This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft File: xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json) Hash identifier: M3t8D8QE0K+9Qe+A6GTFEHFPu2ifk/9ywHfITnDboaU= Subject key identifier: EC:02:11:B9:94:06:64:62:70:70:3D:D8:6B:BE:42:D2:51:D8:AE:95 Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0 Certificate issuer: /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0 Certificate serial: 019AF50B18D9D990F66E40F24AE428A2E425 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft Manifest number: 071F Signing time: Sat 06 Dec 2025 19:02:16 +0000 Manifest this update: Sat 06 Dec 2025 19:02:16 +0000 Manifest next update: Sun 07 Dec 2025 19:02:16 +0000 Files and hashes: 1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: A0UoLSnd27YmVvp9Fj3CNur9W1lEwGZsHy1fs6W/xA8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:18:d9:d9:90:f6:6e:40:f2:4a:e4:28:a2:e4:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0 Validity Not Before: Dec 6 19:02:16 2025 GMT Not After : Dec 7 19:02:16 2025 GMT Subject: CN=ec0211b99406646270703dd86bbe42d251d8ae95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b4:5b:85:4d:90:1f:ea:fa:dc:66:61:54:0a: 48:30:98:9a:41:c6:5d:85:ba:67:6a:35:cc:26:4b: c1:42:60:8c:ec:52:98:88:e1:bf:c6:22:d3:f7:2b: a9:72:c8:d3:f0:9b:c2:78:a7:5a:55:83:2d:e4:67: 30:04:e5:aa:49:c0:23:0c:82:2a:d7:16:09:0c:78: 5f:b9:db:65:18:10:32:51:d6:9c:36:1a:5d:64:f1: 94:a8:fb:38:e4:1d:9c:f0:80:92:94:db:ba:db:60: 2e:a2:88:a2:ee:2a:72:0a:2a:eb:84:7e:b1:e7:b4: 04:54:03:78:a9:a6:b5:99:3e:fd:88:72:f5:e7:3f: 49:9e:04:98:34:b9:a0:54:7f:77:22:6a:54:68:c5: 9e:17:57:37:80:e1:3a:7b:81:f5:33:db:2c:6a:db: 56:75:21:8e:4d:1a:3d:6a:c6:58:f8:ab:79:2a:fe: 1f:44:9b:b8:eb:1f:99:0c:97:08:8f:51:73:78:0f: 8e:71:17:7d:07:03:f4:54:09:db:9c:c1:2c:7b:ed: 27:88:a4:0a:2b:f6:25:69:20:e7:e9:30:76:ea:1a: 7c:67:05:dc:64:29:ff:86:2f:c6:4b:16:f2:9d:6f: 40:b9:ba:ea:4f:51:55:9f:bd:87:11:12:5c:3b:f0: db:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:02:11:B9:94:06:64:62:70:70:3D:D8:6B:BE:42:D2:51:D8:AE:95 X509v3 Authority Key Identifier: keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:ad:ff:e9:00:61:c8:1c:d3:79:0b:fd:64:f7:de:75:9b:d1: 8b:ff:63:b0:dc:65:3c:c6:7c:f0:5a:25:cf:74:8a:1a:79:4c: 06:13:a4:06:b2:c1:dc:42:cd:90:36:00:3f:df:ce:a3:aa:f7: 90:85:08:f0:fa:64:06:fa:a9:db:fb:c6:dd:a6:b4:fe:d5:81: fa:ed:2d:b6:60:aa:66:41:e7:43:9c:90:4c:aa:58:f7:2d:b8: 85:4b:ce:eb:8f:24:86:4b:90:c4:2c:9c:39:11:c6:ec:a2:d3: b7:0b:2b:70:27:e6:4c:18:22:6c:99:55:85:e0:22:3c:8a:7a: 0d:9a:88:c6:b3:38:e2:88:e4:ce:44:a0:6e:53:53:ad:2f:95: 0f:6c:3e:96:b2:db:44:ae:a0:e2:07:18:7d:4c:56:b7:3a:9f: 59:3b:4c:93:85:2a:ec:d1:8b:0f:57:a1:ed:16:e3:9f:f2:4f: 7e:c1:00:ec:84:f0:7b:57:42:05:97:f9:a9:61:0b:24:b1:c9: 20:14:70:e3:c7:79:7a:e8:99:19:db:c3:4e:84:99:06:cf:27: 7e:53:d8:e4:61:9e:c5:83:35:e2:24:6d:df:11:62:80:3f:86: b9:14:50:62:f1:87:86:3d:d4:49:9b:99:b9:1b:50:23:bf:ec: 32:0b:e1:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CxjZ2ZD2bkDySuQoouQlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk YzY4YTAwHhcNMjUxMjA2MTkwMjE2WhcNMjUxMjA3MTkwMjE2WjAzMTEwLwYDVQQD EyhlYzAyMTFiOTk0MDY2NDYyNzA3MDNkZDg2YmJlNDJkMjUxZDhhZTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLRbhU2QH+r63GZhVApIMJiaQcZd hbpnajXMJkvBQmCM7FKYiOG/xiLT9yupcsjT8JvCeKdaVYMt5GcwBOWqScAjDIIq 1xYJDHhfudtlGBAyUdacNhpdZPGUqPs45B2c8ICSlNu622Auooii7ipyCirrhH6x 57QEVAN4qaa1mT79iHL15z9JngSYNLmgVH93ImpUaMWeF1c3gOE6e4H1M9ssattW dSGOTRo9asZY+Kt5Kv4fRJu46x+ZDJcIj1FzeA+OcRd9BwP0VAnbnMEse+0niKQK K/YlaSDn6TB26hp8ZwXcZCn/hi/GSxbynW9AubrqT1FVn72HERJcO/DbTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOwCEbmUBmRicHA92Gu+QtJR2K6VMB8GA1UdIwQY MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMq3/6QBh yBzTeQv9ZPfedZvRi/9jsNxlPMZ88Folz3SKGnlMBhOkBrLB3ELNkDYAP9/Oo6r3 kIUI8PpkBvqp2/vG3aa0/tWB+u0ttmCqZkHnQ5yQTKpY9y24hUvO648khkuQxCyc ORHG7KLTtwsrcCfmTBgibJlVheAiPIp6DZqIxrM44ojkzkSgblNTrS+VD2w+lrLb RK6g4gcYfUxWtzqfWTtMk4Uq7NGLD1eh7Rbjn/JPfsEA7ITwe1dCBZf5qWELJLHJ IBRw48d5euiZGdvDToSZBs8nflPY5GGexYM14iRt3xFigD+GuRRQYvGHhj3USZuZ uRtQI7/sMgvhxg== -----END CERTIFICATE-----Generated at Sat Dec 6 21:42:40 2025 by rpki-client