This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.mft File: _xcGtTYa7OO3e5sag2JA1IS9C1Q.mft (raw, json) Hash identifier: qE10i9MhfgV6gUYk4RzerTYyJ2dR/zB/59pyAGZkUXY= Subject key identifier: CE:DE:51:CF:0C:86:CB:22:57:8D:D2:66:2E:37:45:A0:67:D4:1A:46 Authority key identifier: FF:17:06:B5:36:1A:EC:E3:B7:7B:9B:1A:83:62:40:D4:84:BD:0B:54 Certificate issuer: /CN=ff1706b5361aece3b77b9b1a836240d484bd0b54 Certificate serial: 019AF3F73FF8D29C7D5A1431B65F0E18EE15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_xcGtTYa7OO3e5sag2JA1IS9C1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.mft Manifest number: 04 Signing time: Sat 06 Dec 2025 14:00:58 +0000 Manifest this update: Sat 06 Dec 2025 14:00:58 +0000 Manifest next update: Sun 07 Dec 2025 14:00:58 +0000 Files and hashes: 1: _xcGtTYa7OO3e5sag2JA1IS9C1Q.crl (hash: AGNDuFk2f3N/73/qZkXoyjAN2PHUTIp+TOeXWT5bB+E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/_xcGtTYa7OO3e5sag2JA1IS9C1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:3f:f8:d2:9c:7d:5a:14:31:b6:5f:0e:18:ee:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff1706b5361aece3b77b9b1a836240d484bd0b54 Validity Not Before: Dec 6 14:00:58 2025 GMT Not After : Dec 7 14:00:58 2025 GMT Subject: CN=cede51cf0c86cb22578dd2662e3745a067d41a46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:5f:10:d7:1f:ab:a7:90:ed:4c:a5:ca:67: 62:8f:77:2b:8a:98:6a:2c:2f:83:c2:8f:31:44:1a: 71:f4:99:83:ff:fa:93:00:8c:09:ba:d4:75:d7:ec: 8c:0a:49:ed:d9:65:e7:48:7c:ba:7c:a8:f7:08:92: d0:84:ac:8c:0d:b0:19:1e:f9:ba:51:54:e7:16:b2: 88:36:bd:91:a8:08:cd:94:2b:7f:b0:34:a6:26:8b: c1:e0:af:84:32:8f:58:05:13:20:29:b3:a4:b8:33: 19:05:9b:e0:ca:f4:4c:28:ee:38:c1:d5:20:6a:cb: bf:64:0b:73:18:df:01:9f:24:cc:12:78:ad:d9:1c: 5b:0c:22:d9:6b:0c:9e:f4:51:a0:09:a3:e7:d1:9a: 82:a0:f2:f3:5d:db:6e:a0:26:91:15:6c:ff:ad:2a: a5:f3:51:94:29:87:26:58:a3:14:65:66:e9:ad:10: 32:67:09:71:60:ba:52:64:ab:dd:fa:5a:69:4b:e4: c4:02:1e:b7:80:51:4a:14:d3:cc:b7:fc:2e:99:55: 9e:10:4e:9f:b9:8f:c3:90:67:e5:30:79:09:29:97: a0:a1:ba:58:55:42:87:f2:18:ab:16:e9:a9:62:b5: f0:d0:08:fe:2b:5c:95:5c:ab:ce:2d:f2:ac:bb:4c: 2f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:DE:51:CF:0C:86:CB:22:57:8D:D2:66:2E:37:45:A0:67:D4:1A:46 X509v3 Authority Key Identifier: keyid:FF:17:06:B5:36:1A:EC:E3:B7:7B:9B:1A:83:62:40:D4:84:BD:0B:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_xcGtTYa7OO3e5sag2JA1IS9C1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1f95ab-f2a5-40fc-90c4-ac854cc5d051/1/_xcGtTYa7OO3e5sag2JA1IS9C1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:03:76:3f:d4:a9:26:09:7b:ae:4b:fb:0a:03:ed:2a:ab:50: