This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft File: xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json) Hash identifier: NJ2z6F2/xtp8bmIdI4TThiDeS9Bn7r0mCjY4Xn1vcac= Subject key identifier: 2E:23:82:92:5C:64:7C:C7:5B:8C:91:16:40:F3:FF:D3:D5:C5:A1:9B Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8 Certificate issuer: /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8 Certificate serial: 019AF19B8330CB030FE167C6CE49BAEA9EF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft Manifest number: 16F1 Signing time: Sat 06 Dec 2025 03:01:32 +0000 Manifest this update: Sat 06 Dec 2025 03:01:32 +0000 Manifest next update: Sun 07 Dec 2025 03:01:32 +0000 Files and hashes: 1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: 04AesO2I0dpF5Q1L49gKWGxbRaICFVvalkfXyA/YDMs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:83:30:cb:03:0f:e1:67:c6:ce:49:ba:ea:9e:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8 Validity Not Before: Dec 6 03:01:32 2025 GMT Not After : Dec 7 03:01:32 2025 GMT Subject: CN=2e2382925c647cc75b8c911640f3ffd3d5c5a19b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e8:4d:75:1b:4b:ab:ce:d2:da:15:7d:f2:8b: b1:67:cd:70:cd:69:79:ff:a3:35:e3:35:85:e2:9d: f8:ee:ce:16:4c:d4:90:1a:80:70:e3:d5:57:04:23: 5a:70:35:49:db:6b:3f:73:f8:25:10:74:c6:a8:14: 59:9a:0e:fb:ff:55:3e:5e:a8:ac:62:f7:6a:88:de: 55:de:10:06:6c:3a:29:dd:b0:1e:1c:df:f9:76:e9: 6b:3d:2d:6c:aa:d3:a1:10:7a:ac:d3:70:f6:f2:2c: 39:cd:fc:bf:a5:02:a8:a4:57:fe:2a:01:cc:60:c9: 33:f1:44:3b:d8:d4:a5:a3:57:b3:85:7b:d8:cd:13: 6a:aa:fa:7c:47:1f:5e:a9:b0:01:9a:f1:82:91:cf: c1:6d:53:3c:d4:90:d9:14:a6:fa:c3:44:a7:7a:06: 92:65:d3:ad:d7:19:73:d5:3e:02:61:be:f8:0b:72: 57:f3:82:b1:16:88:ff:1b:80:82:2b:7c:35:1e:4f: 2e:67:0d:b4:ac:91:a0:e6:e7:86:e5:03:e3:11:cf: fc:88:f1:6f:d7:5e:85:5e:49:e5:27:d8:37:0a:f1: c6:9c:17:3c:1c:bc:31:be:e5:30:fe:b9:8a:6e:b6: da:c2:18:81:a0:9a:e8:e1:a5:30:62:8f:c8:74:e1: 2e:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:23:82:92:5C:64:7C:C7:5B:8C:91:16:40:F3:FF:D3:D5:C5:A1:9B X509v3 Authority Key Identifier: keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:b4:b5:c3:ff:cd:c5:aa:76:5b:7e:90:63:86:d8:91:d9:b6: 7e:3d:e9:8f:b8:34:c4:5d:b1:00:be:46:24:49:94:03:a8:9d: 5d:28:06:72:fe:74:fd:30:3a:24:c6:be:75:56:ab:01:ad:cb: 91:b1:f5:7f:ba:12:5b:56:ba:05:3d:ed:4c:7b:5e:f4:de:9c: aa:29:82:ab:1a:0d:0a:13:ae:04:9b:33:af:90:c3:d6:14:af: 33:58:46:d2:f4:d9:d8:1b:74:05:e6:4b:4a:07:de:b5:ff:70: fe:ae:1e:d7:d4:06:92:54:41:cc:dc:79:e3:20:97:65:e5:6f: ca:5f:95:12:57:ca:ce:f7:09:27:13:1d:80:79:0f:61:91:3c: ae:96:92:7b:ec:20:f6:d1:7d:97:7f:b5:0d:ce:76:b2:bb:fa: 2d:8d:72:a1:38:46:e9:ee:2f:57:f0:bd:04:78:b2:bc:4a:b0: d6:7f:35:31:43:98:94:ad:13:90:3e:fd:0d:28:72:a5:ec:6f: 20:3c:24:6f:65:3f:bd:d1:6f:bf:76:fa:f1:5c:bc:3d:7b:03: d3:db:f2:b3:e9:c8:96:85:ff:f2:f3:67:86:f2:3f:c1:e2:74: f6:6d:05:be:f1:af:b9:d6:ac:28:e7:88:04:8f:a0:08:a8:50: 1e:ad:32:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm4MwywMP4WfGzkm66p7yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5 NzQ0ZTgwHhcNMjUxMjA2MDMwMTMyWhcNMjUxMjA3MDMwMTMyWjAzMTEwLwYDVQQD EygyZTIzODI5MjVjNjQ3Y2M3NWI4YzkxMTY0MGYzZmZkM2Q1YzVhMTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+hNdRtLq87S2hV98ouxZ81wzWl5 /6M14zWF4p347s4WTNSQGoBw49VXBCNacDVJ22s/c/glEHTGqBRZmg77/1U+Xqis YvdqiN5V3hAGbDop3bAeHN/5dulrPS1sqtOhEHqs03D28iw5zfy/pQKopFf+KgHM YMkz8UQ72NSlo1ezhXvYzRNqqvp8Rx9eqbABmvGCkc/BbVM81JDZFKb6w0SnegaS ZdOt1xlz1T4CYb74C3JX84KxFoj/G4CCK3w1Hk8uZw20rJGg5ueG5QPjEc/8iPFv 116FXknlJ9g3CvHGnBc8HLwxvuUw/rmKbrbawhiBoJro4aUwYo/IdOEuwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC4jgpJcZHzHW4yRFkDz/9PVxaGbMB8GA1UdIwQY MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7S1w//N xap2W36QY4bYkdm2fj3pj7g0xF2xAL5GJEmUA6idXSgGcv50/TA6JMa+dVarAa3L kbH1f7oSW1a6BT3tTHte9N6cqimCqxoNChOuBJszr5DD1hSvM1hG0vTZ2Bt0BeZL Sgfetf9w/q4e19QGklRBzNx54yCXZeVvyl+VElfKzvcJJxMdgHkPYZE8rpaSe+wg 9tF9l3+1Dc52srv6LY1yoThG6e4vV/C9BHiyvEqw1n81MUOYlK0TkD79DShypexv IDwkb2U/vdFvv3b68Vy8PXsD09vys+nIloX/8vNnhvI/weJ09m0FvvGvudasKOeI BI+gCKhQHq0yxg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:24:51 2025 by rpki-client