:21:c5:f8:f2:5f:fe:b6:e3:d3:e0:fc:5b:3f: b7:09:19:af:b2:df:4b:1c:1b:8a:07:c2:4e:38:d3: 18:e8:8d:ba:37:db:0c:2a:21:c7:54:11:0a:80:ea: 25:86:29:14:f2:39:c9:d5:1d:70:96:cd:4b:4f:bf: 82:e7:2d:88:a6:d1:e1:8e:48:96:59:f3:72:cf:82: 67:02:61:cb:3a:a2:44:cd:ba:ad:f6:bb:46:63:15: ce:3a:d6:c0:10:ca:b1:af:ff:93:29:97:a8:eb:94: bd:38:dc:79:52:07:30:14:c0:3d:4b:9d:fb:ab:46: 36:a4:51:3f:68:f2:d0:95:2c:bf:a8:43:05:e5:23: c2:5d:2f:b3:a6:f4:77:05:ad:06:94:d4:d6:e2:df: ef:87:5b:53:ce:38:6f:80:ee:7d:62:c1:be:36:f7: 62:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:C4:2D:CC:DA:93:53:97:E0:14:7C:8D:49:2B:18:3D:5D:3A:24:D6 X509v3 Authority Key Identifier: keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:d3:b4:a1:30:71:7a:38:4a:c9:f1:cb:4d:71:a1:af:5c:dc: 17:cb:62:2f:1a:8f:54:60:b3:e7:28:38:81:17:2e:16:24:b2: 07:88:7c:01:c6:12:24:a3:56:99:37:6a:2b:18:d2:66:d5:67: 68:66:01:c6:d0:e0:f0:ce:34:66:e0:73:4a:c3:eb:bc:78:1f: 66:7c:fb:b5:84:57:71:ed:62:b2:24:f1:c2:a3:83:8d:3b:c3: e0:38:1b:38:dd:1e:25:f0:24:ca:77:47:8a:c6:e5:ad:20:90: fe:7a:f1:ad:5c:d8:43:da:54:56:0c:02:9d:11:cf:29:1c:77: c9:59:6e:31:ce:c1:28:14:87:b5:29:5b:7f:60:2b:5a:c5:2e: 22:92:d0:e8:26:dc:d0:05:1d:2f:bb:7e:0e:32:d0:55:b3:39: f3:37:5d:59:34:d1:55:4f:f5:fa:66:0d:8c:b9:e8:f8:27:a5: e0:b4:14:58:17:91:13:54:b6:59:7b:74:dc:63:0e:5d:13:cf: cf:8a:7f:06:2f:22:fa:e7:50:9c:11:ff:e4:9b:ef:41:17:9a: c8:35:07:9a:b1:65:d7:fa:ba:fa:05:a2:c9:2c:45:05:b2:62: a3:37:41:01:31:4d:0d:87:b2:08:ec:c8:9c:18:61:55:69:7b: b5:1b:36:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCKlRA5z33+IY35feKG1DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2 MjZiNWUwHhcNMjUxMjA2MDUwMDQ1WhcNMjUxMjA3MDUwMDQ1WjAzMTEwLwYDVQQD EyhkY2M0MmRjY2RhOTM1Mzk3ZTAxNDdjOGQ0OTJiMTgzZDVkM2EyNGQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pTWohkKU0Umc+8wNwPHWD3DrceX 9jKU+yo4FwIOgg4l+eSbCPAfjYm6rCILoFHcbLYSdYlfZh8a1ABslEFkvuTeoTRZ psXm8Bb4gdqKtkbXgYU48LrRmNI74iHF+PJf/rbj0+D8Wz+3CRmvst9LHBuKB8JO ONMY6I26N9sMKiHHVBEKgOolhikU8jnJ1R1wls1LT7+C5y2IptHhjkiWWfNyz4Jn AmHLOqJEzbqt9rtGYxXOOtbAEMqxr/+TKZeo65S9ONx5UgcwFMA9S537q0Y2pFE/ aPLQlSy/qEMF5SPCXS+zpvR3Ba0GlNTW4t/vh1tTzjhvgO59YsG+NvdilQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNzELczak1OX4BR8jUkrGD1dOiTWMB8GA1UdIwQY MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX9O0oTBx ejhKyfHLTXGhr1zcF8tiLxqPVGCz5yg4gRcuFiSyB4h8AcYSJKNWmTdqKxjSZtVn aGYBxtDg8M40ZuBzSsPrvHgfZnz7tYRXce1isiTxwqODjTvD4DgbON0eJfAkyndH isblrSCQ/nrxrVzYQ9pUVgwCnRHPKRx3yVluMc7BKBSHtSlbf2ArWsUuIpLQ6Cbc 0AUdL7t+DjLQVbM58zddWTTRVU/1+mYNjLno+Cel4LQUWBeRE1S2WXt03GMOXRPP z4p/Bi8i+udQnBH/5JvvQReayDUHmrFl1/q6+gWiySxFBbJiozdBATFNDYeyCOzI nBhhVWl7tRs2QQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:19 2025 by rpki-client