This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft File: XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json) Hash identifier: j5A5h/NuqiTrxWNURP9/tTlbVmK/WM1dJgcaX7WIEPk= Subject key identifier: 76:88:1D:59:4D:98:AE:F7:2D:4D:47:25:2C:12:06:C0:8B:0D:30:C9 Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E Certificate issuer: /CN=5ccf12899f358d1c341a207fde21d43c70a6945e Certificate serial: 019AF0513BCF263BC6788ABFDB01AA2AFDFC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft Manifest number: 03A8 Signing time: Fri 05 Dec 2025 21:00:46 +0000 Manifest this update: Fri 05 Dec 2025 21:00:46 +0000 Manifest next update: Sat 06 Dec 2025 21:00:46 +0000 Files and hashes: 1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: Y/bm0UTuhmw84wL1B3I9tmri2Kevo/hjWxOV5QAU8bE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:3b:cf:26:3b:c6:78:8a:bf:db:01:aa:2a:fd:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e Validity Not Before: Dec 5 21:00:46 2025 GMT Not After : Dec 6 21:00:46 2025 GMT Subject: CN=76881d594d98aef72d4d47252c1206c08b0d30c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8b:2c:d7:eb:11:89:4b:f0:d7:fd:5f:de:a9: 6a:2d:58:ae:68:28:30:27:32:30:ae:5c:1c:18:1c: a2:4b:23:d2:57:f4:0d:f1:5e:e8:0f:9f:fc:6b:54: fa:89:6e:92:4b:dd:4c:eb:1e:63:56:75:62:db:02: c1:7f:a3:19:6a:00:de:69:5d:59:bf:e7:38:40:a2: 8e:95:57:e2:65:b4:a5:6a:28:98:1a:1e:1e:62:72: 63:43:1e:21:93:11:ee:c4:c6:2c:85:b3:39:2a:c1: b3:81:cd:7b:3e:ef:1b:60:af:1a:ee:71:6e:ab:25: eb:f9:2b:fc:1a:a5:ee:81:3c:99:5f:5b:b8:07:9b: d3:bf:88:34:18:62:d3:03:e1:21:69:8c:2d:bd:6d: 27:0c:aa:23:38:ef:1e:c4:1d:b8:8c:7b:53:a8:96: e1:ea:34:df:ad:a3:84:02:38:3e:49:8c:7f:17:2c: 7d:39:7c:d9:71:0c:4a:83:84:42:86:98:2e:d7:09: c8:a2:20:64:4a:80:31:c7:7f:d8:fa:54:65:b0:e0: 63:bd:19:d3:77:3f:8d:ea:db:6a:6e:ed:0f:ca:0e: 7c:10:be:5b:05:13:91:ed:a5:f5:a7:6a:c2:bc:19: e8:1d:10:b7:39:40:29:c5:4f:64:42:d3:68:9f:4a: ee:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:88:1D:59:4D:98:AE:F7:2D:4D:47:25:2C:12:06:C0:8B:0D:30:C9 X509v3 Authority Key Identifier: keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:13:36:ed:9f:dd:b0:3a:31:37:bb:21:38:23:36:7c:63:1e: 1d:d7:08:e8:68:5c:fe:42:ab:03:9a:c6:1b:f9:96:98:fe:49: 3f:fc:1a:b7:f4:50:7d:8f:29:96:74:d0:a7:a3:46:40:79:5a: ef:74:71:79:00:5d:e0:53:d9:51:42:92:5c:9d:d5:41:01:bd: 51:02:1f:a2:50:42:19:e1:17:fc:0b:ee:29:b9:11:23:9d:42: 60:7e:40:02:68:3f:ba:9f:d5:42:6f:d9:35:a2:69:84:a4:11: 13:de:f3:9a:7a:4f:4c:b0:a4:9c:2b:ef:39:88:ab:be:19:c9: 00:56:49:df:6b:c0:85:84:4f:6d:67:99:7c:68:ae:e5:48:e2: 82:36:2d:ec:20:e8:0e:d8:1c:00:b7:ab:c9:2c:63:f1:c4:aa: c6:f7:12:6d:78:ba:84:3e:18:27:4c:12:e1:bc:30:75:24:92: 59:c2:5a:40:67:35:fa:4f:76:c2:0c:04:bb:93:b7:f6:75:25: 62:ad:9c:f8:ec:44:3f:de:58:4f:19:c5:c1:78:e0:3a:d7:f0: a8:bf:62:1f:83:b6:c1:93:58:81:cd:5f:3d:d9:f9:1e:16:64: e7:82:ae:b5:55:c5:a2:4c:73:9a:57:cf:6d:af:0f:0d:96:36: 45:9e:b4:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUTvPJjvGeIq/2wGqKv38MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh Njk0NWUwHhcNMjUxMjA1MjEwMDQ2WhcNMjUxMjA2MjEwMDQ2WjAzMTEwLwYDVQQD Eyg3Njg4MWQ1OTRkOThhZWY3MmQ0ZDQ3MjUyYzEyMDZjMDhiMGQzMGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIss1+sRiUvw1/1f3qlqLViuaCgw JzIwrlwcGByiSyPSV/QN8V7oD5/8a1T6iW6SS91M6x5jVnVi2wLBf6MZagDeaV1Z v+c4QKKOlVfiZbSlaiiYGh4eYnJjQx4hkxHuxMYshbM5KsGzgc17Pu8bYK8a7nFu qyXr+Sv8GqXugTyZX1u4B5vTv4g0GGLTA+EhaYwtvW0nDKojOO8exB24jHtTqJbh 6jTfraOEAjg+SYx/Fyx9OXzZcQxKg4RChpgu1wnIoiBkSoAxx3/Y+lRlsOBjvRnT dz+N6ttqbu0Pyg58EL5bBROR7aX1p2rCvBnoHRC3OUApxU9kQtNon0ruIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHaIHVlNmK73LU1HJSwSBsCLDTDJMB8GA1UdIwQY MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRM27Z/d sDoxN7shOCM2fGMeHdcI6Ghc/kKrA5rGG/mWmP5JP/wat/RQfY8plnTQp6NGQHla 73RxeQBd4FPZUUKSXJ3VQQG9UQIfolBCGeEX/AvuKbkRI51CYH5AAmg/up/VQm/Z NaJphKQRE97zmnpPTLCknCvvOYirvhnJAFZJ32vAhYRPbWeZfGiu5UjigjYt7CDo DtgcALerySxj8cSqxvcSbXi6hD4YJ0wS4bwwdSSSWcJaQGc1+k92wgwEu5O39nUl Yq2c+OxEP95YTxnFwXjgOtfwqL9iH4O2wZNYgc1fPdn5HhZk54KutVXFokxzmlfP ba8PDZY2RZ608w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:03 2025 by rpki-client