This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft File: X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft (raw, json) Hash identifier: lRwA/DwjFl9Cv3zpMNF05jvgvPaClfbVIZa1nGAHoi0= Subject key identifier: DC:66:55:DB:79:CC:1B:11:6C:F0:4F:1D:05:E0:F7:97:48:C6:64:8E Authority key identifier: 5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93 Certificate issuer: /CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893 Certificate serial: 019B30E925805F7BA76A6961508F4452FA69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft Manifest number: 177D Signing time: Thu 18 Dec 2025 10:02:23 +0000 Manifest this update: Thu 18 Dec 2025 10:02:23 +0000 Manifest next update: Fri 19 Dec 2025 10:02:23 +0000 Files and hashes: 1: X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl (hash: 1Gm57RW2YKI5fa21BNLqC7wN0uxVxEREdjcZ6MUF8/Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e9:25:80:5f:7b:a7:6a:69:61:50:8f:44:52:fa:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893 Validity Not Before: Dec 18 10:02:23 2025 GMT Not After : Dec 19 10:02:23 2025 GMT Subject: CN=dc6655db79cc1b116cf04f1d05e0f79748c6648e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:40:b3:61:c5:87:85:f8:d0:ca:f9:f9:0e:00: 75:c9:76:d3:81:60:a5:68:2d:58:3b:99:15:97:c7: 00:f9:09:e7:2d:21:fe:3d:e7:a1:4b:54:a1:21:17: 8f:52:87:f6:17:34:6d:4d:63:77:e8:30:90:cc:37: c5:79:c9:3c:73:36:f6:ea:5a:e1:93:b7:46:a5:2f: 03:00:07:4f:b4:c1:1a:cb:d4:26:6f:99:c7:4e:d3: d9:bc:cb:45:87:b7:d9:d9:dd:dc:b1:f2:bb:9a:46: ce:8b:73:68:15:a5:bb:48:82:f5:d9:eb:d2:d4:fb: 54:ed:36:68:f1:10:12:52:13:08:ff:66:7b:bb:f0: 85:83:b9:1b:0b:4a:21:b7:06:11:29:65:67:05:62: 7e:66:08:3d:0c:e2:6a:54:c0:e0:96:6b:ca:6c:ce: e7:1f:6e:a8:69:d9:f4:fc:6b:9d:37:b3:39:8e:7a: ec:40:ad:ff:ef:4d:af:82:45:ed:83:d7:79:f5:d2: f0:01:c9:bd:ed:f4:a6:03:b8:57:3a:16:7c:2d:05: 40:0f:4a:15:d4:31:02:28:d2:28:60:73:86:3d:b1: 12:8c:6f:72:1f:1a:44:ee:10:06:a8:6e:ee:99:b1: 30:a4:fd:d2:e7:db:24:f1:2b:b9:48:14:4d:7f:66: 63:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:66:55:DB:79:CC:1B:11:6C:F0:4F:1D:05:E0:F7:97:48:C6:64:8E X509v3 Authority Key Identifier: keyid:5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:4d:f0:f0:f4:c8:df:53:f5:73:e1:ef:86:04:4a:e7:24:88: 71:3c:ff:43:5f:cc:8c:41:04:d1:2c:9b:04:77:89:1d:1f:24: 98:13:df:6e:b5:dd:b2:e9:2b:e3:14:97:90:b0:4f:43:1b:ef: 35:2a:ef:3c:98:8e:48:e3:a5:f9:f6:fb:2e:1d:f7:0d:ff:c1: 31:e8:c0:a5:6e:ec:b1:21:e3:a9:86:46:4a:6f:f3:20:63:74: 0d:e6:a9:82:d9:6d:dc:a0:7b:48:0f:6e:a2:15:76:5e:77:8b: 21:bb:e7:00:9e:f4:e0:e2:67:ed:38:06:60:29:ba:83:96:fd: 33:55:a3:32:17:1f:24:15:09:2e:d3:8d:bf:10:f1:43:65:07: f0:a0:32:b3:0a:d3:55:b6:16:95:ab:20:99:68:bc:05:53:98: b5:88:3b:a7:7a:e4:d6:8c:88:d5:c9:09:ec:18:93:d6:e5:70: e2:23:8b:98:da:b9:6b:8a:8a:ff:11:b3:6a:51:ff:49:97:9b: 5f:d4:fc:d8:ac:54:8e:e4:cc:c4:1a:cd:6f:4f:91:59:cc:52: 8d:b7:d8:23:eb:77:d9:c3:9c:89:5e:c2:1c:e3:89:5b:39:eb: 2f:2e:54:fe:eb:95:33:fe:15:7b:28:8e:09:f8:6b:65:2f:d8: a7:8a:38:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6SWAX3unamlhUI9EUvppMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmNjI4ZjA1Y2NhOGM4N2Q1OTNlNzFlOWRkMjFiMGU3Zjg5 ZDU4OTMwHhcNMjUxMjE4MTAwMjIzWhcNMjUxMjE5MTAwMjIzWjAzMTEwLwYDVQQD EyhkYzY2NTVkYjc5Y2MxYjExNmNmMDRmMWQwNWUwZjc5NzQ4YzY2NDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjECzYcWHhfjQyvn5DgB1yXbTgWCl aC1YO5kVl8cA+QnnLSH+PeehS1ShIRePUof2FzRtTWN36DCQzDfFeck8czb26lrh k7dGpS8DAAdPtMEay9Qmb5nHTtPZvMtFh7fZ2d3csfK7mkbOi3NoFaW7SIL12evS 1PtU7TZo8RASUhMI/2Z7u/CFg7kbC0ohtwYRKWVnBWJ+Zgg9DOJqVMDglmvKbM7n H26oadn0/GudN7M5jnrsQK3/702vgkXtg9d59dLwAcm97fSmA7hXOhZ8LQVAD0oV 1DECKNIoYHOGPbESjG9yHxpE7hAGqG7umbEwpP3S59sk8Su5SBRNf2ZjVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNxmVdt5zBsRbPBPHQXg95dIxmSOMB8GA1UdIwQY MBaAFF9ijwXMqMh9WT5x6d0hsOf4nViTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMt OWZiZTg5MTlkYjkwLzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMtOWZiZTg5MTlkYjkw LzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADU3w8PTI 31P1c+HvhgRK5ySIcTz/Q1/MjEEE0SybBHeJHR8kmBPfbrXdsukr4xSXkLBPQxvv NSrvPJiOSOOl+fb7Lh33Df/BMejApW7ssSHjqYZGSm/zIGN0Deapgtlt3KB7SA9u ohV2XneLIbvnAJ704OJn7TgGYCm6g5b9M1WjMhcfJBUJLtONvxDxQ2UH8KAyswrT VbYWlasgmWi8BVOYtYg7p3rk1oyI1ckJ7BiT1uVw4iOLmNq5a4qK/xGzalH/SZeb X9T82KxUjuTMxBrNb0+RWcxSjbfYI+t32cOciV7CHOOJWznrLy5U/uuVM/4VeyiO CfhrZS/Yp4o4Ag== -----END CERTIFICATE-----Generated at Thu Dec 18 16:17:26 2025 by rpki-client