This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json) Hash identifier: wGFa/AXKzteF8zT/U/WuwPeYvki5EaqLY1Xgtmhw8js= Subject key identifier: 1B:CE:D1:CA:39:67:E2:40:8D:53:FA:65:6F:EA:29:FC:2B:61:0C:D1 Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Certificate serial: 019AF19B557DEF308C55639F783EA14914AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft Manifest number: 0773 Signing time: Sat 06 Dec 2025 03:01:20 +0000 Manifest this update: Sat 06 Dec 2025 03:01:20 +0000 Manifest next update: Sun 07 Dec 2025 03:01:20 +0000 Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: FKOoRYzpVXrjaXxjmSbdux6iEoD4GvsFNGlZWaw9VKs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:55:7d:ef:30:8c:55:63:9f:78:3e:a1:49:14:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Validity Not Before: Dec 6 03:01:20 2025 GMT Not After : Dec 7 03:01:20 2025 GMT Subject: CN=1bced1ca3967e2408d53fa656fea29fc2b610cd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:51:d3:c6:a4:4d:f2:51:e0:f1:d9:9e:63:7a: 75:eb:69:c3:53:ce:a7:fb:09:b5:7a:94:90:20:2a: 75:93:6b:05:60:c1:91:d3:53:86:2e:df:c2:68:67: ce:5e:7a:12:c8:55:05:a5:f7:3d:62:5f:22:2c:21: 1a:3b:4c:e5:79:37:d4:dc:79:47:ab:3e:3f:8e:d2: 81:dc:4b:6f:0d:09:96:15:a2:25:55:00:61:16:0f: f9:0f:88:2e:32:42:e9:97:52:54:f5:d5:b0:b6:37: 7c:6c:de:ad:00:d3:df:ad:ae:2c:de:ab:50:9a:bd: e6:aa:e1:f2:ef:b0:20:d8:26:ca:70:62:0e:6e:d2: 32:61:c6:21:c4:f7:96:72:9d:e6:8c:8f:d4:f3:4d: 28:e4:28:03:cc:c5:0a:20:78:72:b2:c1:33:cc:58: b7:c7:b3:2a:c0:d9:69:da:13:8f:7a:ae:cf:9b:33: 2a:fa:07:ea:bd:06:30:0e:61:37:90:6f:9d:10:81: 64:55:bf:2b:8b:31:90:8b:20:dc:15:5b:d2:d6:08: db:73:55:5e:79:b2:37:d0:bc:e8:94:9f:c0:c9:cd: b9:03:ee:38:b9:01:df:b2:33:e8:32:7c:e4:96:20: ba:58:03:72:f9:2a:95:3a:12:2d:fb:26:97:99:3c: 11:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:CE:D1:CA:39:67:E2:40:8D:53:FA:65:6F:EA:29:FC:2B:61:0C:D1 X509v3 Authority Key Identifier: keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:de:39:73:d5:f5:8d:c4:dc:c2:ed:f4:6e:6d:42:2c:90:75: 40:85:40:43:da:bc:be:a4:da:5c:da:d5:29:9b:0c:24:9f:5d: ee:65:52:24:41:e5:9a:26:0d:47:86:c0:58:48:31:3f:59:f3: b8:99:5a:6e:fd:d2:9d:55:39:10:e9:c1:5c:58:8f:ce:b6:44: c7:d6:69:48:ab:7e:64:69:5a:e5:27:4b:4b:ef:24:29:a7:f2: d3:f8:7c:00:b4:d2:6b:49:a6:9b:85:36:5f:57:07:bc:e6:b4: 7b:40:e9:87:8f:43:05:7b:be:8f:89:55:d8:c0:5d:87:1c:9d: 35:eb:8e:ba:81:89:54:6d:cb:18:0d:ae:66:7c:26:4b:bf:b8: 2d:38:c2:5f:31:87:95:63:a5:ac:fd:21:be:85:f6:58:60:fd: 8c:39:db:3c:2b:4d:38:4a:0c:1e:b3:34:67:32:91:42:c0:47: 43:50:01:25:79:e7:a9:61:fc:6e:9c:eb:54:32:96:b2:1b:81: de:1c:45:bd:a0:41:a3:b2:fd:c0:28:90:ad:27:9b:81:de:05: b0:6b:94:38:53:46:27:d2:2e:f6:80:72:de:42:da:77:75:d6: 30:37:f6:e4:4f:51:88:a9:d0:38:64:48:a1:fd:85:52:5e:a0: fb:e7:74:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm1V97zCMVWOfeD6hSRSqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2 ZDA0OTUwHhcNMjUxMjA2MDMwMTIwWhcNMjUxMjA3MDMwMTIwWjAzMTEwLwYDVQQD EygxYmNlZDFjYTM5NjdlMjQwOGQ1M2ZhNjU2ZmVhMjlmYzJiNjEwY2QxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1HTxqRN8lHg8dmeY3p162nDU86n +wm1epSQICp1k2sFYMGR01OGLt/CaGfOXnoSyFUFpfc9Yl8iLCEaO0zleTfU3HlH qz4/jtKB3EtvDQmWFaIlVQBhFg/5D4guMkLpl1JU9dWwtjd8bN6tANPfra4s3qtQ mr3mquHy77Ag2CbKcGIObtIyYcYhxPeWcp3mjI/U800o5CgDzMUKIHhyssEzzFi3 x7MqwNlp2hOPeq7PmzMq+gfqvQYwDmE3kG+dEIFkVb8rizGQiyDcFVvS1gjbc1Ve ebI30LzolJ/Ayc25A+44uQHfsjPoMnzkliC6WANy+SqVOhIt+yaXmTwR8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBvO0co5Z+JAjVP6ZW/qKfwrYQzRMB8GA1UdIwQY MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkN45c9X1 jcTcwu30bm1CLJB1QIVAQ9q8vqTaXNrVKZsMJJ9d7mVSJEHlmiYNR4bAWEgxP1nz uJlabv3SnVU5EOnBXFiPzrZEx9ZpSKt+ZGla5SdLS+8kKafy0/h8ALTSa0mmm4U2 X1cHvOa0e0Dph49DBXu+j4lV2MBdhxydNeuOuoGJVG3LGA2uZnwmS7+4LTjCXzGH lWOlrP0hvoX2WGD9jDnbPCtNOEoMHrM0ZzKRQsBHQ1ABJXnnqWH8bpzrVDKWshuB 3hxFvaBBo7L9wCiQrSebgd4FsGuUOFNGJ9Iu9oBy3kLad3XWMDf25E9RiKnQOGRI of2FUl6g++d0nQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:15:47 2025 by rpki-client