This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft File: xLCiTzhOiW3lHlg149KEYHtJxZE.mft (raw, json) Hash identifier: J3E/UIDicasO9BgWDmcMwroBz+NJsR25/sTezeg4Ae4= Subject key identifier: 5E:C5:BD:F4:CD:58:C8:BA:9C:3D:DE:F8:35:2E:B0:D3:22:79:33:35 Authority key identifier: C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91 Certificate issuer: /CN=c4b0a24f384e896de51e5835e3d284607b49c591 Certificate serial: 019AF31C3794449C244FF62120AFAF77BE63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft Manifest number: 0236 Signing time: Sat 06 Dec 2025 10:01:43 +0000 Manifest this update: Sat 06 Dec 2025 10:01:43 +0000 Manifest next update: Sun 07 Dec 2025 10:01:43 +0000 Files and hashes: 1: xLCiTzhOiW3lHlg149KEYHtJxZE.crl (hash: r40IYv3cWwAF4cl7rFiqOi7b1Tr//T+sLBp9SYMBoZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:37:94:44:9c:24:4f:f6:21:20:af:af:77:be:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4b0a24f384e896de51e5835e3d284607b49c591 Validity Not Before: Dec 6 10:01:43 2025 GMT Not After : Dec 7 10:01:43 2025 GMT Subject: CN=5ec5bdf4cd58c8ba9c3ddef8352eb0d322793335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f5:d0:35:dd:7a:3d:9d:ef:2b:bc:47:56:dd: e7:49:dd:fd:f4:df:0f:e5:5d:3c:bf:22:8f:db:11: a7:c4:f0:d9:fa:63:95:5a:c1:56:91:ee:f1:fe:9c: 7a:71:69:59:48:ff:16:9c:d9:b6:e5:9b:f3:ba:8a: 46:4a:db:bb:16:bf:cf:70:f6:99:d9:2c:0c:1c:34: a9:b6:15:c7:b5:ac:13:2d:0f:f7:4b:6a:ca:ff:f6: 03:7b:3a:20:b4:f5:54:54:2c:27:6c:15:c8:23:b9: e8:98:1d:50:c7:c0:b7:d3:7d:7e:bf:d5:01:a4:78: 8a:72:17:5e:ab:ee:db:b3:74:b6:9e:ce:62:fe:5f: ad:eb:96:ea:33:dc:3a:b6:0a:73:c0:14:eb:44:87: 6f:0c:de:ad:b5:e9:65:05:9b:48:23:dd:4d:b8:48: 1d:7f:73:d4:2c:90:63:1f:b8:67:9e:09:4b:90:e8: fb:51:0f:43:89:99:86:af:49:19:24:4b:b2:a5:3f: 00:9c:69:5b:dc:83:07:cf:86:29:00:e3:8b:6f:13: 64:2c:fa:55:81:16:da:2e:28:58:02:c2:80:71:24: d1:37:35:a5:e0:3c:58:f0:79:07:72:c5:8c:0e:68: ff:f7:63:78:3d:50:8f:6c:ae:61:a5:8e:f8:e5:f1: 3e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:C5:BD:F4:CD:58:C8:BA:9C:3D:DE:F8:35:2E:B0:D3:22:79:33:35 X509v3 Authority Key Identifier: keyid:C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c5:43:4c:44:e6:a8:61:ce:2e:b7:27:87:d7:d2:0a:46:a3:f6: 6e:07:0d:ec:21:55:f7:7e:bb:7f:5d:64:85:df:21:fd:ec:bc: 7e:81:89:29:aa:f0:20:1c:14:7f:4e:59:40:a3:cb:35:c9:c5: 0f:fe:5f:6d:93:f8:60:d6:16:44:51:e3:62:24:62:4a:4c:09: 2b:52:3c:85:58:5e:1e:4a:01:35:20:f2:2c:f6:1f:f7:f0:dd: a5:b1:1f:4d:c8:87:19:b7:3f:6f:b9:98:b2:d1:11:a8:9c:32: 8a:fb:26:b5:ef:40:0f:13:a5:63:9e:cd:58:6f:92:60:19:3c: 22:42:9f:f8:d5:06:ee:3e:b3:f7:87:cd:b0:99:cf:97:6f:f8: 2b:6c:4d:3e:2b:2b:b7:58:0e:ac:b5:4c:ca:26:c3:98:af:03: ab:79:25:74:57:0b:72:ba:02:21:9c:78:6f:1d:f2:5a:b8:88: 3a:0c:d8:61:e3:26:3f:d8:6b:ce:98:e2:0d:53:22:6a:04:bd: 16:04:71:0c:6b:ad:f0:19:81:e9:78:4e:ee:fd:46:20:5b:ad: 1f:1e:eb:eb:4d:80:e2:d5:76:93:bd:00:9a:f7:e2:93:bc:ac: 34:1b:b7:48:0c:e2:d1:ea:a2:7f:32:d6:dc:23:ef:26:60:4c: e8:fa:6f:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHDeURJwkT/YhIK+vd75jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0YjBhMjRmMzg0ZTg5NmRlNTFlNTgzNWUzZDI4NDYwN2I0 OWM1OTEwHhcNMjUxMjA2MTAwMTQzWhcNMjUxMjA3MTAwMTQzWjAzMTEwLwYDVQQD Eyg1ZWM1YmRmNGNkNThjOGJhOWMzZGRlZjgzNTJlYjBkMzIyNzkzMzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPXQNd16PZ3vK7xHVt3nSd399N8P 5V08vyKP2xGnxPDZ+mOVWsFWke7x/px6cWlZSP8WnNm25ZvzuopGStu7Fr/PcPaZ 2SwMHDSpthXHtawTLQ/3S2rK//YDezogtPVUVCwnbBXII7nomB1Qx8C3031+v9UB pHiKchdeq+7bs3S2ns5i/l+t65bqM9w6tgpzwBTrRIdvDN6ttellBZtII91NuEgd f3PULJBjH7hnnglLkOj7UQ9DiZmGr0kZJEuypT8AnGlb3IMHz4YpAOOLbxNkLPpV gRbaLihYAsKAcSTRNzWl4DxY8HkHcsWMDmj/92N4PVCPbK5hpY745fE+kwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF7FvfTNWMi6nD3e+DUusNMieTM1MB8GA1UdIwQY MBaAFMSwok84Tolt5R5YNePShGB7ScWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgt Yjg2YTZmMjYyNjMzLzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgtYjg2YTZmMjYyNjMz LzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxUNMROao Yc4utyeH19IKRqP2bgcN7CFV9367f11khd8h/ey8foGJKarwIBwUf05ZQKPLNcnF D/5fbZP4YNYWRFHjYiRiSkwJK1I8hVheHkoBNSDyLPYf9/DdpbEfTciHGbc/b7mY stERqJwyivsmte9ADxOlY57NWG+SYBk8IkKf+NUG7j6z94fNsJnPl2/4K2xNPisr t1gOrLVMyibDmK8Dq3kldFcLcroCIZx4bx3yWriIOgzYYeMmP9hrzpjiDVMiagS9 FgRxDGut8BmB6XhO7v1GIFutHx7r602A4tV2k70Amvfik7ysNBu3SAzi0eqifzLW 3CPvJmBM6Ppvcw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:24:00 2025 by rpki-client