This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft File: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json) Hash identifier: hxo6kXUCy8bIxPoajDtporfXUbRi9k7Ujj5SOH54IQM= Subject key identifier: 1A:EE:B3:9B:44:78:C3:6D:50:FA:73:D7:8F:6A:9C:90:0E:5E:39:A2 Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 Certificate issuer: /CN=5ed6772b90212e577249f7356c218ed1068b6776 Certificate serial: 019AF12D8626840490FBA7EA0C9DD7903F10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:01:23 +0000 Manifest this update: Sat 06 Dec 2025 01:01:23 +0000 Manifest next update: Sun 07 Dec 2025 01:01:23 +0000 Files and hashes: 1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: cfs+NwRYKGvU6IaEuJOFVNu4im5d+wZHS8QecVo0F04=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:86:26:84:04:90:fb:a7:ea:0c:9d:d7:90:3f:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776 Validity Not Before: Dec 6 01:01:23 2025 GMT Not After : Dec 7 01:01:23 2025 GMT Subject: CN=1aeeb39b4478c36d50fa73d78f6a9c900e5e39a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:87:b3:35:ba:15:71:1b:fc:49:50:89:0a:bc: d5:85:6d:4c:26:79:da:6a:84:eb:8a:ae:27:50:a8: 4c:ed:b6:20:55:2b:78:6a:a7:73:fa:af:24:41:9e: bf:20:01:8a:9d:8f:e6:e1:e6:21:c5:e1:30:ba:b0: 2d:bf:72:eb:ed:b9:d6:9e:06:5a:53:71:d7:8e:29: d7:8c:b1:f0:dd:b6:65:f2:6c:dc:45:e6:f8:fe:0e: ba:af:f9:ae:9a:0c:86:08:b0:d2:03:3b:26:14:c1: dc:67:d1:5b:db:1f:6e:e0:d8:16:23:22:b6:b0:99: 5f:d3:38:c8:55:b6:79:54:b7:91:88:e4:03:3e:91: d6:d8:62:ea:c7:a8:10:9f:d8:20:ba:81:a5:e5:a4: bd:1a:a1:42:7f:a0:1d:e3:2e:de:44:69:55:c5:d3: bc:6b:f2:cf:5e:67:1d:13:6e:25:e0:12:a3:a3:db: ad:87:4e:68:cb:b5:d9:53:70:b4:4d:00:a0:b0:ae: 74:f3:26:31:be:4a:90:2b:af:7e:ad:87:db:46:eb: 07:d3:9e:f2:dc:07:63:d6:e0:18:ff:4e:cf:25:4e: ac:2b:48:b3:be:aa:fe:05:17:d4:7e:10:44:69:20: 78:2d:1b:e6:f0:05:7a:59:b1:34:e3:88:e4:8a:2e: 0d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:EE:B3:9B:44:78:C3:6D:50:FA:73:D7:8F:6A:9C:90:0E:5E:39:A2 X509v3 Authority Key Identifier: keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:19:0e:2b:8b:8b:19:c5:36:95:7f:0c:58:9b:fa:59:4d:30: 95:b6:4c:7a:83:7e:fa:f8:49:a8:41:e3:2c:1d:5a:1f:28:ca: 0f:b1:72:9f:a6:b4:77:c7:c2:e6:59:f7:2e:6c:c9:41:f2:2c: 5f:ca:2c:58:cc:e3:5a:2e:40:6d:a2:b5:34:f5:2b:eb:cf:66: c5:90:70:74:29:3e:c2:4a:17:03:17:e2:65:6c:25:47:62:e9: b2:1b:52:59:d1:73:36:29:a2:ed:07:8f:bc:b1:99:83:42:b6: c5:2c:5b:96:66:76:42:a3:bc:1c:a7:da:30:f1:74:b3:04:e5: 17:ad:88:32:40:5c:3d:74:c6:86:df:08:b3:d0:24:00:98:ec: fd:9e:a5:90:31:a6:e4:70:fb:37:22:87:af:05:13:5d:bd:79: 23:d3:8f:2e:75:f8:2e:c4:6e:ac:45:7e:41:22:44:af:d2:e8: de:b1:90:4a:54:f1:62:d8:54:bb:fb:03:b8:60:08:5b:05:22: d9:aa:28:6c:cb:07:fb:20:95:16:1f:ed:13:ea:ae:c1:63:75: ff:05:f4:fa:3a:ae:ad:d2:cd:4c:8c:eb:df:62:8e:b3:e1:94: 73:09:d3:c9:25:0f:b6:cc:fc:78:10:17:4c:b5:6f:34:24:72: f3:a9:4f:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYYmhASQ+6fqDJ3XkD8QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4 YjY3NzYwHhcNMjUxMjA2MDEwMTIzWhcNMjUxMjA3MDEwMTIzWjAzMTEwLwYDVQQD EygxYWVlYjM5YjQ0NzhjMzZkNTBmYTczZDc4ZjZhOWM5MDBlNWUzOWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIezNboVcRv8SVCJCrzVhW1MJnna aoTriq4nUKhM7bYgVSt4aqdz+q8kQZ6/IAGKnY/m4eYhxeEwurAtv3Lr7bnWngZa U3HXjinXjLHw3bZl8mzcReb4/g66r/mumgyGCLDSAzsmFMHcZ9Fb2x9u4NgWIyK2 sJlf0zjIVbZ5VLeRiOQDPpHW2GLqx6gQn9gguoGl5aS9GqFCf6Ad4y7eRGlVxdO8 a/LPXmcdE24l4BKjo9uth05oy7XZU3C0TQCgsK508yYxvkqQK69+rYfbRusH057y 3Adj1uAY/07PJU6sK0izvqr+BRfUfhBEaSB4LRvm8AV6WbE044jkii4NVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBrus5tEeMNtUPpz149qnJAOXjmiMB8GA1UdIwQY MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBkOK4uL GcU2lX8MWJv6WU0wlbZMeoN++vhJqEHjLB1aHyjKD7Fyn6a0d8fC5ln3LmzJQfIs X8osWMzjWi5AbaK1NPUr689mxZBwdCk+wkoXAxfiZWwlR2LpshtSWdFzNimi7QeP vLGZg0K2xSxblmZ2QqO8HKfaMPF0swTlF62IMkBcPXTGht8Is9AkAJjs/Z6lkDGm 5HD7NyKHrwUTXb15I9OPLnX4LsRurEV+QSJEr9Lo3rGQSlTxYthUu/sDuGAIWwUi 2aoobMsH+yCVFh/tE+quwWN1/wX0+jqurdLNTIzr32KOs+GUcwnTySUPtsz8eBAX TLVvNCRy86lPiA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:31:48 2025 by rpki-client