This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft File: XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json) Hash identifier: u4l78X0DRda0XhWjN4hiHCihWleHndII+437l1PJ1Mw= Subject key identifier: AF:AA:29:8F:87:95:C1:DD:8D:DC:88:FC:BD:80:29:BB:B9:A0:E8:EC Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E Certificate issuer: /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e Certificate serial: 019AF12E0FC7D8EEE39074FB5E29D227B392 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft Manifest number: 0D9E Signing time: Sat 06 Dec 2025 01:01:58 +0000 Manifest this update: Sat 06 Dec 2025 01:01:58 +0000 Manifest next update: Sun 07 Dec 2025 01:01:58 +0000 Files and hashes: 1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: ic4Ryac1ukyO1JiM8o8svQtmVpSTCHrzaESQiBTr/7I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:0f:c7:d8:ee:e3:90:74:fb:5e:29:d2:27:b3:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e Validity Not Before: Dec 6 01:01:58 2025 GMT Not After : Dec 7 01:01:58 2025 GMT Subject: CN=afaa298f8795c1dd8ddc88fcbd8029bbb9a0e8ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1b:fb:01:e9:a7:0c:40:8e:aa:5e:58:c9:b3: fe:2a:00:97:3a:d7:64:1c:88:17:53:80:26:88:e6: 81:d8:e8:08:66:02:59:09:b0:22:c6:86:e8:cb:5a: 9a:68:16:74:2a:d5:a3:9a:d3:59:ed:4c:f3:0e:8b: 3c:50:cb:86:2c:23:a8:1c:d9:f0:82:c8:fe:87:57: a0:0b:3a:26:e7:e1:8a:4a:60:a1:2b:3f:e0:72:3e: 29:92:a7:24:b3:56:98:37:7f:ce:a4:56:22:b9:53: dd:65:c7:7e:39:ed:16:f3:16:d0:ad:ac:0f:b1:83: 23:6c:c4:d2:01:7b:ec:98:68:57:f7:70:f8:d0:20: 7e:30:4c:d7:60:b7:3d:7b:e2:ec:19:88:6d:ee:b9: 58:98:d9:e1:02:9e:34:c6:3a:6f:4a:ed:e2:dc:f2: ac:c5:51:e5:a8:c5:90:b6:87:ba:a9:e5:61:ca:27: f2:6b:48:40:1c:66:ac:54:38:b7:54:06:0f:60:ba: 99:59:bd:31:bd:33:30:58:23:4a:6c:b7:bf:80:7c: ff:0d:d6:e3:ce:d3:2f:9d:28:c7:9b:d3:27:51:2b: 89:d3:a9:64:69:13:e3:1a:65:9c:c5:58:20:1a:74: 65:f0:e8:5d:53:07:f1:12:cf:6e:2f:4c:20:13:ad: 1e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:AA:29:8F:87:95:C1:DD:8D:DC:88:FC:BD:80:29:BB:B9:A0:E8:EC X509v3 Authority Key Identifier: keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:8a:7a:48:7b:b4:71:68:87:4a:21:4f:61:a6:b7:6a:f5:f4: ed:9c:68:34:0c:58:41:b2:49:e7:d2:2c:b8:c3:1f:83:58:45: c8:e4:a6:6e:9e:b3:82:ce:b2:e7:90:7f:64:4c:c4:73:46:79: 77:13:b9:a1:81:4c:6f:59:5f:e4:7b:03:00:1b:0e:64:09:86: 81:d4:b3:23:eb:2a:94:9e:74:f5:d3:c8:43:25:e1:89:21:84: 74:a6:c2:72:c2:cd:40:23:2d:14:85:ed:aa:32:0b:eb:b6:4d: da:e4:32:21:05:5d:c1:24:c4:93:b1:2a:10:ee:60:f4:86:83: 9e:d9:28:a8:4f:f5:c1:b6:db:1b:c3:83:be:89:f8:c3:44:00: 8a:c6:8b:3d:c3:24:e9:c9:d9:2b:59:e4:44:06:34:69:16:30: 91:a9:0c:44:79:d6:60:94:43:41:aa:00:a1:9f:1d:2c:95:a7: 70:3f:58:e9:d1:8f:1a:71:4a:22:b0:7b:bc:60:2e:48:49:a6: ba:6e:03:44:6d:b4:44:6d:25:23:bf:24:b9:63:e2:8a:d9:c1: 46:26:46:51:c4:7f:85:8b:df:4a:69:0a:9f:43:3e:ab:0b:3a: f7:3e:eb:28:ba:81:b0:bd:45:c9:c5:16:9e:5f:e9:b5:98:3e: 26:5b:23:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLg/H2O7jkHT7XinSJ7OSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx N2UxNWUwHhcNMjUxMjA2MDEwMTU4WhcNMjUxMjA3MDEwMTU4WjAzMTEwLwYDVQQD EyhhZmFhMjk4Zjg3OTVjMWRkOGRkYzg4ZmNiZDgwMjliYmI5YTBlOGVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRv7AemnDECOql5YybP+KgCXOtdk HIgXU4AmiOaB2OgIZgJZCbAixoboy1qaaBZ0KtWjmtNZ7UzzDos8UMuGLCOoHNnw gsj+h1egCzom5+GKSmChKz/gcj4pkqcks1aYN3/OpFYiuVPdZcd+Oe0W8xbQrawP sYMjbMTSAXvsmGhX93D40CB+MEzXYLc9e+LsGYht7rlYmNnhAp40xjpvSu3i3PKs xVHlqMWQtoe6qeVhyifya0hAHGasVDi3VAYPYLqZWb0xvTMwWCNKbLe/gHz/Ddbj ztMvnSjHm9MnUSuJ06lkaRPjGmWcxVggGnRl8OhdUwfxEs9uL0wgE60eXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+qKY+HlcHdjdyI/L2AKbu5oOjsMB8GA1UdIwQY MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0 LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADIp6SHu0 cWiHSiFPYaa3avX07ZxoNAxYQbJJ59IsuMMfg1hFyOSmbp6zgs6y55B/ZEzEc0Z5 dxO5oYFMb1lf5HsDABsOZAmGgdSzI+sqlJ509dPIQyXhiSGEdKbCcsLNQCMtFIXt qjIL67ZN2uQyIQVdwSTEk7EqEO5g9IaDntkoqE/1wbbbG8ODvon4w0QAisaLPcMk 6cnZK1nkRAY0aRYwkakMRHnWYJRDQaoAoZ8dLJWncD9Y6dGPGnFKIrB7vGAuSEmm um4DRG20RG0lI78kuWPiitnBRiZGUcR/hYvfSmkKn0M+qws69z7rKLqBsL1FycUW nl/ptZg+JlsjmA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:30:57 2025 by rpki-client