This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json) Hash identifier: OllUrSzK0m4EAkuJqBBJ+NNUmWbBUT9gltenTqLWJUo= Subject key identifier: A3:47:0C:99:82:D3:CB:8E:9E:3B:52:94:1E:C3:1B:47:1F:F9:F5:31 Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Certificate serial: 019AF12DC9D1A41F33FB305E661B81124216 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft Manifest number: 168E Signing time: Sat 06 Dec 2025 01:01:41 +0000 Manifest this update: Sat 06 Dec 2025 01:01:41 +0000 Manifest next update: Sun 07 Dec 2025 01:01:41 +0000 Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=) 2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: Sh8GJ/9/3gPVJHtEsJ3gblkDPks+jPHO6cdG0kG2k/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c9:d1:a4:1f:33:fb:30:5e:66:1b:81:12:42:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Validity Not Before: Dec 6 01:01:41 2025 GMT Not After : Dec 7 01:01:41 2025 GMT Subject: CN=a3470c9982d3cb8e9e3b52941ec31b471ff9f531 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b6:a0:24:e0:e6:94:46:8c:ce:72:51:71:73: b5:48:22:d4:ff:e6:e0:b5:b9:dc:c6:99:ba:b1:ca: c3:31:92:45:d3:d5:2a:b8:f8:67:48:c0:0a:1b:08: 73:8b:90:cc:84:af:c1:9e:0d:f7:f1:f0:1e:02:e4: c3:2f:0c:ce:fe:8f:b8:3a:41:1a:aa:57:e0:a5:93: b3:96:cd:d6:a3:3f:f6:8e:94:0d:d0:6d:4f:57:77: 57:93:47:08:1a:2c:6d:ce:0b:e2:6b:25:49:ea:75: 98:32:24:4b:fe:e7:4d:15:77:97:f3:5a:10:55:56: 1f:19:af:8d:01:6f:18:af:a0:9d:02:a4:48:9d:6a: 63:f5:0d:fb:b1:10:26:cd:1a:a1:bb:0b:3d:64:d9: 76:be:a2:7a:02:21:98:99:11:4f:59:94:7d:2d:aa: e9:1a:d4:94:bb:e4:d8:ad:18:f4:10:43:00:3b:e1: 27:0b:22:5a:18:6a:e3:fb:20:c9:1a:5f:04:78:07: 4c:c6:31:b0:e8:fc:2b:80:ef:23:23:d6:db:7c:4a: 9c:2d:bd:49:0c:ae:86:09:2a:ce:18:b4:8f:a8:ad: 15:f1:3a:4f:e9:74:13:50:3e:96:1c:b8:ef:fc:e3: d5:2d:f2:0e:54:79:d9:4b:38:64:10:0c:fa:b6:5e: cb:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:47:0C:99:82:D3:CB:8E:9E:3B:52:94:1E:C3:1B:47:1F:F9:F5:31 X509v3 Authority Key Identifier: keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:69:c6:76:0e:1b:c7:56:b0:aa:a1:87:09:32:42:07:ce:c7: 57:fc:01:0e:cc:bb:2d:ab:d9:75:7e:c9:02:3d:48:b5:74:38: 86:cd:a6:03:89:02:b5:e5:e9:65:41:d9:31:18:c7:80:e6:6c: 02:b9:86:aa:bb:53:8e:6d:4d:94:2a:1c:9b:d9:b4:e7:aa:94: f2:10:ad:5e:29:5c:b3:d0:d2:36:68:d3:ca:07:a9:ce:ec:75: ce:a1:4f:b2:bf:bd:89:21:ad:02:c4:ca:b7:1f:21:20:17:25: f6:7b:b0:12:81:14:86:09:a1:95:21:3f:c4:a5:84:5e:78:ec: 89:76:fc:20:d6:7d:1d:1f:c6:b0:e8:fb:f3:c3:8b:9c:70:d5: 6c:71:6f:a1:20:30:fe:bb:0e:95:31:80:a7:1a:a6:e1:d3:bf: a0:73:1b:68:ef:3d:04:a3:05:28:64:36:96:6b:4d:fc:4b:29: a7:13:06:9b:9d:35:25:0b:41:a9:2b:aa:06:f8:3a:71:c5:78: 2d:6c:6e:23:8a:45:e6:4b:1c:60:1f:9f:c3:57:1c:23:2f:e7: ff:ac:0f:c7:9a:72:55:23:00:a5:50:76:79:49:2e:df:77:ea: 49:ae:2c:e0:ee:d5:6d:5e:bd:91:67:d1:15:93:86:98:c6:e6: 41:ae:6d:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcnRpB8z+zBeZhuBEkIWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl NzVkODcwHhcNMjUxMjA2MDEwMTQxWhcNMjUxMjA3MDEwMTQxWjAzMTEwLwYDVQQD EyhhMzQ3MGM5OTgyZDNjYjhlOWUzYjUyOTQxZWMzMWI0NzFmZjlmNTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7agJODmlEaMznJRcXO1SCLU/+bg tbncxpm6scrDMZJF09UquPhnSMAKGwhzi5DMhK/Bng338fAeAuTDLwzO/o+4OkEa qlfgpZOzls3Woz/2jpQN0G1PV3dXk0cIGixtzgviayVJ6nWYMiRL/udNFXeX81oQ VVYfGa+NAW8Yr6CdAqRInWpj9Q37sRAmzRqhuws9ZNl2vqJ6AiGYmRFPWZR9Larp GtSUu+TYrRj0EEMAO+EnCyJaGGrj+yDJGl8EeAdMxjGw6PwrgO8jI9bbfEqcLb1J DK6GCSrOGLSPqK0V8TpP6XQTUD6WHLjv/OPVLfIOVHnZSzhkEAz6tl7LGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKNHDJmC08uOnjtSlB7DG0cf+fUxMB8GA1UdIwQY MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWnGdg4b x1awqqGHCTJCB87HV/wBDsy7LavZdX7JAj1ItXQ4hs2mA4kCteXpZUHZMRjHgOZs ArmGqrtTjm1NlCocm9m056qU8hCtXilcs9DSNmjTygepzux1zqFPsr+9iSGtAsTK tx8hIBcl9nuwEoEUhgmhlSE/xKWEXnjsiXb8INZ9HR/GsOj788OLnHDVbHFvoSAw /rsOlTGApxqm4dO/oHMbaO89BKMFKGQ2lmtN/EsppxMGm501JQtBqSuqBvg6ccV4 LWxuI4pF5kscYB+fw1ccIy/n/6wPx5pyVSMApVB2eUku33fqSa4s4O7VbV69kWfR FZOGmMbmQa5tDw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:23:57 2025 by rpki-client