This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft File: XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json) Hash identifier: EWT+gM3I/M6n+WONK5scE7rJFCKMUzaiu51KR3sgWA0= Subject key identifier: 0A:87:55:4A:F8:10:E8:58:20:8A:47:37:3E:9F:A2:3C:08:E9:CD:6B Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95 Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95 Certificate serial: 019AF5AED0B9E629F024C90B15C07298B187 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft Manifest number: 1766 Signing time: Sat 06 Dec 2025 22:01:05 +0000 Manifest this update: Sat 06 Dec 2025 22:01:05 +0000 Manifest next update: Sun 07 Dec 2025 22:01:05 +0000 Files and hashes: 1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: N11TzdVyia1HuurW0iQzbLzlU8zDrIfkgRoAshXRww4=) 2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:d0:b9:e6:29:f0:24:c9:0b:15:c0:72:98:b1:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5de613682552010298f3a694a00d7c5906060b95 Validity Not Before: Dec 6 22:01:05 2025 GMT Not After : Dec 7 22:01:05 2025 GMT Subject: CN=0a87554af810e858208a47373e9fa23c08e9cd6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0b:05:3f:a4:c3:de:8f:93:2e:21:a0:70:b9: b9:77:30:8e:5e:9e:ec:4c:4d:f4:b9:9b:ff:ab:0f: 8d:62:41:20:0d:5b:bc:a9:19:c4:f4:de:e1:79:ea: b7:02:ad:95:d4:09:52:cd:eb:b1:10:68:00:9c:a6: e5:3f:79:86:bb:a2:c9:66:be:0c:45:cf:3c:10:d7: aa:a0:56:f3:00:06:d2:a2:65:00:f3:0a:82:c2:a0: c3:47:82:9b:a4:e8:ae:9c:b5:7a:eb:49:e5:57:23: 18:9e:f6:85:57:cc:ca:9c:2a:fe:78:d6:3b:16:cd: 1d:b6:fb:0d:b2:43:8e:8e:71:b6:03:5f:7d:82:6a: 99:84:1c:65:8b:9a:e6:5f:77:a2:f7:b0:be:be:82: 48:c1:95:50:9d:77:2f:89:b2:a0:c1:6d:cf:73:a7: f6:1c:93:2d:2c:9b:b1:ef:87:c5:2d:4e:fc:90:67: 54:41:af:14:84:5d:60:d7:1d:e8:49:b5:58:15:d1: 74:01:14:e9:6c:71:58:36:f8:63:76:90:bc:d8:44: 0a:98:8e:ab:76:07:36:fd:76:b9:e5:6f:7b:e6:cf: 8e:f3:05:b1:26:0b:d6:24:14:86:ff:9d:a8:52:c2: 3d:48:81:ab:cb:6e:6d:90:f5:5a:57:15:07:9a:cc: a3:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:87:55:4A:F8:10:E8:58:20:8A:47:37:3E:9F:A2:3C:08:E9:CD:6B X509v3 Authority Key Identifier: keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:d7:c2:a9:50:27:6f:06:ed:09:06:6e:de:90:57:6c:e9:f6: 7e:ae:1f:a9:ee:3e:c7:0b:7b:2f:e8:33:8b:ec:b2:2d:9d:e0: 98:1f:9b:73:d9:99:f2:cd:74:a3:b3:e6:69:f5:73:d9:bf:d0: df:82:aa:b2:32:2e:a5:2a:f8:34:50:62:61:c5:cb:60:71:72: de:d8:07:39:cc:8a:f5:45:89:f7:4d:d7:ea:82:3e:e0:c3:0a: e2:30:e4:6a:3c:e7:b2:b3:09:9b:26:93:3c:c8:60:25:de:ca: 73:9b:1e:12:2e:cb:35:1e:9c:72:b8:89:b3:94:17:9d:86:19: 7e:1d:13:77:3c:90:a7:cf:d0:fd:9d:12:97:7c:82:6e:2a:1b: 99:3c:e4:74:74:1a:48:0f:47:6b:03:72:77:ce:ea:4c:1b:25: f5:c5:f9:ae:33:77:37:a6:95:08:3a:71:c9:a1:a7:f7:36:c8: 73:77:6d:f7:a3:70:2e:60:7a:f4:d2:6c:82:60:90:72:4d:32: ea:32:39:80:f4:52:8c:dd:c7:21:bd:01:c1:10:1a:55:d0:43: 5b:fc:33:84:3b:54:14:5a:6d:01:be:76:5f:d7:68:f4:e1:68: ac:8f:fd:1a:12:25:ea:f9:d3:6c:c8:e3:51:0a:65:8c:33:67: f4:22:e3:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rtC55inwJMkLFcBymLGHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw NjBiOTUwHhcNMjUxMjA2MjIwMTA1WhcNMjUxMjA3MjIwMTA1WjAzMTEwLwYDVQQD EygwYTg3NTU0YWY4MTBlODU4MjA4YTQ3MzczZTlmYTIzYzA4ZTljZDZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygsFP6TD3o+TLiGgcLm5dzCOXp7s TE30uZv/qw+NYkEgDVu8qRnE9N7heeq3Aq2V1AlSzeuxEGgAnKblP3mGu6LJZr4M Rc88ENeqoFbzAAbSomUA8wqCwqDDR4KbpOiunLV660nlVyMYnvaFV8zKnCr+eNY7 Fs0dtvsNskOOjnG2A199gmqZhBxli5rmX3ei97C+voJIwZVQnXcvibKgwW3Pc6f2 HJMtLJux74fFLU78kGdUQa8UhF1g1x3oSbVYFdF0ARTpbHFYNvhjdpC82EQKmI6r dgc2/Xa55W975s+O8wWxJgvWJBSG/52oUsI9SIGry25tkPVaVxUHmsyjpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqHVUr4EOhYIIpHNz6fojwI6c1rMB8GA1UdIwQY MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3 LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkdfCqVAn bwbtCQZu3pBXbOn2fq4fqe4+xwt7L+gzi+yyLZ3gmB+bc9mZ8s10o7PmafVz2b/Q 34KqsjIupSr4NFBiYcXLYHFy3tgHOcyK9UWJ903X6oI+4MMK4jDkajznsrMJmyaT PMhgJd7Kc5seEi7LNR6ccriJs5QXnYYZfh0TdzyQp8/Q/Z0Sl3yCbiobmTzkdHQa SA9HawNyd87qTBsl9cX5rjN3N6aVCDpxyaGn9zbIc3dt96NwLmB69NJsgmCQck0y 6jI5gPRSjN3HIb0BwRAaVdBDW/wzhDtUFFptAb52X9do9OForI/9GhIl6vnTbMjj UQpljDNn9CLjKw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:32:15 2025 by rpki-client