This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft File: xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json) Hash identifier: ChfgEEquhJ3lWjJr7AIILegowbTLU96Na7x0Z3qmIzE= Subject key identifier: BF:40:4C:45:4E:8B:17:7F:F9:E6:1A:CB:3F:18:9B:4A:5D:D6:C1:48 Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA Certificate issuer: /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea Certificate serial: 019AF088B441D9906870EE368DFA7FBC1913 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft Manifest number: 175F Signing time: Fri 05 Dec 2025 22:01:21 +0000 Manifest this update: Fri 05 Dec 2025 22:01:21 +0000 Manifest next update: Sat 06 Dec 2025 22:01:21 +0000 Files and hashes: 1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: w/Ox2sUlFjnGYQ8+GEXZpUoJU9sSk4mA8I8IBAthu5Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:b4:41:d9:90:68:70:ee:36:8d:fa:7f:bc:19:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea Validity Not Before: Dec 5 22:01:21 2025 GMT Not After : Dec 6 22:01:21 2025 GMT Subject: CN=bf404c454e8b177ff9e61acb3f189b4a5dd6c148 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8e:cd:97:0e:42:6c:53:b7:74:ad:c1:b7:fa: 9e:a3:1e:d8:34:10:fd:39:5d:92:af:cb:64:de:b7: 06:37:fc:dd:39:27:13:b1:9c:79:4f:e4:26:6f:90: 44:bf:a4:16:90:d5:46:9d:6e:ff:2f:12:15:b5:bf: a2:67:b7:a2:8d:ab:a9:3f:fd:ee:cd:58:9e:3e:ec: bc:85:eb:83:06:59:d9:dd:d0:0c:72:9a:aa:73:8c: fd:22:87:43:0f:93:b4:4d:b7:2f:3b:af:eb:4b:a5: 12:58:7e:84:c1:2a:c8:f0:ab:9e:37:0a:5a:c7:64: f8:f6:e6:34:8f:cf:a7:4f:43:19:25:b6:78:2e:52: 88:97:48:57:f4:c1:d1:4a:63:80:7b:d7:8b:07:1f: c2:4f:29:cc:0e:b9:11:ff:ba:71:3e:59:de:29:3d: 16:ac:08:09:94:aa:f4:c9:6f:49:6b:4c:13:11:8f: ca:ec:d0:a8:bc:1c:52:bb:e4:11:16:ce:f0:3d:11: 69:dd:30:0b:3f:e1:a0:a8:4e:06:b9:88:3a:ca:dc: 28:75:85:a1:65:1b:7b:73:5a:25:92:5d:48:a9:73: f8:28:89:f0:74:d0:71:4b:f2:a3:e7:3d:63:29:87: bb:8a:fc:2d:e2:2d:19:fe:ce:60:0d:e9:67:7b:c9: d5:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:40:4C:45:4E:8B:17:7F:F9:E6:1A:CB:3F:18:9B:4A:5D:D6:C1:48 X509v3 Authority Key Identifier: keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:be:3d:a8:9d:08:76:80:3b:ef:fd:8b:0f:83:cc:2e:fd:f0: 19:d8:a1:ef:32:2e:73:06:6f:ea:a7:f7:bd:16:03:05:50:57: 82:4c:72:c5:6f:ee:82:0c:2d:22:93:72:e3:86:39:c9:74:03: 06:06:9b:8b:8e:2e:fe:1d:02:38:83:5e:ba:2e:12:50:59:e6: 77:8a:6d:61:75:48:3c:8b:6e:a2:94:09:59:6c:23:03:f7:91: c9:a7:f3:7e:d0:ab:8f:a1:18:c0:a0:6e:ab:c8:5e:ab:a0:87: 98:1c:a2:26:7f:d3:9b:ed:2f:a1:63:97:f6:c6:26:c9:c0:41: af:2f:3b:a8:09:4e:08:7f:34:ab:c8:34:0d:68:2f:b1:61:9a: 68:71:c4:31:17:84:dc:8e:2f:85:89:1d:0b:1e:d9:3d:c7:b7: b0:05:56:3e:ac:3d:c2:f4:3f:75:56:a6:65:75:59:61:8f:30: 86:53:3e:fc:be:d2:5a:5d:47:9b:9f:46:ea:04:eb:5b:6f:07: 3f:72:1b:be:72:4a:8f:3a:88:f3:95:cb:40:f7:78:d9:6e:26: 43:81:7e:72:d7:9c:73:bb:07:72:2a:c3:f9:74:d3:5f:69:5c: 68:b9:ad:11:42:2c:43:5e:2e:46:10:50:cd:dd:de:c2:67:a8: e0:c2:41:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiLRB2ZBocO42jfp/vBkTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2 MDZmZWEwHhcNMjUxMjA1MjIwMTIxWhcNMjUxMjA2MjIwMTIxWjAzMTEwLwYDVQQD EyhiZjQwNGM0NTRlOGIxNzdmZjllNjFhY2IzZjE4OWI0YTVkZDZjMTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY7Nlw5CbFO3dK3Bt/qeox7YNBD9 OV2Sr8tk3rcGN/zdOScTsZx5T+Qmb5BEv6QWkNVGnW7/LxIVtb+iZ7eijaupP/3u zViePuy8heuDBlnZ3dAMcpqqc4z9IodDD5O0TbcvO6/rS6USWH6EwSrI8KueNwpa x2T49uY0j8+nT0MZJbZ4LlKIl0hX9MHRSmOAe9eLBx/CTynMDrkR/7pxPlneKT0W rAgJlKr0yW9Ja0wTEY/K7NCovBxSu+QRFs7wPRFp3TALP+GgqE4GuYg6ytwodYWh ZRt7c1olkl1IqXP4KInwdNBxS/Kj5z1jKYe7ivwt4i0Z/s5gDelne8nVqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9ATEVOixd/+eYayz8Ym0pd1sFIMB8GA1UdIwQY MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjL49qJ0I doA77/2LD4PMLv3wGdih7zIucwZv6qf3vRYDBVBXgkxyxW/uggwtIpNy44Y5yXQD Bgabi44u/h0COINeui4SUFnmd4ptYXVIPItuopQJWWwjA/eRyafzftCrj6EYwKBu q8heq6CHmByiJn/Tm+0voWOX9sYmycBBry87qAlOCH80q8g0DWgvsWGaaHHEMReE 3I4vhYkdCx7ZPce3sAVWPqw9wvQ/dVamZXVZYY8whlM+/L7SWl1Hm59G6gTrW28H P3IbvnJKjzqI85XLQPd42W4mQ4F+ctecc7sHcirD+XTTX2lcaLmtEUIsQ14uRhBQ zd3ewmeo4MJBjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:20:12 2025 by rpki-client