This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json) Hash identifier: jUwLigqXt34Ai12ssBGZ/vg2RssqZkkVmr3GquXgk60= Subject key identifier: 4C:2F:D0:90:C1:0E:2A:00:2B:EB:C9:79:DA:1A:0F:D3:A4:0A:46:2F Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d Certificate serial: 019AF2ADF374459FDDACBC64BF9929C38186 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft Manifest number: 0386 Signing time: Sat 06 Dec 2025 08:01:17 +0000 Manifest this update: Sat 06 Dec 2025 08:01:17 +0000 Manifest next update: Sun 07 Dec 2025 08:01:17 +0000 Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: 9r6iUq37wmWW/qck9aJpvr4eVkiy5a0UIFvHPOL+mig=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:f3:74:45:9f:dd:ac:bc:64:bf:99:29:c3:81:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d Validity Not Before: Dec 6 08:01:17 2025 GMT Not After : Dec 7 08:01:17 2025 GMT Subject: CN=4c2fd090c10e2a002bebc979da1a0fd3a40a462f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:06:00:99:05:61:21:8a:43:23:ec:29:ff:11: 1f:08:0b:68:94:d0:09:a4:ec:d1:8e:d7:9f:fc:1c: 60:45:77:0e:fc:5d:e4:fa:b3:45:a1:ce:b7:de:c9: a1:07:10:3f:c3:0b:4b:e7:24:16:56:21:18:d1:52: d6:c7:15:a7:8a:06:7f:f9:3c:29:8e:e1:5a:5f:e8: b4:ac:34:29:56:f1:7f:76:bc:54:ca:31:82:ed:c5: d3:05:86:86:00:e7:da:fd:f8:54:aa:86:58:fa:df: c6:d5:cf:a8:8e:6e:d1:c9:59:4e:14:a9:78:b6:28: 8e:b7:e6:41:55:e3:48:11:3b:f4:c2:4f:52:0d:6b: 82:8c:fb:b7:53:00:bf:07:42:9e:09:a3:66:c4:f0: 78:c5:14:41:30:3e:ca:b0:66:0f:08:0e:d3:c9:1f: 01:c9:d3:3f:5a:20:c0:0a:20:72:52:cd:75:09:af: 89:38:46:86:70:97:55:c5:61:c1:e1:de:9b:12:1a: f8:74:3e:96:19:70:03:67:d3:fe:e1:f6:94:d0:73: ac:77:38:66:47:7c:fc:7b:02:2c:f3:c7:2e:c5:85: 3d:db:12:cd:a2:51:61:01:cf:80:74:d5:7d:5d:7a: 27:08:d9:2e:7f:2f:67:ce:28:a4:b9:02:5a:b5:22: 85:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:2F:D0:90:C1:0E:2A:00:2B:EB:C9:79:DA:1A:0F:D3:A4:0A:46:2F X509v3 Authority Key Identifier: keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:5f:64:f5:38:0a:b8:4a:9d:62:a4:89:d9:3d:da:78:4a:91: 3c:74:e6:c4:11:78:fc:e2:39:e2:40:54:41:d0:ff:c6:1c:21: 7b:32:24:b3:9f:75:78:5d:20:77:87:a8:67:a6:30:fb:84:cf: db:c7:94:07:e9:8e:d5:23:bb:f9:13:55:c2:f1:bb:62:8c:fc: b9:c5:e3:91:e8:63:e0:8b:d0:33:dc:0b:6f:f6:6c:7b:99:57: 54:3c:0b:45:93:46:a0:e3:60:08:23:77:a8:66:4b:0a:52:dd: 71:23:6a:d6:e5:29:dd:a3:3b:01:1b:a3:8a:ee:3c:aa:b7:09: 93:09:d1:0f:b3:b3:ae:88:4f:03:22:f6:71:87:7e:71:b4:7a: 01:4c:fc:08:1b:11:67:4f:41:c3:69:18:1e:f6:c6:a7:22:a3: ac:98:50:ac:3f:cd:db:69:31:a8:00:c0:01:67:a4:8d:e2:ba: 92:d8:ea:f3:6b:51:17:26:0c:c5:47:a5:38:7c:28:19:d9:a6: 3c:de:9e:f8:3c:17:be:7f:c7:98:cd:bb:db:5e:02:0f:22:57: af:4a:ee:f3:e9:fa:7a:68:a4:ce:dd:84:b3:0a:59:df:b2:29: e6:30:d5:22:26:6d:0a:eb:04:b6:9b:bb:91:58:9d:e2:78:a8: 10:8a:39:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrfN0RZ/drLxkv5kpw4GGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm YjE1M2QwHhcNMjUxMjA2MDgwMTE3WhcNMjUxMjA3MDgwMTE3WjAzMTEwLwYDVQQD Eyg0YzJmZDA5MGMxMGUyYTAwMmJlYmM5NzlkYTFhMGZkM2E0MGE0NjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwYAmQVhIYpDI+wp/xEfCAtolNAJ pOzRjtef/BxgRXcO/F3k+rNFoc633smhBxA/wwtL5yQWViEY0VLWxxWnigZ/+Twp juFaX+i0rDQpVvF/drxUyjGC7cXTBYaGAOfa/fhUqoZY+t/G1c+ojm7RyVlOFKl4 tiiOt+ZBVeNIETv0wk9SDWuCjPu3UwC/B0KeCaNmxPB4xRRBMD7KsGYPCA7TyR8B ydM/WiDACiByUs11Ca+JOEaGcJdVxWHB4d6bEhr4dD6WGXADZ9P+4faU0HOsdzhm R3z8ewIs88cuxYU92xLNolFhAc+AdNV9XXonCNkufy9nziikuQJatSKFWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEwv0JDBDioAK+vJedoaD9OkCkYvMB8GA1UdIwQY MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd19k9TgK uEqdYqSJ2T3aeEqRPHTmxBF4/OI54kBUQdD/xhwhezIks591eF0gd4eoZ6Yw+4TP 28eUB+mO1SO7+RNVwvG7Yoz8ucXjkehj4IvQM9wLb/Zse5lXVDwLRZNGoONgCCN3 qGZLClLdcSNq1uUp3aM7ARujiu48qrcJkwnRD7OzrohPAyL2cYd+cbR6AUz8CBsR Z09Bw2kYHvbGpyKjrJhQrD/N22kxqADAAWekjeK6ktjq82tRFyYMxUelOHwoGdmm PN6e+DwXvn/HmM27214CDyJXr0ru8+n6emikzt2EswpZ37Ip5jDVIiZtCusEtpu7 kVid4nioEIo5sw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:35:00 2025 by rpki-client