This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft File: _XF_OrY5RaG-c5wrOiWJvqVd224.mft (raw, json) Hash identifier: q/RPXw+WDTxClkaa98kJpVbuewnkTXribwkGiIdN0Fg= Subject key identifier: 0E:44:CA:38:1B:0E:8A:48:39:37:AF:76:31:A3:1A:FB:C6:AA:94:FC Authority key identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E Certificate issuer: /CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e Certificate serial: 019AF24023B6C3C1A0B6DC5DDC395B642FD4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft Manifest number: 0D13 Signing time: Sat 06 Dec 2025 06:01:20 +0000 Manifest this update: Sat 06 Dec 2025 06:01:20 +0000 Manifest next update: Sun 07 Dec 2025 06:01:20 +0000 Files and hashes: 1: _XF_OrY5RaG-c5wrOiWJvqVd224.crl (hash: veaOpG8XMg5cmBkafMFHtGdLoh4scAFjPgJNLOjX18w=) 2: gzdyy5qInnSa0M6b956pVUzgC-k.roa (hash: 2Ow3V4pucXvBImXLn02gpmIFTSdf3VU+/V7SnyCKOjI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:23:b6:c3:c1:a0:b6:dc:5d:dc:39:5b:64:2f:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e Validity Not Before: Dec 6 06:01:20 2025 GMT Not After : Dec 7 06:01:20 2025 GMT Subject: CN=0e44ca381b0e8a483937af7631a31afbc6aa94fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:62:59:51:f1:a1:e1:42:89:3d:fd:57:5a:dd: d6:ac:b5:87:97:19:f8:b8:55:a5:b9:c3:53:6d:08: 36:99:ba:4c:5b:ce:4f:46:3e:50:9e:4a:b8:81:fc: 4c:cf:46:66:d7:40:25:01:e5:0d:bf:b1:40:2a:16: c0:b4:1c:ad:c8:8c:92:64:2f:43:c8:c9:e8:8c:a4: a5:7d:32:13:a5:c3:85:ac:4d:ea:3a:22:84:08:22: 9d:cc:88:05:69:15:30:b4:43:64:67:55:49:64:84: ed:15:b5:ab:9d:cf:d1:25:32:d1:6c:16:20:ed:2b: 88:36:da:6b:02:c6:a0:bd:8e:6b:92:40:bc:b3:b1: 3b:ac:c1:83:1b:8e:65:8f:25:2b:9b:60:5e:12:6b: a3:e7:66:a1:50:57:e0:71:f7:6d:50:e1:da:b8:80: ca:f7:3e:31:55:a5:dc:9f:3d:b8:ce:84:0c:fa:80: 68:de:2b:3c:d2:db:42:ee:b8:3b:30:99:1a:b4:77: 4f:39:b1:34:ae:ef:99:99:fb:54:38:79:78:59:03: 0c:ae:a5:05:a0:61:c8:ce:e0:49:57:85:0d:fe:b3: 32:5c:4d:21:4c:75:28:59:25:b4:58:c1:96:a4:18: 0c:af:5f:83:f6:8a:9a:5a:ff:f8:68:a0:af:4a:00: b7:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:44:CA:38:1B:0E:8A:48:39:37:AF:76:31:A3:1A:FB:C6:AA:94:FC X509v3 Authority Key Identifier: keyid:FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:1f:15:b6:4b:66:05:2f:f9:2b:40:60:03:fe:67:d1:11:cc: 19:7d:05:20:ff:f6:bb:76:50:08:fc:4b:ae:be:6d:90:98:22: e6:ee:ad:1b:e5:d2:d7:e7:4d:8a:6a:37:00:aa:2b:1b:ea:0b: a9:49:c1:05:56:05:65:82:97:2f:ef:16:7a:a4:82:79:79:ce: 0f:2a:ee:16:0a:2c:b8:48:68:86:cb:b5:69:2a:87:b2:1c:a1: e4:f2:40:5e:67:d4:86:9f:9c:da:cb:a8:63:32:94:04:e2:f0: 6b:37:17:ac:dd:ef:d9:9d:00:35:dc:cd:14:9f:23:7b:73:e2: 97:4f:d0:62:3c:08:5a:18:7e:33:77:0c:97:30:8e:f7:fa:b8: 0e:db:0c:6c:f4:85:ad:9e:e3:f8:6d:95:96:77:e3:d2:9d:e9: b4:33:36:94:3c:40:94:61:78:9b:ef:96:17:b7:0b:b0:aa:d0: b2:77:46:90:f2:33:48:08:16:67:10:e2:ba:c1:d5:54:9d:62: de:9d:c4:86:5c:bf:a1:f5:ff:bc:e8:1b:68:68:28:f7:b3:00: e5:7a:b9:f4:cd:0a:53:ec:1b:84:ef:9a:8f:a5:be:60:67:46: 59:7a:01:4c:5e:a6:ba:10:b1:16:07:43:b9:37:93:d5:0b:2b: 64:18:5f:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQCO2w8Ggttxd3DlbZC/UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzE3ZjNhYjYzOTQ1YTFiZTczOWMyYjNhMjU4OWJlYTU1 ZGRiNmUwHhcNMjUxMjA2MDYwMTIwWhcNMjUxMjA3MDYwMTIwWjAzMTEwLwYDVQQD EygwZTQ0Y2EzODFiMGU4YTQ4MzkzN2FmNzYzMWEzMWFmYmM2YWE5NGZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWJZUfGh4UKJPf1XWt3WrLWHlxn4 uFWlucNTbQg2mbpMW85PRj5Qnkq4gfxMz0Zm10AlAeUNv7FAKhbAtBytyIySZC9D yMnojKSlfTITpcOFrE3qOiKECCKdzIgFaRUwtENkZ1VJZITtFbWrnc/RJTLRbBYg 7SuINtprAsagvY5rkkC8s7E7rMGDG45ljyUrm2BeEmuj52ahUFfgcfdtUOHauIDK 9z4xVaXcnz24zoQM+oBo3is80ttC7rg7MJkatHdPObE0ru+ZmftUOHl4WQMMrqUF oGHIzuBJV4UN/rMyXE0hTHUoWSW0WMGWpBgMr1+D9oqaWv/4aKCvSgC39QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA5EyjgbDopIOTevdjGjGvvGqpT8MB8GA1UdIwQY MBaAFP1xfzq2OUWhvnOcKzolib6lXdtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAt OTMxNTA1ZmY0MWM1LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAtOTMxNTA1ZmY0MWM1 LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfB8Vtktm BS/5K0BgA/5n0RHMGX0FIP/2u3ZQCPxLrr5tkJgi5u6tG+XS1+dNimo3AKorG+oL qUnBBVYFZYKXL+8WeqSCeXnODyruFgosuEhohsu1aSqHshyh5PJAXmfUhp+c2suo YzKUBOLwazcXrN3v2Z0ANdzNFJ8je3Pil0/QYjwIWhh+M3cMlzCO9/q4DtsMbPSF rZ7j+G2Vlnfj0p3ptDM2lDxAlGF4m++WF7cLsKrQsndGkPIzSAgWZxDiusHVVJ1i 3p3Ehly/ofX/vOgbaGgo97MA5Xq59M0KU+wbhO+aj6W+YGdGWXoBTF6muhCxFgdD uTeT1QsrZBhfzQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:25:46 2025 by rpki-client