This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json) Hash identifier: yzcIhNBPFxz7r4rbyc6EyYEQ2kx3BqrMMJslhEMYF0Y= Subject key identifier: 05:2E:BE:FB:03:58:8F:5C:41:49:A5:18:83:09:7B:73:1F:D8:27:0B Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b Certificate serial: 019AF19B9B7E56AE16B1F19B5DA814146FA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft Manifest number: 0749 Signing time: Sat 06 Dec 2025 03:01:38 +0000 Manifest this update: Sat 06 Dec 2025 03:01:38 +0000 Manifest next update: Sun 07 Dec 2025 03:01:38 +0000 Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: IJtcGmZTv6Njxt+WYgFgr+uknbTC0CxFBYAvrLb1w80=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:9b:7e:56:ae:16:b1:f1:9b:5d:a8:14:14:6f:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b Validity Not Before: Dec 6 03:01:38 2025 GMT Not After : Dec 7 03:01:38 2025 GMT Subject: CN=052ebefb03588f5c4149a51883097b731fd8270b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f9:fe:28:fd:88:b4:62:1e:b6:3c:d0:57:4c: 33:8f:50:3b:5f:62:44:19:c3:75:06:ec:aa:d3:76: dd:89:8d:b8:c6:07:05:90:66:4c:22:34:e6:b1:54: 97:0b:bc:fd:d1:db:75:7e:e4:9b:b5:a7:6b:69:55: c7:c0:b7:f5:32:af:4d:64:43:e2:c4:8c:4e:8d:82: 59:5d:83:20:98:8b:dc:c4:05:58:2b:fe:3a:0e:ef: 54:10:d0:6e:0f:e0:a9:17:f4:e0:02:36:4e:45:85: c3:57:b5:b3:01:3e:94:8e:5f:42:a1:00:fe:d9:d4: f2:7b:4a:f7:81:ae:e1:28:74:6a:47:1b:5a:cf:71: 66:0f:d3:2e:ac:27:e9:52:51:58:53:b4:60:79:f0: 8b:0d:d1:49:fe:e2:0f:a2:d9:82:10:c3:7d:10:95: 03:68:0a:53:52:76:8a:c1:c7:b8:0a:0e:19:80:cd: 57:28:88:d3:c7:e1:21:49:ab:47:6a:35:10:02:c3: f2:41:f7:f8:70:bf:53:99:b4:5f:e6:51:77:66:6d: f9:81:58:c4:0b:1b:9c:9b:f7:db:03:a8:f4:8e:69: cf:45:59:a8:62:b3:e1:ce:87:1d:fb:09:ac:fa:8e: 6f:32:75:9c:67:6d:d0:fa:6e:b8:ee:1c:5d:96:1f: 9d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:2E:BE:FB:03:58:8F:5C:41:49:A5:18:83:09:7B:73:1F:D8:27:0B X509v3 Authority Key Identifier: keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:15:ea:3f:c6:94:07:36:2a:b1:76:30:d0:7b:fe:9d:65:1f: 62:f9:03:69:c7:d7:51:c9:77:b6:3f:9b:52:4e:3c:7c:ae:d5: 73:1d:15:5e:41:88:ce:f1:7d:c8:67:57:6f:d8:47:90:de:0f: 7d:79:f8:ad:c8:aa:99:16:c4:ed:d9:85:96:e6:12:64:cb:a0: 4b:c6:07:2a:e8:b1:bb:bd:e0:b0:4c:c8:0d:cd:7b:23:1e:e8: f1:b2:06:29:00:70:fe:f5:b7:29:da:f4:da:d9:18:fb:08:6b: 58:a9:10:1a:da:64:ae:ca:7a:25:a9:d7:53:3e:44:72:b2:47: 6c:4e:b2:f7:69:8b:96:e2:3a:ad:a7:95:f3:41:3e:df:54:73: 8c:5e:9a:13:fc:02:e7:a4:9b:87:01:2d:ee:b0:ea:b6:07:e0: 3f:c1:6b:a4:b3:2c:0c:2d:d8:c0:a4:d4:99:a5:61:b6:0f:06: f4:30:2c:3d:6f:93:20:db:8a:61:ea:79:d9:4b:16:a8:98:80: 4e:64:66:b3:92:a4:87:d3:3d:cb:5c:a1:59:c5:ac:be:b7:d6: 6a:d5:b8:73:91:3f:21:cb:ee:1b:73:7e:ea:2c:31:63:73:23: ea:1c:76:db:80:c0:3a:1d:77:9f:6f:43:39:bd:5f:ef:53:1c: 3d:b3:d5:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5t+Vq4WsfGbXagUFG+pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0 YzFkOGIwHhcNMjUxMjA2MDMwMTM4WhcNMjUxMjA3MDMwMTM4WjAzMTEwLwYDVQQD EygwNTJlYmVmYjAzNTg4ZjVjNDE0OWE1MTg4MzA5N2I3MzFmZDgyNzBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/n+KP2ItGIetjzQV0wzj1A7X2JE GcN1Buyq03bdiY24xgcFkGZMIjTmsVSXC7z90dt1fuSbtadraVXHwLf1Mq9NZEPi xIxOjYJZXYMgmIvcxAVYK/46Du9UENBuD+CpF/TgAjZORYXDV7WzAT6Ujl9CoQD+ 2dTye0r3ga7hKHRqRxtaz3FmD9MurCfpUlFYU7RgefCLDdFJ/uIPotmCEMN9EJUD aApTUnaKwce4Cg4ZgM1XKIjTx+EhSatHajUQAsPyQff4cL9TmbRf5lF3Zm35gVjE Cxucm/fbA6j0jmnPRVmoYrPhzocd+wms+o5vMnWcZ23Q+m647hxdlh+dQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAUuvvsDWI9cQUmlGIMJe3Mf2CcLMB8GA1UdIwQY MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlxXqP8aU BzYqsXYw0Hv+nWUfYvkDacfXUcl3tj+bUk48fK7Vcx0VXkGIzvF9yGdXb9hHkN4P fXn4rciqmRbE7dmFluYSZMugS8YHKuixu73gsEzIDc17Ix7o8bIGKQBw/vW3Kdr0 2tkY+whrWKkQGtpkrsp6JanXUz5EcrJHbE6y92mLluI6raeV80E+31RzjF6aE/wC 56SbhwEt7rDqtgfgP8FrpLMsDC3YwKTUmaVhtg8G9DAsPW+TINuKYep52UsWqJiA TmRms5Kkh9M9y1yhWcWsvrfWatW4c5E/IcvuG3N+6iwxY3Mj6hx224DAOh13n29D Ob1f71McPbPVZA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:23:48 2025 by rpki-client