This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft File: xFz9uYA84FcULRh_hrxPVnHX63s.mft (raw, json) Hash identifier: 6mCZDGt0sogwrPqsfmcp1olR6KzBhWIkJSHqpc4VGQE= Subject key identifier: A8:99:08:5C:00:7B:E0:B1:07:C9:16:1C:88:8F:B7:7D:22:69:EA:02 Authority key identifier: C4:5C:FD:B9:80:3C:E0:57:14:2D:18:7F:86:BC:4F:56:71:D7:EB:7B Certificate issuer: /CN=c45cfdb9803ce057142d187f86bc4f5671d7eb7b Certificate serial: 019AF31B58D8227FE94924DD437D070A6748 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft Manifest number: 175C Signing time: Sat 06 Dec 2025 10:00:46 +0000 Manifest this update: Sat 06 Dec 2025 10:00:46 +0000 Manifest next update: Sun 07 Dec 2025 10:00:46 +0000 Files and hashes: 1: xFz9uYA84FcULRh_hrxPVnHX63s.crl (hash: isKNfa+YQgJ94+5Ltg1B3ch/gtZ5Aser7K2uxQe9mDI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:58:d8:22:7f:e9:49:24:dd:43:7d:07:0a:67:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c45cfdb9803ce057142d187f86bc4f5671d7eb7b Validity Not Before: Dec 6 10:00:46 2025 GMT Not After : Dec 7 10:00:46 2025 GMT Subject: CN=a899085c007be0b107c9161c888fb77d2269ea02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:26:e5:4f:f7:9e:bf:00:3d:3e:1a:64:32:36: 7f:04:7e:15:2c:e4:70:88:a7:bb:ba:cf:38:19:f0: 87:b6:19:75:97:ed:3a:4c:db:d5:eb:45:dc:c5:4a: 56:9f:b5:ab:d8:87:3f:b3:a6:3e:41:fd:8e:4c:dc: 25:31:29:c8:44:a4:3c:de:96:09:25:2e:67:85:a3: 72:09:aa:e7:19:23:2d:4b:dd:c4:e1:64:a7:ed:70: 45:2f:83:37:df:79:c2:7b:dd:4d:04:86:5b:93:b3: 5f:99:93:92:d5:21:96:69:3d:67:40:16:6b:d5:f4: d1:7c:9a:a4:80:26:bb:06:aa:ab:2a:46:ce:9e:a6: 61:bf:e2:f3:4d:40:94:93:1b:40:ff:cd:8a:b3:71: 8b:e5:f9:60:50:e2:ee:dc:8b:6d:c3:c6:ad:92:25: 6c:67:3b:da:c7:09:cf:f0:7b:39:45:ce:94:da:89: 3b:8c:84:ac:77:b5:96:07:ab:a7:c1:e4:da:83:44: 2f:08:aa:9a:8a:fd:68:65:b1:b6:b9:08:df:df:3a: bf:0c:f1:4a:94:4c:99:1d:a9:c0:6a:f5:e3:05:33: 7c:2e:06:60:2c:79:af:4d:a3:ef:88:97:ed:5f:28: a0:7b:df:e0:f1:af:ff:47:f5:87:ab:b3:95:39:15: 3d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:99:08:5C:00:7B:E0:B1:07:C9:16:1C:88:8F:B7:7D:22:69:EA:02 X509v3 Authority Key Identifier: keyid:C4:5C:FD:B9:80:3C:E0:57:14:2D:18:7F:86:BC:4F:56:71:D7:EB:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:df:01:6f:7b:2a:c0:ab:97:7b:34:8d:d9:b5:ac:9d:f7:c1: 