This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.mft File: sXLI1PyYbeufzrHw0MrifBwxNcM.mft (raw, json) Hash identifier: SSEaDMnFa+VSvUg5afu4XWCWTfMPW2sZ/+u4UmPu3BY= Subject key identifier: 5D:2D:BF:2A:C6:E3:0D:E8:14:DD:8E:12:0F:BE:F6:8B:FD:60:31:C2 Authority key identifier: B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3 Certificate issuer: /CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3 Certificate serial: 019AF2ADB012EC4015C18684D05DFE732C43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.mft Manifest number: 0C58 Signing time: Sat 06 Dec 2025 08:01:00 +0000 Manifest this update: Sat 06 Dec 2025 08:01:00 +0000 Manifest next update: Sun 07 Dec 2025 08:01:00 +0000 Files and hashes: 1: Fe5Gqx1aovGtXf8G6dbhghP8Zjc.roa (hash: BUPkFvlzjudVBF56jR+MbrRifodIklIIzIddNH6FiAc=) 2: sXLI1PyYbeufzrHw0MrifBwxNcM.crl (hash: OsLRCB2aMunwZ/40WIPS8TLMW+jxUgFxm/QnIiTLxjk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.mft rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b0:12:ec:40:15:c1:86:84:d0:5d:fe:73:2c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3 Validity Not Before: Dec 6 08:01:00 2025 GMT Not After : Dec 7 08:01:00 2025 GMT Subject: CN=5d2dbf2ac6e30de814dd8e120fbef68bfd6031c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fd:5c:d4:2c:06:3f:8f:98:f8:b5:90:d5:70: af:a8:c1:8a:ae:b5:fa:6b:05:5d:2f:f9:f7:dc:79: dc:b0:0d:eb:6d:bd:cb:d8:45:22:d7:c3:19:4e:f6: 81:b5:ae:43:a6:bb:6d:6e:40:7e:b8:7e:c8:2b:22: c0:46:ab:6e:9a:a5:f1:bb:1c:f6:db:be:21:7d:9e: 21:05:53:35:aa:d5:66:f9:66:98:ea:cb:bf:12:18: e5:78:37:c0:ae:c6:4d:33:c3:ba:80:ff:de:37:14: 2a:d5:49:3f:4a:13:d1:76:87:51:a6:9f:8e:e1:4b: 7f:3b:1e:21:65:bc:73:24:34:58:fd:39:b8:9f:36: 5b:f2:50:32:e5:f7:5c:81:44:59:19:8c:49:57:43: 4a:2c:4e:c6:6c:3b:cd:fa:c4:32:e7:7e:48:77:c1: 05:fe:a7:d9:be:c3:a2:21:e4:74:09:e0:39:e2:82: a6:d2:cc:71:97:b9:58:b2:23:14:87:6f:09:74:15: 1d:fa:b6:ae:a7:20:b5:bf:94:89:0d:08:90:8f:5e: 5d:cf:1d:8c:c0:77:14:91:0e:aa:9c:31:87:23:f3: 37:7b:73:2e:d4:a5:05:51:cf:8f:14:62:95:f2:ea: 75:c8:01:1c:e2:46:d7:5b:b4:48:16:d7:69:5b:fc: ea:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:2D:BF:2A:C6:E3:0D:E8:14:DD:8E:12:0F:BE:F6:8B:FD:60:31:C2 X509v3 Authority Key Identifier: keyid:B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:bb:bd:69:03:00:79:d1:f4:d8:03:b8:1e:a4:80:49:56:01: b7:4c:eb:15:5e:ed:23:a0:fa:2e:41:36:75:85:3d:c0:96:62: 42:a8:aa:81:29:3d:0f:7d:5a:6f:a4:38:9c:2b:4d:ed:d6:18: 93:24:97:d4:ae:e0:79:8a:4d:24:0a:36:ad:11:3c:98:78:26: 7b:f3:14:54:b1:57:be:52:6d:ad:83:ea:bd:e0:3a:3b:cb:e7: d6:0c:4f:bf:80:3e:ba:f9:17:fc:09:81:ea:81:1a:0e:93:fa: 65:60:47:df:a1:1d:d4:86:58:80:2a:42:19:18:9d:cc:24:dc: 41:09:93:35:c8:0f:88:bd:46:1c:88:92:2e:49:61:68:a4:b4: 06:38:f4:bf:c6:41:62:93:e3:51:f4:e6:58:21:3e:2d:c5:0e: bb:7c:bc:a8:19:b5:b8:c5:b1:f8:2a:37:ac:cc:36:a0:b7:df: 0e:ab:45:1d:49:20:12:32:64:7c:43:2a:97:8c:41:d1:74:67: 01:fe:ec:e9:aa:eb:ec:34:ae:54:97:c9:7b:45:b4:b7:20:82: 0b:b2:0c:5e:95:91:44:05:4b:92:18:4e:bd:93:ee:c8:da:93: 00:3a:09:6b:84:a0:04:d1:89:01:76:cd:31:d9:e5:9c:fd:e2: 91:2e:46:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbAS7EAVwYaE0F3+cyxDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxNzJjOGQ0ZmM5ODZkZWI5ZmNlYjFmMGQwY2FlMjdjMWMz MTM1YzMwHhcNMjUxMjA2MDgwMTAwWhcNMjUxMjA3MDgwMTAwWjAzMTEwLwYDVQQD Eyg1ZDJkYmYyYWM2ZTMwZGU4MTRkZDhlMTIwZmJlZjY4YmZkNjAzMWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv1c1CwGP4+Y+LWQ1XCvqMGKrrX6 awVdL/n33HncsA3rbb3L2EUi18MZTvaBta5DprttbkB+uH7IKyLARqtumqXxuxz2 274hfZ4hBVM1qtVm+WaY6su/EhjleDfArsZNM8O6gP/eNxQq1Uk/ShPRdodRpp+O 4Ut/Ox4hZbxzJDRY/Tm4nzZb8lAy5fdcgURZGYxJV0NKLE7GbDvN+sQy535Id8EF /qfZvsOiIeR0CeA54oKm0sxxl7lYsiMUh28JdBUd+raupyC1v5SJDQiQj15dzx2M wHcUkQ6qnDGHI/M3e3Mu1KUFUc+PFGKV8up1yAEc4kbXW7RIFtdpW/zqpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF0tvyrG4w3oFN2OEg++9ov9YDHCMB8GA1UdIwQY MBaAFLFyyNT8mG3rn86x8NDK4nwcMTXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEt ZWNiYjNmYzBhNzI1LzEvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEtZWNiYjNmYzBhNzI1 LzEvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7u9aQMA edH02AO4HqSASVYBt0zrFV7tI6D6LkE2dYU9wJZiQqiqgSk9D31ab6Q4nCtN7dYY kySX1K7geYpNJAo2rRE8mHgme/MUVLFXvlJtrYPqveA6O8vn1gxPv4A+uvkX/AmB 6oEaDpP6ZWBH36Ed1IZYgCpCGRidzCTcQQmTNcgPiL1GHIiSLklhaKS0Bjj0v8ZB YpPjUfTmWCE+LcUOu3y8qBm1uMWx+Co3rMw2oLffDqtFHUkgEjJkfEMql4xB0XRn Af7s6arr7DSuVJfJe0W0tyCCC7IMXpWRRAVLkhhOvZPuyNqTADoJa4SgBNGJAXbN MdnlnP3ikS5GJg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:41:30 2025 by rpki-client