This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft File: XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json) Hash identifier: JheufIXs3ATdSZfHjenFQiDi2iWrIFLpZa2NNDm+f58= Subject key identifier: DD:C1:4F:A8:60:6A:54:BF:5C:09:A0:03:D4:B7:57:28:61:F4:27:42 Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46 Certificate issuer: /CN=5f3a03eafa04c83923bd86932461850df5f78146 Certificate serial: 019AF088254A504D8BD836F61051DD2C3B93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft Manifest number: 13BB Signing time: Fri 05 Dec 2025 22:00:45 +0000 Manifest this update: Fri 05 Dec 2025 22:00:45 +0000 Manifest next update: Sat 06 Dec 2025 22:00:45 +0000 Files and hashes: 1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: CN+VH8qxANszRCdRsAQEdf+Z8yVlGZvj8Wq+44ExxwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:25:4a:50:4d:8b:d8:36:f6:10:51:dd:2c:3b:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146 Validity Not Before: Dec 5 22:00:45 2025 GMT Not After : Dec 6 22:00:45 2025 GMT Subject: CN=ddc14fa8606a54bf5c09a003d4b7572861f42742 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:71:7b:e0:46:2f:c1:fd:dc:38:79:69:d6:cb: 05:85:de:5f:a2:ab:66:51:ce:aa:77:9e:33:42:42: 3f:9e:70:70:31:4f:4d:60:3f:0b:06:8f:fe:76:59: 53:cd:f3:86:fd:16:6c:80:d5:af:9f:ac:91:fb:ac: 7e:03:5b:01:47:2c:aa:6f:57:0d:8f:ce:15:44:2a: e4:f3:e7:be:99:56:79:b1:0d:91:f1:67:58:55:82: ed:47:fc:10:5b:cb:13:e7:85:e0:81:bc:79:bb:d4: e1:6a:84:2f:3b:db:b8:1d:ab:5a:17:c5:46:82:dd: 5c:5b:e9:8b:c3:ea:36:f7:fc:78:1b:d3:56:26:4e: 48:31:a9:8e:cb:4f:58:fd:17:7f:7a:7c:96:3f:24: be:60:f2:08:b3:ef:9b:27:96:35:1e:97:01:95:18: e8:bc:30:17:0d:8c:e6:ad:c5:f2:6a:9d:c4:b1:81: d8:77:eb:1e:ca:23:12:6d:1c:20:fa:26:09:b5:ee: c2:fe:2c:26:76:fd:03:c2:eb:13:92:25:8a:85:bc: 1a:fe:b6:70:01:f6:31:24:d7:44:ba:5b:6b:79:8e: 55:31:0a:90:87:66:30:ed:8f:bf:5d:9f:6b:6f:83: 5f:40:c9:20:15:a6:d4:46:e2:13:84:1c:e8:9c:f0: 29:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:C1:4F:A8:60:6A:54:BF:5C:09:A0:03:D4:B7:57:28:61:F4:27:42 X509v3 Authority Key Identifier: keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:ae:3f:7c:60:f8:6b:44:a7:b4:dc:1b:9e:9b:52:44:55:41: 9a:6a:38:a4:1a:73:7d:f4:82:fb:8c:61:4d:17:7b:c9:be:fd: cd:21:cc:49:42:26:64:a1:3d:78:8b:86:1a:84:ed:36:37:8d: 31:49:51:09:ee:86:76:51:f5:92:e3:48:b2:b7:bf:61:b4:e4: 96:de:28:38:cb:b5:67:dc:7b:2d:5a:1c:f8:a0:cf:bc:be:55: 2b:d3:6c:59:ba:00:f9:e9:e7:fc:87:fc:cf:8e:60:e6:d4:4a: 3e:2e:73:36:1a:06:ec:d1:61:40:7f:dd:40:86:c5:cd:11:12: c2:ad:c9:89:16:77:53:38:49:fa:22:46:52:54:d9:4c:e8:86: d5:7c:b3:9a:e1:4a:66:4d:f4:df:27:8f:78:af:e3:48:9c:ab: 82:7b:10:65:87:ae:a1:1a:0f:e4:3e:24:96:c3:f6:1c:75:0a: 78:ba:04:d5:0b:56:d4:04:35:90:2d:6d:da:44:82:dc:14:c4: c0:67:02:0a:35:46:91:4a:74:36:9b:96:65:cd:78:c4:14:9b: 7a:54:ae:f1:3d:5c:be:53:e8:2e:4f:d0:82:df:9d:4e:c6:90: 3e:57:5c:0e:16:48:aa:af:8e:35:79:81:65:03:5f:36:df:66: d9:99:29:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiCVKUE2L2Db2EFHdLDuTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm NzgxNDYwHhcNMjUxMjA1MjIwMDQ1WhcNMjUxMjA2MjIwMDQ1WjAzMTEwLwYDVQQD EyhkZGMxNGZhODYwNmE1NGJmNWMwOWEwMDNkNGI3NTcyODYxZjQyNzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnF74EYvwf3cOHlp1ssFhd5foqtm Uc6qd54zQkI/nnBwMU9NYD8LBo/+dllTzfOG/RZsgNWvn6yR+6x+A1sBRyyqb1cN j84VRCrk8+e+mVZ5sQ2R8WdYVYLtR/wQW8sT54Xggbx5u9ThaoQvO9u4HataF8VG gt1cW+mLw+o29/x4G9NWJk5IMamOy09Y/Rd/enyWPyS+YPIIs++bJ5Y1HpcBlRjo vDAXDYzmrcXyap3EsYHYd+seyiMSbRwg+iYJte7C/iwmdv0DwusTkiWKhbwa/rZw AfYxJNdEultreY5VMQqQh2Yw7Y+/XZ9rb4NfQMkgFabURuIThBzonPAp9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3BT6hgalS/XAmgA9S3Vyhh9CdCMB8GA1UdIwQY MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqK4/fGD4 a0SntNwbnptSRFVBmmo4pBpzffSC+4xhTRd7yb79zSHMSUImZKE9eIuGGoTtNjeN MUlRCe6GdlH1kuNIsre/YbTklt4oOMu1Z9x7LVoc+KDPvL5VK9NsWboA+enn/If8 z45g5tRKPi5zNhoG7NFhQH/dQIbFzRESwq3JiRZ3UzhJ+iJGUlTZTOiG1XyzmuFK Zk303yePeK/jSJyrgnsQZYeuoRoP5D4klsP2HHUKeLoE1QtW1AQ1kC1t2kSC3BTE wGcCCjVGkUp0NpuWZc14xBSbelSu8T1cvlPoLk/Qgt+dTsaQPldcDhZIqq+ONXmB ZQNfNt9m2ZkpnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:13:27 2025 by rpki-client