This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft File: XYHR_0WxVHwAqEtG75nsot-9Rbw.mft (raw, json) Hash identifier: c19wcL1AVcMCPlbS/MGvyQLpAle2IvyX7QnTa9AwuDY= Subject key identifier: DD:D5:DD:11:04:A7:96:7C:F0:F9:34:E7:22:9C:BB:FA:C7:AE:10:ED Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc Certificate serial: 019AF20983230FB0663D1BAC5ED411B95E3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 05:01:40 +0000 Manifest this update: Sat 06 Dec 2025 05:01:40 +0000 Manifest next update: Sun 07 Dec 2025 05:01:40 +0000 Files and hashes: 1: C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa (hash: Fud1edK7T1C6PqdOPqDnlVWq4JxXY+eiVXIDYHC1t50=) 2: XYHR_0WxVHwAqEtG75nsot-9Rbw.crl (hash: zHT4T8iZmLTYkCk/DBSYLMHXIrbrBUV7ZYrF4kXGCl8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:83:23:0f:b0:66:3d:1b:ac:5e:d4:11:b9:5e:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc Validity Not Before: Dec 6 05:01:40 2025 GMT Not After : Dec 7 05:01:40 2025 GMT Subject: CN=ddd5dd1104a7967cf0f934e7229cbbfac7ae10ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ba:e2:ce:d4:9c:ee:be:fe:47:ec:f2:f5:55: 56:d3:f7:e3:70:d1:ac:98:d9:d3:c0:1f:4f:ae:59: 81:71:da:7f:39:e0:b6:29:99:1f:cb:db:89:0f:84: 4b:ea:7b:75:80:0b:02:e1:24:9e:59:9b:1c:97:fe: 1d:57:b1:5a:d9:65:ef:9f:32:e6:31:83:29:34:1b: 72:e3:2b:5b:0d:77:28:77:ce:6e:55:ae:dd:0b:be: 8b:67:e3:c3:6b:6e:55:10:35:81:2e:ef:b9:28:3c: 58:79:06:9e:47:9d:07:fe:4d:2d:69:ce:2b:38:d0: cf:f0:c2:5f:5b:e1:0a:ff:6c:09:84:ae:60:e5:22: fa:6f:b9:a7:1e:58:be:98:46:27:fa:8c:60:44:46: 3c:ae:d9:24:1a:19:8a:77:e0:9c:0c:b9:f1:62:3e: f6:27:15:50:75:f7:79:4e:3d:b4:ba:fc:46:4a:2b: 12:45:7e:f7:e9:56:5b:44:4d:62:e7:13:99:18:17: 76:1e:d4:00:7f:fe:19:9f:d3:cf:bc:5f:91:fd:c7: 15:28:22:fb:42:3f:02:ab:ee:ea:fb:75:7e:70:6b: 23:55:5d:0d:8e:3b:e0:6c:be:00:e9:3c:26:0c:e2: 0e:c3:8a:93:28:40:83:e3:dd:71:60:ce:aa:33:af: 44:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D5:DD:11:04:A7:96:7C:F0:F9:34:E7:22:9C:BB:FA:C7:AE:10:ED X509v3 Authority Key Identifier: keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:6d:75:dd:85:e7:4e:79:c4:e2:bd:29:0d:61:64:fe:e8:d2: 28:9e:ca:e4:ce:53:57:4a:4a:c5:c5:5e:03:a4:d9:18:99:92: a4:b2:a2:82:bd:0a:ec:e9:e8:c6:08:eb:e2:f4:ae:16:e2:dc: 3e:8c:ee:e8:ff:aa:3f:5f:18:8c:10:2c:46:e6:b3:a1:f6:53: ce:97:11:1e:de:8c:f3:9f:6c:af:38:ce:aa:aa:db:bb:69:5d: fc:85:2a:34:5f:7c:d8:87:e5:97:63:cc:83:e7:e4:e5:47:98: 80:b7:d0:98:f5:53:85:13:5c:3c:0f:4d:f2:fa:65:06:ea:c0: ba:04:d8:3f:21:59:93:0f:6a:8c:5e:36:03:30:d3:83:d9:8f: 05:c8:b4:8f:89:f3:80:03:92:d7:ef:84:ea:9e:e4:ec:32:ed: 08:18:60:a9:94:74:30:f6:c0:23:d2:de:2f:37:f0:c9:e9:6b: a9:d0:25:91:2e:55:00:72:3c:dc:7c:6e:35:ff:53:60:62:d2: 67:f6:a1:23:3d:3c:8d:4e:49:ad:c8:d3:84:c0:b6:f1:f1:6e: e3:e3:b6:ba:2f:d1:df:f6:98:22:ed:69:dc:0e:4c:99:c8:6c: d2:03:5c:12:af:fe:d4:1b:87:d0:51:a9:31:50:e5:fc:05:5d: 7f:b3:6d:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCYMjD7BmPRusXtQRuV4/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi ZDQ1YmMwHhcNMjUxMjA2MDUwMTQwWhcNMjUxMjA3MDUwMTQwWjAzMTEwLwYDVQQD EyhkZGQ1ZGQxMTA0YTc5NjdjZjBmOTM0ZTcyMjljYmJmYWM3YWUxMGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7riztSc7r7+R+zy9VVW0/fjcNGs mNnTwB9PrlmBcdp/OeC2KZkfy9uJD4RL6nt1gAsC4SSeWZscl/4dV7Fa2WXvnzLm MYMpNBty4ytbDXcod85uVa7dC76LZ+PDa25VEDWBLu+5KDxYeQaeR50H/k0tac4r ONDP8MJfW+EK/2wJhK5g5SL6b7mnHli+mEYn+oxgREY8rtkkGhmKd+CcDLnxYj72 JxVQdfd5Tj20uvxGSisSRX736VZbRE1i5xOZGBd2HtQAf/4Zn9PPvF+R/ccVKCL7 Qj8Cq+7q+3V+cGsjVV0NjjvgbL4A6TwmDOIOw4qTKECD491xYM6qM69EAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3V3REEp5Z88Pk05yKcu/rHrhDtMB8GA1UdIwQY MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt ZWU4MGEyZDI5NTJkLzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJG113YXn TnnE4r0pDWFk/ujSKJ7K5M5TV0pKxcVeA6TZGJmSpLKigr0K7Onoxgjr4vSuFuLc Pozu6P+qP18YjBAsRuazofZTzpcRHt6M859srzjOqqrbu2ld/IUqNF982Ifll2PM g+fk5UeYgLfQmPVThRNcPA9N8vplBurAugTYPyFZkw9qjF42AzDTg9mPBci0j4nz gAOS1++E6p7k7DLtCBhgqZR0MPbAI9LeLzfwyelrqdAlkS5VAHI83HxuNf9TYGLS Z/ahIz08jU5JrcjThMC28fFu4+O2ui/R3/aYIu1p3A5Mmchs0gNcEq/+1BuH0FGp MVDl/AVdf7Ntgg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:35:16 2025 by rpki-client