This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft File: XLOiFF-bTUZgWCrca3NUlp4InKk.mft (raw, json) Hash identifier: 6DDnRZvP7MM7Vpq6V8zKFA3mGs2HpWEfYRD0KM+wGj4= Subject key identifier: 63:C6:41:75:C1:26:AC:9E:43:5F:0A:E0:B1:3A:40:00:ED:A9:D6:FC Authority key identifier: 5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9 Certificate issuer: /CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9 Certificate serial: 019AFB7A3815C785A58F1B3D1E58449735AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft Manifest number: 0F16 Signing time: Mon 08 Dec 2025 01:01:22 +0000 Manifest this update: Mon 08 Dec 2025 01:01:22 +0000 Manifest next update: Tue 09 Dec 2025 01:01:22 +0000 Files and hashes: 1: 8rSm2TYmCggVgedhJYf2d5mO9bY.roa (hash: u5F6NWnwd9MOKoxteUtWCw1+tPwzMsMfG5qFtnCO6pk=) 2: XLOiFF-bTUZgWCrca3NUlp4InKk.crl (hash: DqlkDJUHwxa3ir4mvvzvKBFR81K6Lel/Iycx2vrZi7A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 01:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:7a:38:15:c7:85:a5:8f:1b:3d:1e:58:44:97:35:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9 Validity Not Before: Dec 8 01:01:22 2025 GMT Not After : Dec 9 01:01:22 2025 GMT Subject: CN=63c64175c126ac9e435f0ae0b13a4000eda9d6fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:88:cd:14:90:94:2a:f0:0a:cc:86:55:b7:d8: 22:fd:12:99:fd:55:27:20:89:50:fe:bb:69:be:4b: fc:e1:24:9c:3f:94:e0:2a:22:31:69:37:cf:e3:22: d0:89:09:f1:88:ae:7c:e0:98:1d:d2:58:e0:08:79: ea:5c:e3:71:cf:bf:fb:05:53:de:98:72:5d:0c:1a: fb:cd:2b:1f:85:c2:35:86:e3:f3:6a:01:f5:a4:4f: 6e:d1:47:ac:40:91:d3:16:6d:da:c6:53:df:de:9a: 44:57:5c:3b:99:9d:81:14:b1:d0:4a:cf:b8:23:8f: 26:c9:5a:a5:36:1f:22:4e:7f:7f:b0:c7:5b:17:7a: a5:b2:37:0d:17:d0:6b:ca:78:9a:b3:0a:a1:1e:6b: ce:61:14:72:8c:d7:73:57:d9:05:4a:82:bd:b5:19: 6d:0c:0a:ac:8c:94:bc:fc:5e:3e:1c:2b:8a:a2:bf: e1:bf:cf:9b:eb:36:3c:07:ff:b3:e1:73:08:d4:b8: 68:cc:9a:37:d0:74:5f:4f:72:fd:90:98:6d:2b:30: 2c:1c:bc:3d:38:a5:62:0a:c5:84:87:f7:3d:1e:b1: 24:ab:70:b3:f9:bc:2c:ae:d7:cc:8f:80:42:35:5a: 3c:03:bc:a4:29:b2:3f:6b:c4:a6:ec:c0:a3:4a:6b: 48:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C6:41:75:C1:26:AC:9E:43:5F:0A:E0:B1:3A:40:00:ED:A9:D6:FC X509v3 Authority Key Identifier: keyid:5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:bf:cf:a6:e2:e5:28:be:8f:c6:87:4d:5e:e0:5a:58:b6:b5: e6:57:87:8c:72:3b:c1:1a:15:56:71:76:7b:14:21:a9:95:73: a7:b2:41:b5:fb:e0:c5:80:f8:db:7b:cd:c4:6e:8b:73:87:23: 2b:cc:f5:f3:be:5c:21:ed:e9:a9:b9:97:91:94:fd:db:6a:63: 7e:fb:d2:24:84:03:3b:9f:97:95:3f:5b:89:d3:12:01:e4:36: a6:62:4f:bd:73:99:2c:4c:15:c1:a7:42:c2:1c:35:f3:c2:db: 5f:83:d8:e8:7d:91:72:47:22:45:a0:21:62:ae:62:cc:08:d5: e1:26:05:07:fa:88:78:96:b6:0a:9f:fb:ab:84:69:f3:83:39: 83:c9:15:42:27:ce:36:7d:d8:a0:0a:4f:24:2e:96:c1:c0:05: 5f:23:df:59:79:6c:93:1a:06:bf:fd:7e:bc:e3:6c:99:f5:e8: 6a:86:d7:97:7f:da:02:de:62:9b:b0:0e:77:1a:2f:f2:55:c8: 71:4d:58:ad:21:35:72:40:83:bc:ca:4b:06:e8:5f:b0:f0:36: 48:c4:2d:1f:64:d1:a2:82:86:bc:c1:b9:09:56:83:d6:73:d3: 30:89:35:2a:7c:64:b7:a5:f1:e5:3c:29:fa:38:da:f9:c4:ff: 00:9f:1f:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr7ejgVx4Wljxs9HlhElzWtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYjNhMjE0NWY5YjRkNDY2MDU4MmFkYzZiNzM1NDk2OWUw ODljYTkwHhcNMjUxMjA4MDEwMTIyWhcNMjUxMjA5MDEwMTIyWjAzMTEwLwYDVQQD Eyg2M2M2NDE3NWMxMjZhYzllNDM1ZjBhZTBiMTNhNDAwMGVkYTlkNmZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnojNFJCUKvAKzIZVt9gi/RKZ/VUn IIlQ/rtpvkv84SScP5TgKiIxaTfP4yLQiQnxiK584Jgd0ljgCHnqXONxz7/7BVPe mHJdDBr7zSsfhcI1huPzagH1pE9u0UesQJHTFm3axlPf3ppEV1w7mZ2BFLHQSs+4 I48myVqlNh8iTn9/sMdbF3qlsjcNF9BryniaswqhHmvOYRRyjNdzV9kFSoK9tRlt DAqsjJS8/F4+HCuKor/hv8+b6zY8B/+z4XMI1LhozJo30HRfT3L9kJhtKzAsHLw9 OKViCsWEh/c9HrEkq3Cz+bwsrtfMj4BCNVo8A7ykKbI/a8Sm7MCjSmtI4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGPGQXXBJqyeQ18K4LE6QADtqdb8MB8GA1UdIwQY MBaAFFyzohRfm01GYFgq3GtzVJaeCJypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kMDY2MWMtY2ViYi00ZTIyLWIxOTct MTM5ODAwYThjNzVmLzEvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9kMDY2MWMtY2ViYi00ZTIyLWIxOTctMTM5ODAwYThjNzVm LzEvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAML/PpuLl KL6PxodNXuBaWLa15leHjHI7wRoVVnF2exQhqZVzp7JBtfvgxYD423vNxG6Lc4cj K8z1875cIe3pqbmXkZT922pjfvvSJIQDO5+XlT9bidMSAeQ2pmJPvXOZLEwVwadC whw188LbX4PY6H2RckciRaAhYq5izAjV4SYFB/qIeJa2Cp/7q4Rp84M5g8kVQifO Nn3YoApPJC6WwcAFXyPfWXlskxoGv/1+vONsmfXoaobXl3/aAt5im7AOdxov8lXI cU1YrSE1ckCDvMpLBuhfsPA2SMQtH2TRooKGvMG5CVaD1nPTMIk1Knxkt6Xx5Twp +jja+cT/AJ8fqg== -----END CERTIFICATE-----Generated at Mon Dec 8 09:36:01 2025 by rpki-client