67:55:57:32:da:87:d8:6c:5f:8f:9b:94:6d:12:e6:9f:c3:ec: 48:54:61:34:f2:7a:92:d3:72:e5:2f:3f:b8:c1:b6:17:07:21: 48:ef:95:49:13:b2:a4:2a:51:46:4b:07:53:bc:92:2b:d4:89: a5:13:ef:fa:be:ba:c0:16:0b:e1:3b:5b:ab:0c:4c:e9:08:1d: 4b:9a:a1:9f:de:d1:0a:46:5c:65:8e:0d:5c:0f:ac:78:23:4b: 08:5f:14:a0:19:0b:65:1f:49:42:e0:71:28:98:7b:ac:1d:73: 5d:be:fa:db:f2:a9:53:14:d7:0c:88:eb:27:19:fe:d2:55:3b: 82:b5:0a:05:06:1a:79:a7:01:d3:7c:b7:28:5d:06:56:e2:ab: 64:47:82:60:33:16:b8:00:36:eb:a5:fa:eb:62:72:1a:ba:5a: b4:72:5f:88:3f:62:5f:a3:c1:0c:7a:0b:d1:c2:d9:cf:d1:23: 78:17:57:17:46:cb:0d:3d:ec:53:e4:1c:e8:e2:0f:6d:a6:cb: 86:cf:4c:41:7d:2c:29:95:8f:33:c9:db:87:a6:fc:5c:b0:e3: b8:b8:3b:2e:a4:85:fe:8f:8e:71:04:3b:c7:93:61:d2:28:67: 46:7b:07:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG1jYIn/pSSTdQ30HCmdIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NWNmZGI5ODAzY2UwNTcxNDJkMTg3Zjg2YmM0ZjU2NzFk N2ViN2IwHhcNMjUxMjA2MTAwMDQ2WhcNMjUxMjA3MTAwMDQ2WjAzMTEwLwYDVQQD EyhhODk5MDg1YzAwN2JlMGIxMDdjOTE2MWM4ODhmYjc3ZDIyNjllYTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iblT/eevwA9PhpkMjZ/BH4VLORw iKe7us84GfCHthl1l+06TNvV60XcxUpWn7Wr2Ic/s6Y+Qf2OTNwlMSnIRKQ83pYJ JS5nhaNyCarnGSMtS93E4WSn7XBFL4M333nCe91NBIZbk7NfmZOS1SGWaT1nQBZr 1fTRfJqkgCa7BqqrKkbOnqZhv+LzTUCUkxtA/82Ks3GL5flgUOLu3Ittw8atkiVs ZzvaxwnP8Hs5Rc6U2ok7jISsd7WWB6unweTag0QvCKqaiv1oZbG2uQjf3zq/DPFK lEyZHanAavXjBTN8LgZgLHmvTaPviJftXyige9/g8a//R/WHq7OVORU9zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKiZCFwAe+CxB8kWHIiPt30iaeoCMB8GA1UdIwQY MBaAFMRc/bmAPOBXFC0Yf4a8T1Zx1+t7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iMjU0YmQtMTQ1Yy00MDE5LTg4YTQt ZDVhMTc3MTc4ZjRhLzEveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9iMjU0YmQtMTQ1Yy00MDE5LTg4YTQtZDVhMTc3MTc4ZjRh LzEveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa98Bb3sq wKuXezSN2bWsnffBZ1VXMtqH2Gxfj5uUbRLmn8PsSFRhNPJ6ktNy5S8/uMG2Fwch SO+VSROypCpRRksHU7ySK9SJpRPv+r66wBYL4TtbqwxM6QgdS5qhn97RCkZcZY4N XA+seCNLCF8UoBkLZR9JQuBxKJh7rB1zXb762/KpUxTXDIjrJxn+0lU7grUKBQYa eacB03y3KF0GVuKrZEeCYDMWuAA266X662JyGrpatHJfiD9iX6PBDHoL0cLZz9Ej eBdXF0bLDT3sU+Qc6OIPbabLhs9MQX0sKZWPM8nbh6b8XLDjuLg7LqSF/o+OcQQ7 x5Nh0ihnRnsHmw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:24:07 2025 by rpki-client