This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft File: XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json) Hash identifier: lVEz3opM9IkEDujxUc8BjFE1OQdrB5fICQqrJft5i3k= Subject key identifier: A7:16:7A:FF:D5:A4:94:FB:AD:8A:CC:A5:D5:0F:54:48:BD:DA:BD:B3 Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A Certificate issuer: /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a Certificate serial: 019AF31C07E7942E7C976C0ED6A112AA0F42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft Manifest number: 09F0 Signing time: Sat 06 Dec 2025 10:01:31 +0000 Manifest this update: Sat 06 Dec 2025 10:01:31 +0000 Manifest next update: Sun 07 Dec 2025 10:01:31 +0000 Files and hashes: 1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: h0qi+n6bsMvx2Dkm23hfR956GdlfXtOzt0KEgzOZT/M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:07:e7:94:2e:7c:97:6c:0e:d6:a1:12:aa:0f:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a Validity Not Before: Dec 6 10:01:31 2025 GMT Not After : Dec 7 10:01:31 2025 GMT Subject: CN=a7167affd5a494fbad8acca5d50f5448bddabdb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:2d:fd:d0:63:90:90:29:56:6c:59:a9:16:f0: e3:5b:eb:06:e9:1c:5b:eb:ed:4a:29:6c:d8:3d:e2: 7b:f4:bc:11:93:e9:bd:0c:bc:5e:45:97:f0:f5:bd: 08:52:39:73:b1:5e:dd:30:74:2f:d4:46:35:f7:c2: d4:e2:50:c2:b8:d7:55:43:d1:75:cd:b1:76:31:a5: b1:6e:9f:a3:a3:fd:50:29:6c:47:3f:a4:7a:f4:d1: 07:50:19:05:6b:0e:f6:0a:08:a0:c5:91:a7:1d:53: 12:ab:f5:49:c9:b0:de:76:6a:19:ce:c1:d9:bb:89: 15:b0:e2:90:41:1a:17:6e:c0:0c:bd:d2:76:b8:d9: 7c:1a:5e:61:f9:41:4b:9e:07:be:10:10:e2:4c:b9: a7:1d:6d:4f:eb:e7:20:b5:57:ed:21:a3:ed:f1:96: eb:96:64:29:98:5a:e1:8d:10:1f:aa:24:30:6b:e2: 95:4c:ee:a8:cd:d9:ed:11:48:68:10:77:b5:a6:fe: 69:22:34:ab:14:2f:ad:fd:0e:c2:0a:07:6b:35:37: 6b:b3:f1:9f:74:d3:e1:35:3b:3d:da:02:08:4d:35: cf:00:0b:d0:8f:48:b2:55:70:4a:81:43:31:99:be: 66:5d:ce:0f:45:c3:28:c3:09:0f:38:bb:93:39:1b: 93:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:16:7A:FF:D5:A4:94:FB:AD:8A:CC:A5:D5:0F:54:48:BD:DA:BD:B3 X509v3 Authority Key Identifier: keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:ac:d4:b5:59:16:9b:4e:58:39:3a:25:43:9b:2c:50:fc:53: 8c:0f:13:b2:7e:a5:cb:b1:91:89:86:1c:f0:c8:8b:4e:bc:b7: f4:bf:7f:2f:ae:f8:bf:8f:ea:4b:5a:a1:3d:32:a9:19:58:27: 8d:10:35:af:8f:a7:bc:d5:41:9b:dd:c8:02:b8:9c:f5:5b:cb: d0:b6:da:c8:8b:46:92:71:04:b0:8f:09:e4:85:78:14:c0:1f: 34:da:67:6a:f1:59:45:4a:de:95:dc:bb:fe:f7:41:c9:b7:36: a3:5c:93:c5:9e:b2:bd:0a:d2:42:78:61:ca:22:16:0b:c8:a5: 2f:fb:2d:11:71:78:47:80:80:4a:e1:dc:26:56:28:a6:60:89: 97:f6:16:db:7d:d2:ff:dc:19:cb:30:7a:c2:38:53:d6:f7:e6: 96:25:2f:52:1d:ad:30:ee:96:8b:59:b0:9e:16:ec:ce:ac:58: 09:6d:ad:0f:8c:c4:3a:88:ee:1f:24:da:71:84:9a:96:2c:94: e5:29:5c:2c:79:b7:50:f6:17:24:21:e7:e2:4e:1f:9f:8f:8e: 7e:8a:02:a4:4c:c5:9f:36:e5:40:91:a7:bd:d5:cf:66:fc:f9: 1e:fe:5d:a3:84:08:bd:30:b4:d7:16:9d:f5:6a:ec:b7:fc:c4: d7:5d:5b:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHAfnlC58l2wO1qESqg9CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk MGJiM2EwHhcNMjUxMjA2MTAwMTMxWhcNMjUxMjA3MTAwMTMxWjAzMTEwLwYDVQQD EyhhNzE2N2FmZmQ1YTQ5NGZiYWQ4YWNjYTVkNTBmNTQ0OGJkZGFiZGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky390GOQkClWbFmpFvDjW+sG6Rxb 6+1KKWzYPeJ79LwRk+m9DLxeRZfw9b0IUjlzsV7dMHQv1EY198LU4lDCuNdVQ9F1 zbF2MaWxbp+jo/1QKWxHP6R69NEHUBkFaw72CgigxZGnHVMSq/VJybDedmoZzsHZ u4kVsOKQQRoXbsAMvdJ2uNl8Gl5h+UFLnge+EBDiTLmnHW1P6+cgtVftIaPt8Zbr lmQpmFrhjRAfqiQwa+KVTO6ozdntEUhoEHe1pv5pIjSrFC+t/Q7CCgdrNTdrs/Gf dNPhNTs92gIITTXPAAvQj0iyVXBKgUMxmb5mXc4PRcMowwkPOLuTORuTDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKcWev/VpJT7rYrMpdUPVEi92r2zMB8GA1UdIwQY MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKzUtVkW m05YOTolQ5ssUPxTjA8Tsn6ly7GRiYYc8MiLTry39L9/L674v4/qS1qhPTKpGVgn jRA1r4+nvNVBm93IAric9VvL0LbayItGknEEsI8J5IV4FMAfNNpnavFZRUreldy7 /vdBybc2o1yTxZ6yvQrSQnhhyiIWC8ilL/stEXF4R4CASuHcJlYopmCJl/YW233S /9wZyzB6wjhT1vfmliUvUh2tMO6Wi1mwnhbszqxYCW2tD4zEOojuHyTacYSaliyU 5SlcLHm3UPYXJCHn4k4fn4+OfooCpEzFnzblQJGnvdXPZvz5Hv5do4QIvTC01xad 9Wrst/zE111bHg== -----END CERTIFICATE-----Generated at Sat Dec 6 15:28:17 2025 by rpki-client