d5:08:02:02:8b:20:e1:ed:39:d6:c3:95:19:00:d0:aa:1e:ae: d1:8e:c4:fb:73:81:39:2b:7d:de:57:6f:08:58:d0:7d:63:51: bd:f1:a0:4b:7b:28:58:fc:e5:fa:4e:99:ca:e2:8d:88:50:f3: 83:70:0c:bf:21:ac:41:53:c1:d3:c3:1d:17:49:7a:ff:f7:e6: 90:da:c8:e7:95:f7:02:bb:57:c4:a2:04:44:56:8b:14:23:68: 36:c9:c1:a0:0e:86:40:ae:53:58:b5:80:24:02:38:a5:ea:f6: 18:fe:5b:c7:e2:f8:a1:7e:67:85:30:d8:30:3f:17:2d:02:95: 70:69:48:6b:be:8d:f9:cb:21:3c:82:f3:25:46:c1:a1:17:df: 95:a4:cd:11:77:c8:15:05:8f:2a:8b:6d:10:92:9b:54:07:4c: 31:78:71:e0:6c:9a:10:1a:e0:4a:8e:10:12:76:4e:f8:24:96: 9f:f0:6e:d8:4f:21:52:9a:2f:e8:31:26:67:4b:a2:d4:28:82: 78:ff:35:67:e0:cb:7d:33:44:c6:4e:48:36:c8:d7:ca:eb:29: 32:f7:1e:59:13:3d:4b:a2:d4:ad:e4:84:16:ca:7a:eb:d0:22: 44:b0:23:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9z/40px9WhQxtl8OGO4VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmMTcwNmI1MzYxYWVjZTNiNzdiOWIxYTgzNjI0MGQ0ODRi ZDBiNTQwHhcNMjUxMjA2MTQwMDU4WhcNMjUxMjA3MTQwMDU4WjAzMTEwLwYDVQQD EyhjZWRlNTFjZjBjODZjYjIyNTc4ZGQyNjYyZTM3NDVhMDY3ZDQxYTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw11fENcfq6eQ7Uylymdij3criphq LC+Dwo8xRBpx9JmD//qTAIwJutR11+yMCknt2WXnSHy6fKj3CJLQhKyMDbAZHvm6 UVTnFrKINr2RqAjNlCt/sDSmJovB4K+EMo9YBRMgKbOkuDMZBZvgyvRMKO44wdUg asu/ZAtzGN8BnyTMEnit2RxbDCLZawye9FGgCaPn0ZqCoPLzXdtuoCaRFWz/rSql 81GUKYcmWKMUZWbprRAyZwlxYLpSZKvd+lppS+TEAh63gFFKFNPMt/wumVWeEE6f uY/DkGflMHkJKZegobpYVUKH8hirFumpYrXw0Aj+K1yVXKvOLfKsu0wvAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM7eUc8MhssiV43SZi43RaBn1BpGMB8GA1UdIwQY MBaAFP8XBrU2Guzjt3ubGoNiQNSEvQtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3hjR3RUWWE3T08zZTVzYWcySkExSVM5QzFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xZjk1YWItZjJhNS00MGZjLTkwYzQt YWM4NTRjYzVkMDUxLzEvX3hjR3RUWWE3T08zZTVzYWcySkExSVM5QzFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8xZjk1YWItZjJhNS00MGZjLTkwYzQtYWM4NTRjYzVkMDUx LzEvX3hjR3RUWWE3T08zZTVzYWcySkExSVM5QzFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuwN2P9Sp Jgl7rkv7CgPtKqtQ1QgCAosg4e051sOVGQDQqh6u0Y7E+3OBOSt93ldvCFjQfWNR vfGgS3soWPzl+k6ZyuKNiFDzg3AMvyGsQVPB08MdF0l6//fmkNrI55X3ArtXxKIE RFaLFCNoNsnBoA6GQK5TWLWAJAI4per2GP5bx+L4oX5nhTDYMD8XLQKVcGlIa76N +cshPILzJUbBoRfflaTNEXfIFQWPKottEJKbVAdMMXhx4GyaEBrgSo4QEnZO+CSW n/Bu2E8hUpov6DEmZ0ui1CiCeP81Z+DLfTNExk5INsjXyuspMvceWRM9S6LUreSE Fsp669AiRLAjcw== -----END CERTIFICATE-----Generated at Sat Dec 6 16:15:08 2025 by rpki-client