This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft File: xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json) Hash identifier: bsOpDDi6viEHqmNOur9YN4+xmFnhKl8OUgZH1EL5B9o= Subject key identifier: 35:DD:4E:2B:B4:AC:33:D8:9E:D7:67:7E:AC:A2:61:9D:53:32:34:A8 Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52 Certificate issuer: /CN=c677739f0f9546b4f025772c5c2b179785923852 Certificate serial: 019AF1D1F34E9252A792F66FF211D0774005 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft Manifest number: 1573 Signing time: Sat 06 Dec 2025 04:00:59 +0000 Manifest this update: Sat 06 Dec 2025 04:00:59 +0000 Manifest next update: Sun 07 Dec 2025 04:00:59 +0000 Files and hashes: 1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: ysNkAH8TOm+R4V7w3EMlsVFSbr0xuFNedA+5TJznSmQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:f3:4e:92:52:a7:92:f6:6f:f2:11:d0:77:40:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852 Validity Not Before: Dec 6 04:00:59 2025 GMT Not After : Dec 7 04:00:59 2025 GMT Subject: CN=35dd4e2bb4ac33d89ed7677eaca2619d533234a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:e8:1c:eb:bf:26:cc:e8:c6:75:c4:77:03:52: 67:12:b0:d1:1c:d8:fa:67:eb:34:0e:86:14:ed:07: c7:2f:29:f3:87:49:3b:d0:8b:c4:e8:d8:6f:2b:ed: 08:61:a9:47:f0:16:68:5f:c2:29:13:a1:53:f8:3c: cc:40:96:74:6a:e9:9e:be:1e:23:a0:19:8d:f0:18: 6c:6a:94:e7:a7:a6:44:49:f8:11:53:ee:b7:75:4e: 8f:de:62:17:7b:a1:21:d0:9d:72:91:bc:5c:1d:c9: ad:16:3b:21:52:41:6e:bf:24:8d:dc:f3:9d:82:5e: 9c:a8:d6:a1:20:50:5c:0c:26:e3:f8:80:c4:bd:1a: b0:84:99:05:26:54:26:f5:72:ed:0f:cf:53:27:08: 58:ae:23:4d:dc:eb:7d:38:54:45:20:01:43:c0:b3: 65:61:71:67:55:f7:f8:11:68:aa:82:6e:9e:47:b9: 2c:7e:0d:c3:e6:c5:c2:59:9c:18:a7:4f:48:88:32: 6f:cb:64:a4:8e:ac:ad:46:21:b6:52:46:32:bc:46: a7:39:54:17:78:cf:95:12:fe:a8:54:7c:01:05:fc: 14:0f:fa:51:f3:e1:1c:eb:37:dd:99:75:57:57:5d: a9:dc:49:7d:77:ac:08:b2:dd:e3:0f:14:79:39:66: 48:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DD:4E:2B:B4:AC:33:D8:9E:D7:67:7E:AC:A2:61:9D:53:32:34:A8 X509v3 Authority Key Identifier: keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:30:3c:d2:4b:3e:e3:90:94:44:e8:e0:11:86:30:f9:a1:aa: 32:31:ea:58:f5:33:ad:12:0b:06:9b:77:37:93:19:19:f0:17: 87:fa:f5:6d:3e:4c:45:25:a9:e7:eb:15:d5:02:e9:6b:61:0f: 47:59:af:dc:1a:b3:4f:b0:86:c8:a2:99:04:9a:93:17:e8:cd: e6:a6:fa:6f:16:a5:c2:c7:8e:d7:d3:bb:f9:fb:12:eb:50:a4: aa:0d:82:0e:6d:ff:c6:bc:f2:82:32:4e:a0:87:64:da:4b:da: 31:49:92:9f:8d:33:c6:0c:6b:8f:b3:e3:14:12:3b:6a:6e:26: f8:be:fe:ed:91:b6:fe:7f:71:ad:e0:1f:42:94:58:30:9d:d9: 3f:31:bc:f4:a8:32:e4:0b:22:aa:89:0e:0f:e0:ca:3e:83:74: a5:e5:d5:98:14:24:9e:2f:64:b1:a9:a8:33:83:99:b9:94:00: 7c:ef:d1:cb:ec:12:55:b3:8e:f4:d1:2c:e2:55:b1:2b:cd:bf: bf:f5:76:5f:7f:cd:d4:18:89:86:e4:e2:45:81:52:77:6c:14: 3a:cc:7f:11:79:3d:09:8e:32:bc:f4:7e:44:91:e2:f4:73:cf: 4f:c4:d1:1a:a6:1e:90:2e:cf:db:19:05:67:ea:7d:d0:c7:43: 47:5d:f2:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0fNOklKnkvZv8hHQd0AFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5 MjM4NTIwHhcNMjUxMjA2MDQwMDU5WhcNMjUxMjA3MDQwMDU5WjAzMTEwLwYDVQQD EygzNWRkNGUyYmI0YWMzM2Q4OWVkNzY3N2VhY2EyNjE5ZDUzMzIzNGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9egc678mzOjGdcR3A1JnErDRHNj6 Z+s0DoYU7QfHLynzh0k70IvE6NhvK+0IYalH8BZoX8IpE6FT+DzMQJZ0aumevh4j oBmN8BhsapTnp6ZESfgRU+63dU6P3mIXe6Eh0J1ykbxcHcmtFjshUkFuvySN3POd gl6cqNahIFBcDCbj+IDEvRqwhJkFJlQm9XLtD89TJwhYriNN3Ot9OFRFIAFDwLNl YXFnVff4EWiqgm6eR7ksfg3D5sXCWZwYp09IiDJvy2SkjqytRiG2UkYyvEanOVQX eM+VEv6oVHwBBfwUD/pR8+Ec6zfdmXVXV12p3El9d6wIst3jDxR5OWZISQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDXdTiu0rDPYntdnfqyiYZ1TMjSoMB8GA1UdIwQY MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3 LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjA80ks+ 45CUROjgEYYw+aGqMjHqWPUzrRILBpt3N5MZGfAXh/r1bT5MRSWp5+sV1QLpa2EP R1mv3BqzT7CGyKKZBJqTF+jN5qb6bxalwseO19O7+fsS61Ckqg2CDm3/xrzygjJO oIdk2kvaMUmSn40zxgxrj7PjFBI7am4m+L7+7ZG2/n9xreAfQpRYMJ3ZPzG89Kgy 5AsiqokOD+DKPoN0peXVmBQkni9ksamoM4OZuZQAfO/Ry+wSVbOO9NEs4lWxK82/ v/V2X3/N1BiJhuTiRYFSd2wUOsx/EXk9CY4yvPR+RJHi9HPPT8TRGqYekC7P2xkF Z+p90MdDR13yeg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:38 2025 by rpki-client