This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft File: XKn3Xcos07OTU-AwCzC6W2KXais.mft (raw, json) Hash identifier: VphdI6zKRPJ8N6GV5CCByLxi/pKub9zDBlR+eg4G8oo= Subject key identifier: A7:4B:ED:BB:DC:F3:BB:0C:1C:7E:7A:9C:8D:1F:5A:E3:1E:73:09:33 Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B Certificate issuer: /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b Certificate serial: 019AF61C71212A4E44FF0162D9565C8350E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft Manifest number: 0AED Signing time: Sun 07 Dec 2025 00:00:50 +0000 Manifest this update: Sun 07 Dec 2025 00:00:50 +0000 Manifest next update: Mon 08 Dec 2025 00:00:50 +0000 Files and hashes: 1: XKn3Xcos07OTU-AwCzC6W2KXais.crl (hash: dtlpykH+eH5/jv9sPqmYzIrfh07x4u8dolrWy9y7rMM=) 2: b9Hu80_829heeLvFjfJdJz5nCTc.roa (hash: j+SJeADqUhFu2qLu6938DWITw4JSWTcM1pVfvfeWeP8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:71:21:2a:4e:44:ff:01:62:d9:56:5c:83:50:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b Validity Not Before: Dec 7 00:00:50 2025 GMT Not After : Dec 8 00:00:50 2025 GMT Subject: CN=a74bedbbdcf3bb0c1c7e7a9c8d1f5ae31e730933 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:30:11:db:4a:ff:96:5e:e2:26:88:02:e8:41: 24:7d:4d:c0:57:fb:65:74:f5:6b:0c:fc:d5:9b:76: 92:9f:22:cb:ea:54:46:c0:28:96:4f:40:e8:0d:c5: 45:b6:a7:8b:44:86:19:f4:51:d1:88:94:07:65:56: b5:b1:f6:ff:68:56:ed:9a:3d:f0:8e:0f:50:96:22: ed:e1:4c:00:0e:e4:eb:7d:0e:2a:df:9a:eb:b0:86: 89:4b:2f:76:e1:fd:dd:a2:23:b9:d2:94:62:ca:f8: dd:76:67:b8:5c:e6:33:d1:f5:22:73:63:d9:e4:b3: 05:c4:b7:40:b1:16:66:dd:ab:69:73:43:5b:97:47: 1c:e3:6a:5a:5c:1f:9a:53:6d:49:f9:12:90:a2:21: 07:ff:65:9a:70:3d:b0:94:e3:a1:c7:75:6f:48:ee: 1d:cc:87:87:9a:ee:3c:99:88:83:5c:07:27:4a:23: dd:9b:6e:d7:56:c9:20:7e:6d:8c:da:11:b2:e3:5d: 93:c7:18:9d:be:7e:e9:d0:64:cf:6f:00:12:8c:4c: c9:0b:e2:bb:b8:1a:09:9b:a3:ff:44:6a:3c:46:61: fe:52:90:2e:f5:e1:46:18:18:ce:9a:1c:92:b6:cc: 38:bd:b5:be:4e:1b:92:69:a2:44:29:8f:81:3e:14: af:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:4B:ED:BB:DC:F3:BB:0C:1C:7E:7A:9C:8D:1F:5A:E3:1E:73:09:33 X509v3 Authority Key Identifier: keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:1d:83:3a:83:f9:b6:e0:9a:6c:92:65:49:f2:83:f6:82:74: 9b:bc:5e:38:57:23:f3:9e:22:e8:9f:84:9d:fc:c7:bf:35:ff: 35:ba:b7:5b:35:8d:5f:9a:23:84:34:4d:ce:ad:7d:32:06:39: 21:f9:ca:67:2e:60:46:13:10:a8:62:eb:fd:d0:1b:aa:9f:f2: b3:a6:e2:50:04:b6:57:e4:96:a2:8c:90:f8:6d:50:94:7b:07: 23:57:60:fb:37:c9:94:ff:14:93:5a:6e:e9:94:66:2d:c3:16: b8:4c:8f:70:60:9d:06:e4:9e:dc:bf:d9:a4:d1:9a:8a:fd:dd: b4:b0:f6:d6:29:18:1b:63:70:7f:0a:74:e8:e1:9c:59:2e:17: 1a:0f:e6:82:87:8c:4d:07:4a:de:4c:5b:7b:c2:da:a2:a2:fe: c5:b9:fd:5c:de:fc:b9:54:cd:c7:fa:ad:40:55:e2:fd:8f:b4: 50:23:bc:eb:66:92:8b:74:a4:d8:8d:6c:8a:99:ff:fd:0d:c3: f0:05:99:11:97:b0:bd:19:80:62:a7:74:d9:c5:39:ef:5d:f0: dc:94:fa:2f:91:fb:80:bd:41:bc:dc:7e:31:0a:45:e3:2f:ab: b2:9c:97:38:25:0c:41:08:57:d5:64:ac:5d:06:ff:b1:51:da: 81:ae:db:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HHEhKk5E/wFi2VZcg1DjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5 NzZhMmIwHhcNMjUxMjA3MDAwMDUwWhcNMjUxMjA4MDAwMDUwWjAzMTEwLwYDVQQD EyhhNzRiZWRiYmRjZjNiYjBjMWM3ZTdhOWM4ZDFmNWFlMzFlNzMwOTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjAR20r/ll7iJogC6EEkfU3AV/tl dPVrDPzVm3aSnyLL6lRGwCiWT0DoDcVFtqeLRIYZ9FHRiJQHZVa1sfb/aFbtmj3w jg9QliLt4UwADuTrfQ4q35rrsIaJSy924f3doiO50pRiyvjddme4XOYz0fUic2PZ 5LMFxLdAsRZm3atpc0Nbl0cc42paXB+aU21J+RKQoiEH/2WacD2wlOOhx3VvSO4d zIeHmu48mYiDXAcnSiPdm27XVskgfm2M2hGy412Txxidvn7p0GTPbwASjEzJC+K7 uBoJm6P/RGo8RmH+UpAu9eFGGBjOmhyStsw4vbW+ThuSaaJEKY+BPhSv6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKdL7bvc87sMHH56nI0fWuMecwkzMB8GA1UdIwQY MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt MWQ1MWM0NjhkNTU2LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2 LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWh2DOoP5 tuCabJJlSfKD9oJ0m7xeOFcj854i6J+EnfzHvzX/Nbq3WzWNX5ojhDRNzq19MgY5 IfnKZy5gRhMQqGLr/dAbqp/ys6biUAS2V+SWooyQ+G1QlHsHI1dg+zfJlP8Uk1pu 6ZRmLcMWuEyPcGCdBuSe3L/ZpNGaiv3dtLD21ikYG2Nwfwp06OGcWS4XGg/mgoeM TQdK3kxbe8LaoqL+xbn9XN78uVTNx/qtQFXi/Y+0UCO862aSi3Sk2I1sipn//Q3D 8AWZEZewvRmAYqd02cU5713w3JT6L5H7gL1BvNx+MQpF4y+rspyXOCUMQQhX1WSs XQb/sVHaga7bxw== -----END CERTIFICATE-----Generated at Sun Dec 7 04:57:45 2025 by rpki-client