This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft File: XbdXv1dG8moHySCHAbDVS2m8M2Q.mft (raw, json) Hash identifier: OF/vuFoTQAJdMACHrKvyQVhRLT3XnEEtz7zzw8sW+Zs= Subject key identifier: 54:70:C4:DA:09:3B:AC:BB:DE:5F:F7:13:C3:33:E4:82:7F:EF:BF:BE Authority key identifier: 5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64 Certificate issuer: /CN=5db757bf5746f26a07c9208701b0d54b69bc3364 Certificate serial: 019AF19AB88633EC99F23A1E8D1D4F8B4E45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft Manifest number: 062D Signing time: Sat 06 Dec 2025 03:00:40 +0000 Manifest this update: Sat 06 Dec 2025 03:00:40 +0000 Manifest next update: Sun 07 Dec 2025 03:00:40 +0000 Files and hashes: 1: XbdXv1dG8moHySCHAbDVS2m8M2Q.crl (hash: lK+kedhD6vdCo9BewHsMrNZ41d3lUdm+cfcCFK1UR8o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:b8:86:33:ec:99:f2:3a:1e:8d:1d:4f:8b:4e:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5db757bf5746f26a07c9208701b0d54b69bc3364 Validity Not Before: Dec 6 03:00:40 2025 GMT Not After : Dec 7 03:00:40 2025 GMT Subject: CN=5470c4da093bacbbde5ff713c333e4827fefbfbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:e0:83:5d:91:59:0f:b5:98:43:8a:ae:c4:8d: af:07:a1:d3:ea:52:1d:45:07:c2:b1:04:20:11:c1: 92:fc:8f:f8:39:70:8f:22:03:f5:b5:1a:27:84:d6: d5:06:bf:99:9a:a5:12:d3:69:f6:f8:3d:a0:61:31: 95:65:70:45:66:59:2b:a8:6b:07:1f:01:60:9d:5a: 93:78:23:12:5d:f4:f8:80:35:ff:c9:43:c2:cb:59: 16:5f:0c:42:32:f4:30:5a:b5:4e:f9:b0:b3:7d:5f: 8d:39:1f:25:84:fc:01:df:ec:db:74:41:bf:eb:d7: 38:5f:7f:7d:11:c3:c0:9a:57:cb:c0:14:0a:6f:46: 8b:e0:13:42:43:56:ed:b8:8f:e3:be:c1:34:64:68: cd:2a:f4:1d:eb:d7:1d:c1:26:09:46:bf:1d:62:f1: a1:d1:af:53:16:bf:74:6b:d6:4f:60:9c:e9:64:cf: 68:ed:03:fc:7c:41:20:eb:d2:5c:65:15:ec:56:bd: 10:d4:22:d4:05:a4:09:40:8f:72:9b:ec:5d:39:21: 83:4f:c2:df:16:a3:a1:f0:9c:76:bc:fb:07:8d:0b: d1:11:42:cc:d2:4f:68:d7:82:ba:7c:1d:ee:8f:86: 81:78:34:d9:64:dc:6d:31:5f:c2:1e:66:91:69:8b: ad:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:70:C4:DA:09:3B:AC:BB:DE:5F:F7:13:C3:33:E4:82:7F:EF:BF:BE X509v3 Authority Key Identifier: keyid:5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:ed:2c:a6:06:33:02:03:84:9e:3b:ee:d8:31:31:91:36:f5: d8:12:16:86:6d:bd:96:5c:6f:e6:8f:9a:71:5e:0a:bf:6b:dc: 75:87:57:ce:09:b3:9a:d2:7b:66:f9:ab:e4:6f:57:5c:cf:98: ef:4a:ca:7c:1c:96:1c:d1:41:6e:5c:44:9a:be:58:52:1d:27: 0b:01:37:d1:ae:1c:00:75:0e:f2:a5:25:6e:67:be:c8:c8:27: 58:04:a4:b3:1a:7d:d4:52:fd:ed:13:6c:a8:4f:44:c3:d8:81: d8:eb:c6:d7:a6:f4:9d:60:0d:c5:49:bb:1b:df:c4:ba:b5:c1: 7c:a4:ca:2f:a9:a0:ef:d2:4c:fb:31:80:30:f4:14:99:54:64: 2e:de:df:79:c7:d6:75:ed:cc:d9:5d:f9:bd:aa:6b:8f:7b:94: 2d:47:7e:51:4d:ff:4d:7c:eb:64:a9:69:c8:6d:c5:03:d9:ec: 53:e3:9d:5e:62:d6:b1:45:d6:ff:f8:5d:44:a0:c8:a7:6c:60: 70:a5:eb:0b:b5:ff:3c:16:df:43:86:66:a0:6a:83:d7:d3:a4: c0:6b:e7:0f:51:ef:1d:41:ca:9f:ac:f2:3d:39:d4:0a:ce:f8: 6f:fe:c0:59:9f:6d:ae:d8:3e:ac:e3:77:aa:15:2a:c0:bf:c4: f8:fc:6e:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmriGM+yZ8joejR1Pi05FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYjc1N2JmNTc0NmYyNmEwN2M5MjA4NzAxYjBkNTRiNjli YzMzNjQwHhcNMjUxMjA2MDMwMDQwWhcNMjUxMjA3MDMwMDQwWjAzMTEwLwYDVQQD Eyg1NDcwYzRkYTA5M2JhY2JiZGU1ZmY3MTNjMzMzZTQ4MjdmZWZiZmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+CDXZFZD7WYQ4quxI2vB6HT6lId RQfCsQQgEcGS/I/4OXCPIgP1tRonhNbVBr+ZmqUS02n2+D2gYTGVZXBFZlkrqGsH HwFgnVqTeCMSXfT4gDX/yUPCy1kWXwxCMvQwWrVO+bCzfV+NOR8lhPwB3+zbdEG/ 69c4X399EcPAmlfLwBQKb0aL4BNCQ1btuI/jvsE0ZGjNKvQd69cdwSYJRr8dYvGh 0a9TFr90a9ZPYJzpZM9o7QP8fEEg69JcZRXsVr0Q1CLUBaQJQI9ym+xdOSGDT8Lf FqOh8Jx2vPsHjQvREULM0k9o14K6fB3uj4aBeDTZZNxtMV/CHmaRaYutowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRwxNoJO6y73l/3E8Mz5IJ/77++MB8GA1UdIwQY MBaAFF23V79XRvJqB8kghwGw1UtpvDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMt M2FiNTJiM2JjYzNiLzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMtM2FiNTJiM2JjYzNi LzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEe0spgYz AgOEnjvu2DExkTb12BIWhm29llxv5o+acV4Kv2vcdYdXzgmzmtJ7Zvmr5G9XXM+Y 70rKfByWHNFBblxEmr5YUh0nCwE30a4cAHUO8qUlbme+yMgnWASksxp91FL97RNs qE9Ew9iB2OvG16b0nWANxUm7G9/EurXBfKTKL6mg79JM+zGAMPQUmVRkLt7fecfW de3M2V35vaprj3uULUd+UU3/TXzrZKlpyG3FA9nsU+OdXmLWsUXW//hdRKDIp2xg cKXrC7X/PBbfQ4ZmoGqD19OkwGvnD1HvHUHKn6zyPTnUCs74b/7AWZ9trtg+rON3 qhUqwL/E+Pxukw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:08 2025 by rpki-client