This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft File: XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft (raw, json) Hash identifier: LWwJHA8TCOrYljQdrAoGInjpPtpzWJBhLJDvbi+68IE= Subject key identifier: AE:11:CC:5F:53:62:41:21:94:12:D7:F8:07:65:6A:DC:7A:FC:0F:16 Authority key identifier: 5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6 Certificate issuer: /CN=5c02f981bee79521a304b68f667feaed81ea3ff6 Certificate serial: 019AF389F9E53922448008485F60AEC524BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft Manifest number: 11BB Signing time: Sat 06 Dec 2025 12:01:37 +0000 Manifest this update: Sat 06 Dec 2025 12:01:37 +0000 Manifest next update: Sun 07 Dec 2025 12:01:37 +0000 Files and hashes: 1: XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl (hash: PyMJE1qd2XmMbIaScWjdWKqlynsu2hLKw0kgvAyveNM=) 2: o5qKOTRfTPnYThdIYO9xUeKi2sc.roa (hash: EOStnDBrp4FRFcFGDjBhhWwMtuAGb36N8+2XArtelwE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:f9:e5:39:22:44:80:08:48:5f:60:ae:c5:24:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c02f981bee79521a304b68f667feaed81ea3ff6 Validity Not Before: Dec 6 12:01:37 2025 GMT Not After : Dec 7 12:01:37 2025 GMT Subject: CN=ae11cc5f536241219412d7f807656adc7afc0f16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:00:15:0f:f8:2d:e2:e1:18:fa:0b:5a:4e:35: 3f:8c:d4:f1:27:06:12:3f:55:58:f8:f6:3b:89:cb: 1d:85:86:df:a9:9c:4e:cc:3f:8a:b4:2f:b7:0a:58: 62:05:f5:5c:56:63:e0:61:5e:1a:3c:e2:46:83:7e: 2d:42:d7:01:4d:dc:76:b7:93:27:fd:fb:29:8f:f9: 49:5f:79:18:eb:c3:80:68:15:9c:bf:46:2f:13:8e: 5e:78:11:1f:5e:73:97:5c:a9:01:5a:52:2e:f3:03: c2:04:05:ea:5c:cd:5b:27:18:0c:60:f2:fd:73:25: e8:d1:b8:f9:f1:1e:de:8e:b1:f0:52:a0:72:62:68: 35:77:8c:79:5a:3f:64:b1:48:8a:47:d6:9f:d7:a9: 06:ee:cf:6b:d4:67:4d:55:1f:d8:b5:d1:4e:02:57: 91:bc:cf:46:87:1c:60:cb:b8:4f:87:0b:9c:6e:94: bd:45:21:a9:be:9e:27:80:1d:e0:aa:0a:21:77:a8: f3:94:ad:f1:e1:08:4b:05:56:b0:c1:10:21:5d:66: 93:c3:00:87:82:0d:1b:9b:91:33:fb:6b:b7:b4:7a: 2e:16:a2:01:9c:07:6c:c3:d8:61:56:fc:90:40:2e: 79:62:03:cb:69:0f:15:0d:b0:c8:d0:57:6e:27:b7: 97:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:11:CC:5F:53:62:41:21:94:12:D7:F8:07:65:6A:DC:7A:FC:0F:16 X509v3 Authority Key Identifier: keyid:5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:c5:64:61:ba:15:ca:e5:87:09:2b:d3:36:9d:64:98:0d:20: 10:3f:c5:f3:19:82:89:ed:dd:a9:a8:bd:e6:e3:31:19:ba:a9: d9:d5:96:b0:a2:59:6e:41:43:be:2a:0e:77:e5:9a:27:0a:ff: 32:1c:9d:8c:e2:8e:3c:c5:ea:61:36:2f:43:c0:50:9d:eb:83: 87:8b:aa:82:d6:bd:70:b3:ef:3d:cd:e7:3b:7a:eb:3b:91:88: 67:f9:dd:56:a9:15:95:4d:ec:64:ac:e0:4a:4b:53:30:00:8e: 13:77:37:64:da:52:81:54:b2:ce:c1:1c:60:3f:13:c6:ec:31: 30:74:dd:be:c2:d4:7a:d8:11:29:98:6f:ed:45:32:34:bd:eb: d1:d0:6f:ec:45:4f:0b:62:90:88:e0:5c:14:e3:f6:29:11:3b: 9e:cf:3a:22:6c:fa:33:77:18:f1:84:b2:00:75:83:1d:d4:17: 17:16:75:10:81:aa:f5:f9:77:6f:ae:07:81:78:e7:38:9a:2f: dd:f5:f8:62:b3:6d:37:57:27:ee:82:8a:06:18:67:59:ab:88: 92:fe:f5:53:32:3d:69:bf:ec:c9:ee:9c:86:3e:7f:56:af:47: 9c:50:e4:9f:bf:cb:85:7e:e2:a1:3a:d5:31:15:c1:14:43:7e: e4:cc:30:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzifnlOSJEgAhIX2CuxSS+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjMDJmOTgxYmVlNzk1MjFhMzA0YjY4ZjY2N2ZlYWVkODFl YTNmZjYwHhcNMjUxMjA2MTIwMTM3WhcNMjUxMjA3MTIwMTM3WjAzMTEwLwYDVQQD EyhhZTExY2M1ZjUzNjI0MTIxOTQxMmQ3ZjgwNzY1NmFkYzdhZmMwZjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQAVD/gt4uEY+gtaTjU/jNTxJwYS P1VY+PY7icsdhYbfqZxOzD+KtC+3ClhiBfVcVmPgYV4aPOJGg34tQtcBTdx2t5Mn /fspj/lJX3kY68OAaBWcv0YvE45eeBEfXnOXXKkBWlIu8wPCBAXqXM1bJxgMYPL9 cyXo0bj58R7ejrHwUqByYmg1d4x5Wj9ksUiKR9af16kG7s9r1GdNVR/YtdFOAleR vM9Ghxxgy7hPhwucbpS9RSGpvp4ngB3gqgohd6jzlK3x4QhLBVawwRAhXWaTwwCH gg0bm5Ez+2u3tHouFqIBnAdsw9hhVvyQQC55YgPLaQ8VDbDI0FduJ7eXAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK4RzF9TYkEhlBLX+Adlatx6/A8WMB8GA1UdIwQY MBaAFFwC+YG+55UhowS2j2Z/6u2B6j/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83YzNjNDAtODdhMS00ODJiLTk3ZjMt MzdkMmIwMzJiYTU3LzEvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi83YzNjNDAtODdhMS00ODJiLTk3ZjMtMzdkMmIwMzJiYTU3 LzEvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANcVkYboV yuWHCSvTNp1kmA0gED/F8xmCie3dqai95uMxGbqp2dWWsKJZbkFDvioOd+WaJwr/ MhydjOKOPMXqYTYvQ8BQneuDh4uqgta9cLPvPc3nO3rrO5GIZ/ndVqkVlU3sZKzg SktTMACOE3c3ZNpSgVSyzsEcYD8TxuwxMHTdvsLUetgRKZhv7UUyNL3r0dBv7EVP C2KQiOBcFOP2KRE7ns86Imz6M3cY8YSyAHWDHdQXFxZ1EIGq9fl3b64HgXjnOJov 3fX4YrNtN1cn7oKKBhhnWauIkv71UzI9ab/sye6chj5/Vq9HnFDkn7/LhX7ioTrV MRXBFEN+5MwwJw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:16:47 2025 by rpki-client