This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft File: xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json) Hash identifier: /n4SjzghiEXZizPTXLGSU7Q01u4Uty7wuLC5/hfisq4= Subject key identifier: 96:E4:B9:45:AB:1C:43:68:57:4D:ED:0F:3F:62:C5:C6:3D:9F:12:21 Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45 Certificate issuer: /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045 Certificate serial: 019AF3F7BE48812C731ABF8AE3AAD5BBD89F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft Manifest number: 07FD Signing time: Sat 06 Dec 2025 14:01:30 +0000 Manifest this update: Sat 06 Dec 2025 14:01:30 +0000 Manifest next update: Sun 07 Dec 2025 14:01:30 +0000 Files and hashes: 1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: eYyslaYNpLkvEyYMsg9xthEkJ1+zPM18eqPXYljxFh8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:be:48:81:2c:73:1a:bf:8a:e3:aa:d5:bb:d8:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045 Validity Not Before: Dec 6 14:01:30 2025 GMT Not After : Dec 7 14:01:30 2025 GMT Subject: CN=96e4b945ab1c4368574ded0f3f62c5c63d9f1221 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:47:c3:ec:ab:11:52:a2:e1:3a:e2:34:4e:d7: e4:4d:da:e2:fc:5d:54:2b:07:e9:4e:63:21:9d:7d: e2:0c:5f:55:b9:e4:68:f3:1f:3c:46:33:30:fa:fd: 03:2e:cb:b9:95:db:12:8e:aa:6a:fc:41:7c:92:87: 7b:da:6c:08:bf:e3:46:91:ee:23:88:da:88:fc:d1: 58:31:5b:46:fa:64:1d:aa:1f:02:fc:4d:d4:49:d8: 85:1a:c8:4c:25:38:22:81:fb:d4:09:78:ac:04:af: 36:33:a8:79:37:f4:49:c5:9e:d9:de:c6:8f:d8:48: 09:d9:11:bd:c4:19:17:57:2c:61:5f:68:df:9c:2e: dd:25:ed:38:13:6a:7b:69:97:c2:f5:84:91:51:eb: b1:10:e3:83:67:0f:e2:71:af:7f:ff:2e:bd:75:8c: eb:90:b8:8b:5a:27:1b:23:50:83:2f:f4:ff:ff:25: c6:22:48:9d:05:d2:ee:b9:07:13:fa:63:eb:c6:e6: ca:ec:3c:73:17:7d:15:cf:05:98:04:08:ff:72:e7: 62:91:15:ce:a4:f3:bb:c1:31:4c:93:1c:96:52:af: 36:e1:b3:c4:62:cc:82:6c:03:76:88:ba:14:d3:2b: 58:3e:86:c5:20:6f:5a:6a:68:70:6d:bc:5f:4d:df: 81:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:E4:B9:45:AB:1C:43:68:57:4D:ED:0F:3F:62:C5:C6:3D:9F:12:21 X509v3 Authority Key Identifier: keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:45:0d:10:c2:a5:47:cf:2e:20:8c:0e:35:9d:3e:89:f5:cd: f0:06:13:bd:2c:ce:89:e0:21:b9:96:d2:38:51:a9:2f:a3:91: 58:49:59:17:6c:6c:ce:3b:c9:0a:9a:c9:fc:97:a5:11:97:96: f4:e5:70:50:af:5f:73:24:81:4f:38:1b:05:30:54:c1:e3:ab: 6f:98:f8:fe:13:58:2a:b1:f0:b7:d9:0d:e6:1c:5b:a3:3e:27: c8:cd:57:81:fd:26:39:c4:84:6f:39:ea:d0:16:ed:1a:47:7f: 08:9d:cd:22:9b:b0:b6:f1:c6:e5:59:53:ea:5d:ce:f7:7c:67: 10:92:79:86:ce:31:1c:e0:e6:78:25:f6:b5:8f:29:ad:ca:a5: 82:5b:50:2e:63:9d:00:81:ce:60:89:4a:7e:1c:ec:40:9c:55: 52:38:d8:ab:fe:8b:1b:53:c3:9e:53:ea:f4:b6:6a:2f:6a:68: b2:23:5e:f0:86:88:4d:94:96:5f:3b:cf:03:74:3a:77:54:60: 70:b0:1c:7d:5b:8f:b6:90:bb:b7:82:3f:14:29:99:60:65:ac: 5d:77:28:2e:21:45:e6:ec:d4:ed:d1:89:a3:da:e3:9c:e5:2a: 88:5c:19:79:32:ee:e0:83:6f:6e:9d:48:c4:42:f3:fc:a8:52: e9:e2:66:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz975IgSxzGr+K46rVu9ifMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi Y2IwNDUwHhcNMjUxMjA2MTQwMTMwWhcNMjUxMjA3MTQwMTMwWjAzMTEwLwYDVQQD Eyg5NmU0Yjk0NWFiMWM0MzY4NTc0ZGVkMGYzZjYyYzVjNjNkOWYxMjIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkfD7KsRUqLhOuI0TtfkTdri/F1U KwfpTmMhnX3iDF9VueRo8x88RjMw+v0DLsu5ldsSjqpq/EF8kod72mwIv+NGke4j iNqI/NFYMVtG+mQdqh8C/E3USdiFGshMJTgigfvUCXisBK82M6h5N/RJxZ7Z3saP 2EgJ2RG9xBkXVyxhX2jfnC7dJe04E2p7aZfC9YSRUeuxEOODZw/ica9//y69dYzr kLiLWicbI1CDL/T//yXGIkidBdLuuQcT+mPrxubK7DxzF30VzwWYBAj/cudikRXO pPO7wTFMkxyWUq824bPEYsyCbAN2iLoU0ytYPobFIG9aamhwbbxfTd+BxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJbkuUWrHENoV03tDz9ixcY9nxIhMB8GA1UdIwQY MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkEUNEMKl R88uIIwONZ0+ifXN8AYTvSzOieAhuZbSOFGpL6ORWElZF2xszjvJCprJ/JelEZeW 9OVwUK9fcySBTzgbBTBUweOrb5j4/hNYKrHwt9kN5hxboz4nyM1Xgf0mOcSEbznq 0BbtGkd/CJ3NIpuwtvHG5VlT6l3O93xnEJJ5hs4xHODmeCX2tY8prcqlgltQLmOd AIHOYIlKfhzsQJxVUjjYq/6LG1PDnlPq9LZqL2posiNe8IaITZSWXzvPA3Q6d1Rg cLAcfVuPtpC7t4I/FCmZYGWsXXcoLiFF5uzU7dGJo9rjnOUqiFwZeTLu4INvbp1I xELz/KhS6eJmgw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:09 2025 by rpki-client