This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft File: xRvfUzN6yxiydpUsNX6RmAvMWww.mft (raw, json) Hash identifier: ybPj5NSU9DBFHQoqG9Gcg2SHnkecqtCUtJW0mUhWMWo= Subject key identifier: 13:2D:EA:92:E8:DC:DA:BE:9A:89:1F:85:EE:55:0A:64:BF:75:DF:E1 Authority key identifier: C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C Certificate issuer: /CN=c51bdf53337acb18b276952c357e91980bcc5b0c Certificate serial: 019AF31C1A8167F5B54CC3905F49184360F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft Manifest number: 0B71 Signing time: Sat 06 Dec 2025 10:01:36 +0000 Manifest this update: Sat 06 Dec 2025 10:01:36 +0000 Manifest next update: Sun 07 Dec 2025 10:01:36 +0000 Files and hashes: 1: xRvfUzN6yxiydpUsNX6RmAvMWww.crl (hash: BI+iKQPDnek36nIYUaYNlWU+FoaEDd71shHVv9UcMYc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:1a:81:67:f5:b5:4c:c3:90:5f:49:18:43:60:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c51bdf53337acb18b276952c357e91980bcc5b0c Validity Not Before: Dec 6 10:01:36 2025 GMT Not After : Dec 7 10:01:36 2025 GMT Subject: CN=132dea92e8dcdabe9a891f85ee550a64bf75dfe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:c5:2e:8f:99:02:4e:0e:dd:14:1d:c1:58:13: ea:a2:22:87:87:9f:73:68:e0:9c:4d:5c:90:1f:c5: b4:7d:7f:c9:5c:db:cb:3d:a4:5e:05:e5:43:aa:34: 22:2e:5b:ce:32:7a:54:07:be:4a:22:ef:3e:f3:fc: 1e:93:6e:6e:6f:c9:f7:26:b1:53:69:d7:fa:eb:ca: 13:9f:8b:ad:e3:32:33:39:00:33:cc:88:7f:bc:59: a6:47:74:84:ef:f7:1a:87:69:8e:2b:71:e1:e8:37: 1c:2c:3e:3a:46:3e:d2:37:c2:15:b8:93:9e:bc:9f: dd:ad:ff:b0:40:17:53:40:8f:4a:4b:36:24:41:3d: ca:65:09:cb:b0:23:6b:cd:df:64:48:08:92:18:fe: 1b:f2:56:07:79:05:c4:80:42:74:03:f7:1f:cc:74: cb:79:e1:2f:93:45:1d:69:3b:85:77:72:37:3f:d4: eb:00:76:5e:be:c5:6a:06:e9:1f:70:7c:99:35:a2: 7f:e7:75:59:96:e1:f0:6a:6e:8b:76:f8:4d:1b:ba: 46:77:1d:c5:cc:70:f2:1e:17:18:ec:bd:44:35:b7: 72:22:df:ad:d1:2d:aa:e1:be:0a:c8:32:af:ce:e0: 53:2c:7b:ad:a2:0c:55:ce:43:7b:79:19:1c:38:98: 3a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:2D:EA:92:E8:DC:DA:BE:9A:89:1F:85:EE:55:0A:64:BF:75:DF:E1 X509v3 Authority Key Identifier: keyid:C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:8e:e9:9e:72:47:dd:5b:2e:8e:8f:8b:a9:3a:7c:0b:15:20: c8:9e:ff:67:89:c9:f8:a9:bd:6b:8e:26:f0:d5:76:04:33:3e: df:ee:5e:b1:5b:10:ff:17:6d:bd:e8:b1:1d:85:eb:47:43:aa: e7:af:b2:ed:a1:0e:38:9c:3a:81:2f:2b:00:e2:5d:c6:f9:dd: 0f:10:a4:aa:7e:f7:e3:5e:35:02:a1:36:98:1d:80:95:ac:45: 5f:df:ce:ea:bc:38:a1:60:b5:fd:9e:07:93:c5:e0:86:69:bb: 78:aa:e6:0b:13:26:f1:1c:b8:6c:07:ef:e9:09:ce:db:10:d0: 1e:dd:d5:27:5b:85:97:11:cc:22:5e:82:3c:f0:b3:a2:f7:49: a5:0b:5b:9d:b5:62:63:86:93:66:8a:24:c2:8f:4b:f4:93:49: bf:6b:b0:62:31:af:a7:83:0e:70:0f:90:6c:41:d0:4d:a5:a0: 85:01:d4:d8:40:a7:6c:b7:d1:8d:f0:9b:f9:79:87:57:a4:aa: 3b:dd:0c:3f:01:ac:0b:64:86:24:c7:14:ee:3a:f1:3b:38:95: 75:ca:1d:20:7d:c0:e6:10:ed:06:ae:aa:1f:e3:49:cc:63:ad: a7:74:e9:7f:f4:b1:7b:b6:89:85:18:57:59:9c:a6:90:c5:f9: df:fd:83:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHBqBZ/W1TMOQX0kYQ2D2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1MWJkZjUzMzM3YWNiMThiMjc2OTUyYzM1N2U5MTk4MGJj YzViMGMwHhcNMjUxMjA2MTAwMTM2WhcNMjUxMjA3MTAwMTM2WjAzMTEwLwYDVQQD EygxMzJkZWE5MmU4ZGNkYWJlOWE4OTFmODVlZTU1MGE2NGJmNzVkZmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcUuj5kCTg7dFB3BWBPqoiKHh59z aOCcTVyQH8W0fX/JXNvLPaReBeVDqjQiLlvOMnpUB75KIu8+8/wek25ub8n3JrFT adf668oTn4ut4zIzOQAzzIh/vFmmR3SE7/cah2mOK3Hh6DccLD46Rj7SN8IVuJOe vJ/drf+wQBdTQI9KSzYkQT3KZQnLsCNrzd9kSAiSGP4b8lYHeQXEgEJ0A/cfzHTL eeEvk0UdaTuFd3I3P9TrAHZevsVqBukfcHyZNaJ/53VZluHwam6LdvhNG7pGdx3F zHDyHhcY7L1ENbdyIt+t0S2q4b4KyDKvzuBTLHutogxVzkN7eRkcOJg6PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBMt6pLo3Nq+mokfhe5VCmS/dd/hMB8GA1UdIwQY MBaAFMUb31MzessYsnaVLDV+kZgLzFsMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYt MWJiNDMwNjA2NTM1LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYtMWJiNDMwNjA2NTM1 LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc47pnnJH 3Vsujo+LqTp8CxUgyJ7/Z4nJ+Km9a44m8NV2BDM+3+5esVsQ/xdtveixHYXrR0Oq 56+y7aEOOJw6gS8rAOJdxvndDxCkqn734141AqE2mB2AlaxFX9/O6rw4oWC1/Z4H k8Xghmm7eKrmCxMm8Ry4bAfv6QnO2xDQHt3VJ1uFlxHMIl6CPPCzovdJpQtbnbVi Y4aTZookwo9L9JNJv2uwYjGvp4MOcA+QbEHQTaWghQHU2ECnbLfRjfCb+XmHV6Sq O90MPwGsC2SGJMcU7jrxOziVdcodIH3A5hDtBq6qH+NJzGOtp3Tpf/Sxe7aJhRhX WZymkMX53/2Dpw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:20 2025 by rpki-client