This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json) Hash identifier: 4WL+EQOLnwf4Mz4C5Xi+JplX+DpcKpMfK5yucbk6VaU= Subject key identifier: 7D:70:B5:7C:62:6A:6D:BA:87:6A:14:F0:76:A9:98:70:DE:0B:C8:41 Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Certificate serial: 019B2F9E157763C19B525D64D2F99BA09E72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft Manifest number: 0856 Signing time: Thu 18 Dec 2025 04:00:47 +0000 Manifest this update: Thu 18 Dec 2025 04:00:47 +0000 Manifest next update: Fri 19 Dec 2025 04:00:47 +0000 Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: 0cPH6zjrgXhcQA9uZt3B2i0ygMYnGqViCWhGCHIKftE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:15:77:63:c1:9b:52:5d:64:d2:f9:9b:a0:9e:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Validity Not Before: Dec 18 04:00:47 2025 GMT Not After : Dec 19 04:00:47 2025 GMT Subject: CN=7d70b57c626a6dba876a14f076a99870de0bc841 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:6d:98:01:e0:e3:f4:9e:33:d8:1d:6a:41:da: d9:06:1d:07:d8:1e:f4:62:75:b7:46:9d:aa:55:22: 13:1a:9e:d1:e1:41:b6:32:62:8d:8c:d4:37:31:02: d4:18:d5:a6:1f:29:15:cf:54:02:2b:7a:5c:63:7f: 60:a0:fc:c3:95:ee:75:54:0b:5b:91:a6:48:3b:85: ec:85:46:d4:b1:9a:a8:85:1b:44:8f:48:f4:9b:8d: 92:0f:53:8e:dc:2d:03:c4:eb:44:1b:5f:4c:26:48: bb:39:80:e8:3f:d0:46:5e:03:a0:76:5d:6b:6c:3a: cd:62:19:35:41:f4:81:ff:2d:d0:e9:3a:48:1d:d2: 38:d6:94:36:2a:13:23:3e:46:e3:54:e1:ed:9d:4b: 75:9b:e3:8a:4a:80:83:a5:88:25:37:84:f8:3b:1a: ab:91:ef:1f:41:ef:da:79:c6:0b:c1:f7:49:e7:49: 42:00:aa:18:9d:54:11:bf:f8:6e:ab:0a:4f:18:3f: c8:b3:29:24:dc:2f:06:7f:10:fa:d7:87:93:89:29: c2:ab:63:ae:00:2c:47:86:7a:a9:6e:9b:ab:1d:e3: 9d:bf:70:93:4b:1a:05:15:85:2b:9e:7f:ba:96:b2: 57:1e:97:ad:6f:ec:3f:0e:94:70:ac:5b:4a:57:f0: 20:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:70:B5:7C:62:6A:6D:BA:87:6A:14:F0:76:A9:98:70:DE:0B:C8:41 X509v3 Authority Key Identifier: keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:01:03:85:24:8d:2a:31:fc:4c:47:5d:52:74:c0:db:6d:6a: da:1e:60:ae:66:26:0c:e1:e0:48:53:38:b2:bd:3d:40:cd:70: 80:ca:81:7e:1a:71:cb:6c:12:e2:0f:c4:45:33:16:46:01:d6: 8d:6e:df:92:4a:68:bf:31:da:5d:89:9b:46:c2:0d:01:03:d5: 25:0d:f3:d6:34:a4:a5:4d:3d:00:da:4a:d7:e0:b7:5a:62:04: f2:39:39:96:81:b2:b6:e3:90:fe:ac:2c:2b:b7:89:f9:1f:ad: d1:98:04:3d:60:a8:08:7b:f5:73:23:04:e4:4d:f6:ad:19:6b: fd:a1:3c:5e:9e:02:06:1e:be:b2:06:22:67:f2:f4:c0:2c:9f: 43:bf:8f:74:f4:30:4a:8c:a7:bd:0f:aa:04:a6:ae:1b:2d:76: 96:e9:be:76:c0:a5:f2:67:ac:c4:02:05:21:47:8c:d9:cf:6b: 33:43:4c:e9:91:48:06:31:c2:cf:6c:f6:d1:84:fa:c7:17:3e: fd:2b:02:d4:d7:65:42:df:9b:75:ab:c6:8b:6a:29:57:3f:45: 75:23:2a:ca:37:20:d2:69:83:f1:9d:03:1b:3b:fb:85:c2:d8: 77:cf:d4:cf:8e:e0:85:4f:0e:59:a0:a1:7e:f6:a6:ef:35:72: 93:ac:7f:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnhV3Y8GbUl1k0vmboJ5yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy ZWY5NjMwHhcNMjUxMjE4MDQwMDQ3WhcNMjUxMjE5MDQwMDQ3WjAzMTEwLwYDVQQD Eyg3ZDcwYjU3YzYyNmE2ZGJhODc2YTE0ZjA3NmE5OTg3MGRlMGJjODQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W2YAeDj9J4z2B1qQdrZBh0H2B70 YnW3Rp2qVSITGp7R4UG2MmKNjNQ3MQLUGNWmHykVz1QCK3pcY39goPzDle51VAtb kaZIO4XshUbUsZqohRtEj0j0m42SD1OO3C0DxOtEG19MJki7OYDoP9BGXgOgdl1r bDrNYhk1QfSB/y3Q6TpIHdI41pQ2KhMjPkbjVOHtnUt1m+OKSoCDpYglN4T4Oxqr ke8fQe/aecYLwfdJ50lCAKoYnVQRv/huqwpPGD/Isykk3C8GfxD614eTiSnCq2Ou ACxHhnqpbpurHeOdv3CTSxoFFYUrnn+6lrJXHpetb+w/DpRwrFtKV/Ag+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH1wtXxiam26h2oU8HapmHDeC8hBMB8GA1UdIwQY MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAugEDhSSN KjH8TEddUnTA221q2h5grmYmDOHgSFM4sr09QM1wgMqBfhpxy2wS4g/ERTMWRgHW jW7fkkpovzHaXYmbRsINAQPVJQ3z1jSkpU09ANpK1+C3WmIE8jk5loGytuOQ/qws K7eJ+R+t0ZgEPWCoCHv1cyME5E32rRlr/aE8Xp4CBh6+sgYiZ/L0wCyfQ7+PdPQw SoynvQ+qBKauGy12lum+dsCl8mesxAIFIUeM2c9rM0NM6ZFIBjHCz2z20YT6xxc+ /SsC1NdlQt+bdavGi2opVz9FdSMqyjcg0mmD8Z0DGzv7hcLYd8/Uz47ghU8OWaCh fvam7zVyk6x/lQ== -----END CERTIFICATE-----Generated at Thu Dec 18 07:37:03 2025 by rpki-client