This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft File: X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft (raw, json) Hash identifier: 1bmsRv00LqsFMt9NZrEf7v5tJ/wJiJuAnULzOh+0dgU= Subject key identifier: C8:CB:8E:81:B6:74:B5:C1:9A:C0:4B:D5:38:4E:28:E6:51:73:83:DB Authority key identifier: 5F:DD:1E:8C:23:94:D1:8E:87:6C:2D:57:01:6E:7E:D8:98:05:A6:67 Certificate issuer: /CN=5fdd1e8c2394d18e876c2d57016e7ed89805a667 Certificate serial: 019AF1D1C7F120F26653D721A13AE288E94C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft Manifest number: 0F21 Signing time: Sat 06 Dec 2025 04:00:48 +0000 Manifest this update: Sat 06 Dec 2025 04:00:48 +0000 Manifest next update: Sun 07 Dec 2025 04:00:48 +0000 Files and hashes: 1: X90ejCOU0Y6HbC1XAW5-2JgFpmc.crl (hash: RGgZ53oXGUINyMa+bCBoffI2z3yLPfxVgsgAZxZZCxU=) 2: d0esey8AL3oqWdpXKQi0WyV7ktQ.roa (hash: J4cOoBAYf62aaAeG5Hi7u+/pYelZ41GqNxwzMAQ75xY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:c7:f1:20:f2:66:53:d7:21:a1:3a:e2:88:e9:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fdd1e8c2394d18e876c2d57016e7ed89805a667 Validity Not Before: Dec 6 04:00:48 2025 GMT Not After : Dec 7 04:00:48 2025 GMT Subject: CN=c8cb8e81b674b5c19ac04bd5384e28e6517383db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:40:a6:8c:24:b2:f8:1c:a9:12:3c:73:ae:ca: 23:a2:9a:21:f1:72:d3:72:b7:27:93:31:18:d9:ec: 8a:1e:0d:09:13:52:ed:b1:93:1b:05:99:a4:f7:1a: 92:22:9d:ec:6e:4d:29:ea:c2:c4:2e:94:05:d2:00: 1c:5a:9f:ea:63:3c:e7:0b:79:94:37:2e:c3:ac:d5: fd:24:65:5d:ed:3d:91:c9:34:11:36:da:60:c7:e7: 09:b1:8d:06:ac:46:fd:d7:36:a9:54:34:f0:2a:2d: 58:20:c4:9d:03:e3:49:14:0a:80:fa:fb:7a:72:02: 7c:46:ed:d5:f4:79:98:68:7b:da:94:30:13:35:df: 5d:41:22:4b:2c:97:68:f9:48:29:d7:db:42:ad:c9: 89:75:dc:2a:a2:13:32:7d:f3:32:a9:eb:20:6b:89: 87:51:bc:e8:48:47:f7:10:f5:23:6a:f7:4a:01:74: 8a:3b:c5:93:b1:ac:06:d3:65:2a:a5:10:c3:b3:47: 24:81:be:1e:16:c7:b6:78:a1:36:98:bd:b5:1f:81: 85:2b:34:b3:73:da:56:94:4d:6d:51:19:5f:37:2a: 34:48:32:48:f5:82:9e:db:c3:c2:ac:52:05:c3:cc: e4:39:9c:71:74:43:69:32:37:61:61:47:c9:f9:33: 29:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:CB:8E:81:B6:74:B5:C1:9A:C0:4B:D5:38:4E:28:E6:51:73:83:DB X509v3 Authority Key Identifier: keyid:5F:DD:1E:8C:23:94:D1:8E:87:6C:2D:57:01:6E:7E:D8:98:05:A6:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption df:32:e2:03:e0:8e:38:b7:5e:81:9d:da:8e:3f:52:5a:e9:76: 