This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json) Hash identifier: 9lMnJDlNn/R+HJ1AuVC95MnZ0Skf6LmBUA1HR8wHXTc= Subject key identifier: 10:A1:BA:D6:93:93:0E:16:E3:31:6D:2D:4A:0F:6F:28:22:3E:C8:87 Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Certificate serial: 019AF1D2553E005BFA1298D749C556A29853 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft Manifest number: 0836 Signing time: Sat 06 Dec 2025 04:01:24 +0000 Manifest this update: Sat 06 Dec 2025 04:01:24 +0000 Manifest next update: Sun 07 Dec 2025 04:01:24 +0000 Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: DWHxUon/J5xsPwxLKqmCrVx50hj5SyHtIkTiHw/Y2gM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:55:3e:00:5b:fa:12:98:d7:49:c5:56:a2:98:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Validity Not Before: Dec 6 04:01:24 2025 GMT Not After : Dec 7 04:01:24 2025 GMT Subject: CN=10a1bad693930e16e3316d2d4a0f6f28223ec887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e7:ff:c9:bc:a9:a5:75:a3:e5:65:88:9b:81: d5:1f:05:06:89:52:a4:bb:63:be:25:53:9f:85:0d: 74:09:e1:aa:4c:62:e5:4d:2f:7c:ca:34:a6:c2:c7: 7c:d7:54:3f:3b:55:b7:ae:0a:57:a9:91:82:9e:46: a2:9a:e9:27:4f:c9:2c:5f:53:d6:38:c4:6f:ce:05: a8:d5:66:5e:9b:9e:60:7b:17:57:19:a2:b6:92:50: 00:a1:e2:ff:4f:c6:dd:1b:e3:e5:73:f5:24:40:d9: 0e:a9:d1:68:45:e2:f3:e2:ec:4b:28:c0:22:51:2c: e6:a7:41:b1:83:bc:ef:9b:e2:f0:d2:c1:d6:a3:a3: 77:7b:28:95:13:06:17:2b:81:b4:fd:a3:e3:da:6e: ab:b9:4d:a1:a4:fa:99:d7:30:2e:e4:c7:7e:13:84: 2d:fe:2d:be:f5:80:78:84:4b:71:54:2a:2e:68:e9: fa:27:14:d0:84:8f:80:34:bc:4c:51:85:12:01:97: d3:dc:0b:14:b8:2b:c0:b9:a9:35:1a:0d:6c:11:82: 77:43:73:18:01:44:3d:52:bf:f0:a0:6f:36:85:d7: 53:06:50:26:d8:91:51:37:ef:cf:94:2a:a8:f5:c5: a8:d5:81:ae:44:f1:72:2b:15:dc:29:db:f6:94:09: ea:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:A1:BA:D6:93:93:0E:16:E3:31:6D:2D:4A:0F:6F:28:22:3E:C8:87 X509v3 Authority Key Identifier: keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:15:96:56:7e:5b:63:6d:ad:a2:bc:f9:d2:67:a2:aa:8c:bd: 8c:5d:8e:4b:ec:86:1b:d1:bc:4d:a2:7b:78:fe:c0:49:0f:3f: ea:37:a5:67:35:bd:8a:1a:ef:39:91:ec:9f:7b:79:16:17:7b: ae:aa:84:39:31:8e:a2:b0:82:a1:01:37:ba:04:b4:93:e2:64: e8:9a:a9:d5:cc:34:17:82:c6:b2:30:b8:f2:58:3d:12:e0:6d: 86:c2:4f:a8:d1:76:0c:76:3d:98:93:34:07:fc:43:cc:a3:25: e9:27:65:da:f4:9d:d2:b2:01:24:a6:fd:b9:4d:bd:f0:06:fd: f4:9c:47:47:82:37:c5:15:9e:3c:08:d9:da:f5:95:a3:27:5b: f0:03:e7:21:1b:ac:62:48:c1:f6:4b:39:1b:40:20:84:38:4e: 41:b5:d7:37:06:d4:45:6a:22:28:a9:79:92:c1:8e:3c:c8:a4: ac:07:46:47:46:99:67:dd:7d:40:2e:bb:7d:90:9e:5f:74:23: 95:eb:59:56:60:f7:3e:66:0d:ce:91:28:a1:da:7d:c5:5a:15: ca:19:35:6c:61:60:eb:14:aa:d8:03:1b:d9:eb:c4:f9:49:1e: 4f:b7:ea:73:bd:b7:30:8e:86:3c:2c:67:87:db:34:7f:f3:94: 2c:e8:66:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0lU+AFv6EpjXScVWophTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy ZWY5NjMwHhcNMjUxMjA2MDQwMTI0WhcNMjUxMjA3MDQwMTI0WjAzMTEwLwYDVQQD EygxMGExYmFkNjkzOTMwZTE2ZTMzMTZkMmQ0YTBmNmYyODIyM2VjODg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtef/ybyppXWj5WWIm4HVHwUGiVKk u2O+JVOfhQ10CeGqTGLlTS98yjSmwsd811Q/O1W3rgpXqZGCnkaimuknT8ksX1PW OMRvzgWo1WZem55gexdXGaK2klAAoeL/T8bdG+Plc/UkQNkOqdFoReLz4uxLKMAi USzmp0Gxg7zvm+Lw0sHWo6N3eyiVEwYXK4G0/aPj2m6ruU2hpPqZ1zAu5Md+E4Qt /i2+9YB4hEtxVCouaOn6JxTQhI+ANLxMUYUSAZfT3AsUuCvAuak1Gg1sEYJ3Q3MY AUQ9Ur/woG82hddTBlAm2JFRN+/PlCqo9cWo1YGuRPFyKxXcKdv2lAnqLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBChutaTkw4W4zFtLUoPbygiPsiHMB8GA1UdIwQY MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAixWWVn5b Y22torz50meiqoy9jF2OS+yGG9G8TaJ7eP7ASQ8/6jelZzW9ihrvOZHsn3t5Fhd7 rqqEOTGOorCCoQE3ugS0k+Jk6Jqp1cw0F4LGsjC48lg9EuBthsJPqNF2DHY9mJM0 B/xDzKMl6Sdl2vSd0rIBJKb9uU298Ab99JxHR4I3xRWePAjZ2vWVoydb8APnIRus YkjB9ks5G0AghDhOQbXXNwbURWoiKKl5ksGOPMikrAdGR0aZZ919QC67fZCeX3Qj letZVmD3PmYNzpEoodp9xVoVyhk1bGFg6xSq2AMb2evE+UkeT7fqc723MI6GPCxn h9s0f/OULOhmtg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:14:18 2025 by rpki-client