This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft File: XJF3tPVOZX44dlbmc6-MDuCmCRc.mft (raw, json) Hash identifier: uR0KCKvjT+ieSzOcpuTCKE/154HgT2OxAUPCCG8EaI0= Subject key identifier: C2:B0:2E:E1:C7:8E:DA:64:79:DA:E9:3F:61:12:31:06:B7:9F:C9:21 Authority key identifier: 5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17 Certificate issuer: /CN=5c9177b4f54e657e387656e673af8c0ee0a60917 Certificate serial: 019AF389F89906733DE7A6F667A44CC0F283 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft Manifest number: 0309 Signing time: Sat 06 Dec 2025 12:01:36 +0000 Manifest this update: Sat 06 Dec 2025 12:01:36 +0000 Manifest next update: Sun 07 Dec 2025 12:01:36 +0000 Files and hashes: 1: XJF3tPVOZX44dlbmc6-MDuCmCRc.crl (hash: qhcD0ELujapXWqHmxZsohLkFNf0Uu37DsylSTpYqlcM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:f8:99:06:73:3d:e7:a6:f6:67:a4:4c:c0:f2:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c9177b4f54e657e387656e673af8c0ee0a60917 Validity Not Before: Dec 6 12:01:36 2025 GMT Not After : Dec 7 12:01:36 2025 GMT Subject: CN=c2b02ee1c78eda6479dae93f61123106b79fc921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:bc:83:72:dd:ce:86:56:f2:8f:c5:7c:48:b1: 91:c2:87:7e:df:5f:d9:41:d5:4b:81:84:ac:37:fe: ed:6d:86:cc:ac:83:10:95:a4:c0:be:10:7a:a1:14: e9:1b:f5:70:b0:8a:ec:f4:b8:32:59:c1:c7:25:17: 4e:56:82:0c:54:47:59:3a:67:b7:a8:d7:fb:45:8e: c3:d4:af:e9:96:78:17:e6:b3:ba:60:39:48:c3:61: 91:aa:3c:7a:1f:10:d5:38:92:59:bb:73:a1:28:e0: 22:b6:6a:db:c5:ae:21:ae:54:ec:db:30:25:49:44: 11:2f:6b:a3:fa:19:20:e5:71:cb:e3:dd:fe:e8:6f: 6e:d9:d3:b4:87:a8:81:4a:ed:9d:3d:f2:c9:08:d0: 87:6b:f3:61:81:a3:7e:82:82:0f:48:53:8a:70:50: 77:ca:41:a7:b9:58:63:4a:13:07:3a:9f:e9:3f:f3: 9e:50:1c:d7:7e:6f:ec:ec:e2:58:11:18:27:c1:e0: 52:c2:b0:7b:7c:6e:bd:1e:19:1e:a6:3d:5c:ee:02: 9e:e8:3d:4e:66:91:06:b8:bd:9d:ff:b2:79:f7:70: 04:28:1a:d2:54:3e:42:66:94:71:75:67:a2:20:d4: 08:7e:d6:f9:69:c3:df:60:13:9e:91:4c:d9:f3:91: 5c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:B0:2E:E1:C7:8E:DA:64:79:DA:E9:3F:61:12:31:06:B7:9F:C9:21 X509v3 Authority Key Identifier: keyid:5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:80:75:fc:cf:4a:aa:71:fe:31:5b:4e:df:51:0f:97:98:d9: 5e:29:f4:85:fa:96:58:a8:67:3c:2b:82:a4:05:1b:22:44:1a: ec:97:7b:a3:d6:0b:44:14:f2:e4:bd:8a:c1:31:14:01:ab:c8: c6:ef:a0:6d:44:4e:b0:76:e2:68:94:ec:c3:e1:1c:2c:fb:49: c9:8a:3c:cb:35:70:d9:fc:04:b1:37:f8:6f:f8:de:9f:c9:0f: 84:62:ee:07:4a:33:d9:6e:aa:80:16:a1:3e:75:fa:36:06:1f: 00:10:d3:52:78:6b:e5:c9:be:f2:21:e5:94:99:32:20:f4:a5: 6c:d6:7a:85:3c:dc:ef:fc:06:4d:5f:01:ed:71:68:06:bb:bc: 1c:db:6a:fb:28:03:5a:1d:c7:92:df:e7:d9:d8:12:f7:d4:2f: 6d:a5:d3:ef:4b:14:8c:62:9e:89:4f:ab:26:83:78:5c:50:58: 1d:2f:b4:00:fb:93:cf:5b:30:88:ce:92:2b:54:6a:31:a2:43: 46:97:a0:3c:70:c1:13:46:72:b6:78:03:fb:87:40:44:bc:11: 08:9f:8e:36:1b:18:90:81:9e:f5:96:e0:fd:b2:70:ea:ed:9d: 99:c2:0f:96:54:a8:78:95:2b:ac:2d:c8:5c:4a:99:67:a9:82: 8d:74:fe:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzifiZBnM956b2Z6RMwPKDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjOTE3N2I0ZjU0ZTY1N2UzODc2NTZlNjczYWY4YzBlZTBh NjA5MTcwHhcNMjUxMjA2MTIwMTM2WhcNMjUxMjA3MTIwMTM2WjAzMTEwLwYDVQQD EyhjMmIwMmVlMWM3OGVkYTY0NzlkYWU5M2Y2MTEyMzEwNmI3OWZjOTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ryDct3Ohlbyj8V8SLGRwod+31/Z QdVLgYSsN/7tbYbMrIMQlaTAvhB6oRTpG/VwsIrs9LgyWcHHJRdOVoIMVEdZOme3 qNf7RY7D1K/plngX5rO6YDlIw2GRqjx6HxDVOJJZu3OhKOAitmrbxa4hrlTs2zAl SUQRL2uj+hkg5XHL493+6G9u2dO0h6iBSu2dPfLJCNCHa/NhgaN+goIPSFOKcFB3 ykGnuVhjShMHOp/pP/OeUBzXfm/s7OJYERgnweBSwrB7fG69Hhkepj1c7gKe6D1O ZpEGuL2d/7J593AEKBrSVD5CZpRxdWeiINQIftb5acPfYBOekUzZ85Fc/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMKwLuHHjtpkedrpP2ESMQa3n8khMB8GA1UdIwQY MBaAFFyRd7T1TmV+OHZW5nOvjA7gpgkXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2It NmRjMzY5ZGZmNTNmLzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2ItNmRjMzY5ZGZmNTNm LzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYB1/M9K qnH+MVtO31EPl5jZXin0hfqWWKhnPCuCpAUbIkQa7Jd7o9YLRBTy5L2KwTEUAavI xu+gbUROsHbiaJTsw+EcLPtJyYo8yzVw2fwEsTf4b/jen8kPhGLuB0oz2W6qgBah PnX6NgYfABDTUnhr5cm+8iHllJkyIPSlbNZ6hTzc7/wGTV8B7XFoBru8HNtq+ygD Wh3Hkt/n2dgS99QvbaXT70sUjGKeiU+rJoN4XFBYHS+0APuTz1swiM6SK1RqMaJD RpegPHDBE0ZytngD+4dARLwRCJ+ONhsYkIGe9Zbg/bJw6u2dmcIPllSoeJUrrC3I XEqZZ6mCjXT+VQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:55:31 2025 by rpki-client