44:1e:56:bd:39:21:f9:b0:1a:0c:e3:df:35:a9:bd:37:90:3d: 94:85:df:7d:cb:bc:5a:f5:43:00:30:95:81:e7:8c:00:5a:eb: 74:ca:d9:6f:74:1d:e1:df:62:44:66:7f:28:12:34:5b:8e:c6: 2a:2d:c5:0e:73:b1:85:f6:ae:9c:8e:3d:b2:60:5c:54:cb:89: f6:fb:82:9e:e5:75:18:d6:c4:0d:a3:b9:ba:88:4e:1f:b0:f6: 3f:ef:d9:ec:2f:14:98:f9:0a:5f:5d:31:69:5e:15:8a:80:a3: 1e:57:85:d2:75:0d:0e:68:cf:61:cd:e5:02:83:77:cb:ce:a1: 2e:5c:e0:f8:ba:9f:55:4c:ca:89:97:7e:f4:cd:67:ed:1c:d0: c6:f6:a6:66:2e:f5:d1:df:f2:9d:1a:78:a5:7b:be:f4:f9:a4: fc:22:c6:9c:1b:29:bb:e0:55:56:65:f6:ac:6f:36:2e:fb:38: 15:27:6e:24:15:d7:3f:39:52:cf:fb:4a:9a:03:69:d6:11:21: 5f:86:ef:89:f7:f1:1d:2d:ba:e4:3a:ce:02:52:f0:54:40:76: b4:8c:88:05:00:29:df:9a:e8:d1:58:f5:a4:5b:95:99:2b:bc: cf:48:f4:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0cfxIPJmU9choTriiOlMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmZGQxZThjMjM5NGQxOGU4NzZjMmQ1NzAxNmU3ZWQ4OTgw NWE2NjcwHhcNMjUxMjA2MDQwMDQ4WhcNMjUxMjA3MDQwMDQ4WjAzMTEwLwYDVQQD EyhjOGNiOGU4MWI2NzRiNWMxOWFjMDRiZDUzODRlMjhlNjUxNzM4M2RiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ECmjCSy+BypEjxzrsojopoh8XLT crcnkzEY2eyKHg0JE1LtsZMbBZmk9xqSIp3sbk0p6sLELpQF0gAcWp/qYzznC3mU Ny7DrNX9JGVd7T2RyTQRNtpgx+cJsY0GrEb91zapVDTwKi1YIMSdA+NJFAqA+vt6 cgJ8Ru3V9HmYaHvalDATNd9dQSJLLJdo+Ugp19tCrcmJddwqohMyffMyqesga4mH UbzoSEf3EPUjavdKAXSKO8WTsawG02UqpRDDs0ckgb4eFse2eKE2mL21H4GFKzSz c9pWlE1tURlfNyo0SDJI9YKe28PCrFIFw8zkOZxxdENpMjdhYUfJ+TMpHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMjLjoG2dLXBmsBL1ThOKOZRc4PbMB8GA1UdIwQY MBaAFF/dHowjlNGOh2wtVwFuftiYBaZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDkwZWpDT1UwWTZIYkMxWEFXNS0ySmdGcG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9hNmQ0MmMtY2ZkNy00ZWQ1LTlmODMt NWFlOTNlYzhmYjExLzEvWDkwZWpDT1UwWTZIYkMxWEFXNS0ySmdGcG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9hNmQ0MmMtY2ZkNy00ZWQ1LTlmODMtNWFlOTNlYzhmYjEx LzEvWDkwZWpDT1UwWTZIYkMxWEFXNS0ySmdGcG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3zLiA+CO OLdegZ3ajj9SWul2RB5WvTkh+bAaDOPfNam9N5A9lIXffcu8WvVDADCVgeeMAFrr dMrZb3Qd4d9iRGZ/KBI0W47GKi3FDnOxhfaunI49smBcVMuJ9vuCnuV1GNbEDaO5 uohOH7D2P+/Z7C8UmPkKX10xaV4VioCjHleF0nUNDmjPYc3lAoN3y86hLlzg+Lqf VUzKiZd+9M1n7RzQxvamZi710d/ynRp4pXu+9Pmk/CLGnBspu+BVVmX2rG82Lvs4 FSduJBXXPzlSz/tKmgNp1hEhX4bviffxHS265DrOAlLwVEB2tIyIBQAp35ro0Vj1 pFuVmSu8z0j07w== -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:25 2025 by rpki-client