This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft File: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json) Hash identifier: 2aVjWdHhHKyCjya9mQNm9iemxytHuwGntPx7ZUSqkTY= Subject key identifier: 33:0A:F6:E2:44:B0:47:76:C0:D0:8D:BE:A9:B3:20:9C:1F:D5:4D:F0 Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A Certificate issuer: /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a Certificate serial: 019B2BF8CC08A6F376B3DCC0724B9C75B5FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft Manifest number: 0D54 Signing time: Wed 17 Dec 2025 11:01:23 +0000 Manifest this update: Wed 17 Dec 2025 11:01:23 +0000 Manifest next update: Thu 18 Dec 2025 11:01:23 +0000 Files and hashes: 1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: Q3viteqSJoo6cvzp57pza3dJCVP+0LWcjXUYbq4SDNs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:cc:08:a6:f3:76:b3:dc:c0:72:4b:9c:75:b5:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a Validity Not Before: Dec 17 11:01:23 2025 GMT Not After : Dec 18 11:01:23 2025 GMT Subject: CN=330af6e244b04776c0d08dbea9b3209c1fd54df0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9e:5e:e6:fa:cf:70:cd:7d:57:2c:6f:ff:71: 2a:30:aa:86:3f:5b:96:d7:03:65:c5:7a:7a:c1:43: ca:e3:ee:11:35:88:36:5b:99:95:9a:18:8e:f6:83: 38:a3:57:fb:da:2f:a5:1a:64:7e:90:ad:da:99:e7: 59:cb:b6:af:cc:02:13:d0:6f:03:ca:de:66:0c:f6: 42:a2:5e:04:b2:e5:a1:9c:af:a8:61:09:d7:b2:0a: 76:d7:db:cc:9c:d5:02:08:42:95:62:88:33:b8:1d: 28:92:a1:21:88:ee:cd:fe:37:76:10:5c:0e:91:f0: 09:0e:f5:36:02:b3:fb:8e:23:65:e4:25:e1:33:a8: c4:97:7c:3c:ff:04:ca:c5:ef:f3:9e:2b:af:a8:93: 13:7a:54:9e:e3:2c:1a:31:40:2e:33:83:b2:8c:32: 0c:f1:33:09:36:03:a9:b9:92:20:8f:ee:26:a1:b3: 4d:37:1a:6d:33:de:03:75:d5:5f:84:13:0f:88:91: d0:ea:bc:2a:3d:a1:f2:aa:9b:99:25:a7:e0:e1:38: 89:e8:21:e8:07:1d:89:ae:f7:cd:1d:13:fa:17:91: 1f:5c:1e:ce:65:68:33:c9:6e:d1:d0:0b:ad:24:42: 2a:7e:ae:29:51:1a:39:26:66:44:10:d3:e3:98:c3: a0:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:0A:F6:E2:44:B0:47:76:C0:D0:8D:BE:A9:B3:20:9C:1F:D5:4D:F0 X509v3 Authority Key Identifier: keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption df:e0:14:88:5f:ed:47:2d:9f:6b:5a:8e:3b:7d:4f:9d:3e:a6: b2:c8:34:ea:73:a8:00:b7:38:8c:88:50:08:2a:1f:f7:96:13: 0d:8f:74:e7:f6:d5:73:f6:89:24:66:55:6a:96:f9:29:9e:14: 49:97:0c:6f:3b:04:39:9e:fb:2b:cc:95:96:47:65:da:2a:77: 9a:30:c8:3a:e5:44:ef:d7:af:2a:05:f5:02:03:65:81:b6:04: 5a:72:dd:65:7c:61:e9:6f:24:db:5d:1f:b8:3a:b5:6a:9d:c1: dc:d8:f9:c3:d8:c6:71:e1:f2:f8:21:93:d0:d6:06:bd:a6:cc: cd:d2:4b:67:dd:a5:02:63:bd:80:34:91:ac:7d:75:54:ee:36: f3:e5:d4:8e:2d:fb:71:14:19:e7:b5:f5:a8:35:18:4c:c4:34: 6d:98:fa:92:1f:be:9d:d2:c4:1d:4b:71:99:c4:90:c6:3a:38: 81:1a:f8:8f:79:5d:70:58:2e:4e:81:ac:29:b7:89:d1:76:4e: 77:08:33:b9:28:50:8d:ee:85:ae:1a:4b:55:99:58:a0:28:ce: 17:ad:c2:89:88:e9:69:3a:d9:ba:c3:a3:db:ce:e5:03:be:f1: 04:f6:3c:4a:5b:e1:2d:ad:ae:07:01:8a:6d:70:16:43:e6:e8: 62:40:23:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+MwIpvN2s9zAckucdbX7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky Njg2NGEwHhcNMjUxMjE3MTEwMTIzWhcNMjUxMjE4MTEwMTIzWjAzMTEwLwYDVQQD EygzMzBhZjZlMjQ0YjA0Nzc2YzBkMDhkYmVhOWIzMjA5YzFmZDU0ZGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ5e5vrPcM19Vyxv/3EqMKqGP1uW 1wNlxXp6wUPK4+4RNYg2W5mVmhiO9oM4o1f72i+lGmR+kK3amedZy7avzAIT0G8D yt5mDPZCol4EsuWhnK+oYQnXsgp219vMnNUCCEKVYogzuB0okqEhiO7N/jd2EFwO kfAJDvU2ArP7jiNl5CXhM6jEl3w8/wTKxe/zniuvqJMTelSe4ywaMUAuM4OyjDIM 8TMJNgOpuZIgj+4mobNNNxptM94DddVfhBMPiJHQ6rwqPaHyqpuZJafg4TiJ6CHo Bx2JrvfNHRP6F5EfXB7OZWgzyW7R0AutJEIqfq4pURo5JmZEENPjmMOgQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDMK9uJEsEd2wNCNvqmzIJwf1U3wMB8GA1UdIwQY MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3+AUiF/t Ry2fa1qOO31PnT6mssg06nOoALc4jIhQCCof95YTDY905/bVc/aJJGZVapb5KZ4U SZcMbzsEOZ77K8yVlkdl2ip3mjDIOuVE79evKgX1AgNlgbYEWnLdZXxh6W8k210f uDq1ap3B3Nj5w9jGceHy+CGT0NYGvabMzdJLZ92lAmO9gDSRrH11VO428+XUji37 cRQZ57X1qDUYTMQ0bZj6kh++ndLEHUtxmcSQxjo4gRr4j3ldcFguToGsKbeJ0XZO dwgzuShQje6FrhpLVZlYoCjOF63CiYjpaTrZusOj287lA77xBPY8SlvhLa2uBwGK bXAWQ+boYkAjBA== -----END CERTIFICATE-----Generated at Wed Dec 17 19:20:50 2025 by rpki-client