This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json) Hash identifier: AD6EwqINJTm+fZPu0OgaenIhaGFa2wlH4B/Mk8xyLYw= Subject key identifier: 09:E5:7B:54:8E:34:CE:E2:0D:EF:01:2E:EA:DF:C3:A5:B0:04:8E:AD Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Certificate serial: 019B2F6732530D2497BB6A2DE4A91F16209C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft Manifest number: 0793 Signing time: Thu 18 Dec 2025 03:00:50 +0000 Manifest this update: Thu 18 Dec 2025 03:00:50 +0000 Manifest next update: Fri 19 Dec 2025 03:00:50 +0000 Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: kfPx70eE8iOo1lafE9Xo6MMROxUBOhVT144EixuIKyg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 03:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:32:53:0d:24:97:bb:6a:2d:e4:a9:1f:16:20:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Validity Not Before: Dec 18 03:00:50 2025 GMT Not After : Dec 19 03:00:50 2025 GMT Subject: CN=09e57b548e34cee20def012eeadfc3a5b0048ead Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:e3:d4:59:c3:30:73:34:68:40:6a:0f:0e:98: 8e:b4:c9:0c:e4:88:61:b4:c9:ea:4a:2b:32:d5:ad: 43:72:1b:47:3c:0e:03:d7:f8:ea:9d:b3:30:7b:10: 53:30:e4:86:82:a5:83:75:6e:00:09:e1:a4:0b:ba: a6:9e:63:fa:10:79:50:38:89:a9:e4:bb:55:10:ae: 7f:8d:9d:e1:5e:a4:93:40:16:f2:bc:e8:2f:92:da: 89:12:e0:70:68:ef:b6:b8:91:27:6a:18:63:b7:0b: cc:d6:40:35:23:9b:cc:db:c0:a6:54:52:b0:51:9f: 3f:3a:76:83:36:5c:bb:9f:35:8e:41:f7:c5:94:dc: a7:22:f3:1b:63:9f:9b:60:cf:ea:0e:91:24:5c:13: 41:47:11:49:22:1f:1b:5c:5a:57:36:07:d7:ab:f1: 74:58:3e:a3:92:3d:5d:57:c1:30:0d:7c:7e:25:d3: 67:f1:13:52:81:e9:65:49:07:d4:6f:7f:a0:58:a2: 2e:7b:29:3e:a5:0d:91:f5:7a:74:3a:72:aa:69:0b: 49:c0:c3:fd:7b:94:95:e6:cd:51:87:e1:ec:9c:ef: 3b:08:fe:1b:a5:24:27:14:40:7a:79:8f:f4:2f:ab: 34:dd:3a:71:9c:a9:a8:2e:5a:80:42:34:87:4f:0c: b5:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E5:7B:54:8E:34:CE:E2:0D:EF:01:2E:EA:DF:C3:A5:B0:04:8E:AD X509v3 Authority Key Identifier: keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:32:7a:f8:0c:85:3e:cc:7b:61:3e:b9:19:da:5c:c6:cf:70: e7:71:f3:8e:38:02:fb:e4:06:82:b0:28:0c:7d:f1:bd:48:6e: f3:a2:77:5f:47:e1:b7:ae:f8:95:46:a0:cd:81:18:58:3f:4f: 83:ec:ae:2c:ed:cc:3e:7f:dd:26:4c:1e:d4:a7:37:dd:b3:19: 10:95:bb:dd:07:4f:b1:c0:86:ed:ca:32:d7:f9:dc:e7:69:16: ac:87:8c:ae:6d:4d:08:82:0b:22:c5:c8:e3:ca:df:63:9e:69: d4:a2:4c:83:15:48:6e:03:38:1a:2d:65:bf:19:fb:f7:6a:9b: 56:06:cc:ee:e6:dc:13:9f:86:45:e6:ea:21:1a:74:1e:44:0f: 46:1b:1f:27:49:f4:9a:b7:48:48:b7:c0:2a:e9:fe:2c:24:2a: 94:00:89:71:cd:85:39:3d:17:9a:49:bc:ea:1a:90:fd:c3:84: 25:3e:4e:7b:df:17:21:ac:96:ff:5b:9c:40:ff:a7:3d:2a:de: b1:74:34:10:c2:3a:0c:ce:bf:76:6b:30:40:3b:63:ae:f8:01: cb:97:2a:66:35:6f:d0:ce:50:c7:07:97:3b:30:90:6d:55:e9: 4f:ea:4b:3b:f8:bc:24:f1:9c:e0:b5:59:fe:fc:0e:06:94:fd: b0:1e:4d:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZzJTDSSXu2ot5KkfFiCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2 ZDA0OTUwHhcNMjUxMjE4MDMwMDUwWhcNMjUxMjE5MDMwMDUwWjAzMTEwLwYDVQQD EygwOWU1N2I1NDhlMzRjZWUyMGRlZjAxMmVlYWRmYzNhNWIwMDQ4ZWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+PUWcMwczRoQGoPDpiOtMkM5Ihh tMnqSisy1a1DchtHPA4D1/jqnbMwexBTMOSGgqWDdW4ACeGkC7qmnmP6EHlQOImp 5LtVEK5/jZ3hXqSTQBbyvOgvktqJEuBwaO+2uJEnahhjtwvM1kA1I5vM28CmVFKw UZ8/OnaDNly7nzWOQffFlNynIvMbY5+bYM/qDpEkXBNBRxFJIh8bXFpXNgfXq/F0 WD6jkj1dV8EwDXx+JdNn8RNSgellSQfUb3+gWKIueyk+pQ2R9Xp0OnKqaQtJwMP9 e5SV5s1Rh+HsnO87CP4bpSQnFEB6eY/0L6s03TpxnKmoLlqAQjSHTwy1PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAnle1SONM7iDe8BLurfw6WwBI6tMB8GA1UdIwQY MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgDJ6+AyF Psx7YT65Gdpcxs9w53HzjjgC++QGgrAoDH3xvUhu86J3X0fht674lUagzYEYWD9P g+yuLO3MPn/dJkwe1Kc33bMZEJW73QdPscCG7coy1/nc52kWrIeMrm1NCIILIsXI 48rfY55p1KJMgxVIbgM4Gi1lvxn792qbVgbM7ubcE5+GRebqIRp0HkQPRhsfJ0n0 mrdISLfAKun+LCQqlACJcc2FOT0Xmkm86hqQ/cOEJT5Oe98XIayW/1ucQP+nPSre sXQ0EMI6DM6/dmswQDtjrvgBy5cqZjVv0M5QxweXOzCQbVXpT+pLO/i8JPGc4LVZ /vwOBpT9sB5NFQ== -----END CERTIFICATE-----Generated at Thu Dec 18 08:37:52 2025 by rpki-client