This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft File: XlTVGjJHsX9vlqDM4lMBktyfdCI.mft (raw, json) Hash identifier: fppAfsB4JYIFGHWWEs79Cn7eEw/BnFqiGaBIU36Se2E= Subject key identifier: 9C:F1:E6:63:D7:FB:2E:DD:94:99:49:E1:57:58:CC:7C:82:7F:59:D6 Authority key identifier: 5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22 Certificate issuer: /CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422 Certificate serial: 019B31559E814741C558B01DD884A3014597 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft Manifest number: 0753 Signing time: Thu 18 Dec 2025 12:00:53 +0000 Manifest this update: Thu 18 Dec 2025 12:00:53 +0000 Manifest next update: Fri 19 Dec 2025 12:00:53 +0000 Files and hashes: 1: XlTVGjJHsX9vlqDM4lMBktyfdCI.crl (hash: 2iJ0u1qD35lZFQ/bnHNpheVOLmNnrg7/p6KPjKOFakE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 12:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:55:9e:81:47:41:c5:58:b0:1d:d8:84:a3:01:45:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422 Validity Not Before: Dec 18 12:00:53 2025 GMT Not After : Dec 19 12:00:53 2025 GMT Subject: CN=9cf1e663d7fb2edd949949e15758cc7c827f59d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:71:af:78:a6:6c:c0:44:52:dc:7b:ea:1d:76: 48:3d:56:b3:66:29:a5:86:6a:0b:b4:ee:ce:a8:b3: be:5d:c9:95:ca:e1:77:14:b7:f1:ce:e5:25:32:3e: 06:6b:4a:40:e8:25:ed:49:df:03:30:a2:02:65:2b: c3:b1:28:40:dc:d0:98:09:55:ee:f8:16:67:60:49: 92:46:0b:ab:ee:49:36:2c:e9:94:9a:32:5a:1a:30: 60:dc:e7:2e:ab:4d:f2:a5:f3:3b:70:0e:56:a1:3d: c9:54:33:85:d3:e5:7b:bd:fd:7d:cd:62:36:fa:06: 5f:d9:5c:ed:96:cf:20:1b:c4:18:92:50:cc:91:5a: 28:7f:5d:4e:38:9c:f3:a4:84:94:b1:b1:0c:1b:29: 9d:84:57:b0:7f:59:f2:bc:41:bf:c3:42:a1:aa:3a: b6:1e:a1:3e:79:17:c4:14:e3:07:63:f7:d1:35:25: c2:97:3e:3b:c3:c5:8d:51:75:79:7e:af:9a:ec:ea: e2:6f:c2:7e:96:ae:25:bd:b3:db:20:e5:e0:0e:bf: b5:02:a4:8a:05:93:14:e3:39:fe:39:f4:81:c2:96: 2b:0d:29:21:9d:2a:d8:4c:4c:94:9d:40:1a:7e:94: 95:fc:a1:79:05:36:d9:90:2d:06:1b:d2:4e:09:1e: c3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:F1:E6:63:D7:FB:2E:DD:94:99:49:E1:57:58:CC:7C:82:7F:59:D6 X509v3 Authority Key Identifier: keyid:5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:99:e1:77:7a:a0:73:76:9a:0e:4d:b5:8b:c0:78:2b:94:1d: c9:3b:d2:c7:7b:69:70:39:a9:00:2f:5f:c7:79:1b:fb:42:08: 17:59:55:84:5f:14:54:0f:2f:69:a2:e1:84:ae:e7:5a:f0:66: f0:ee:4e:13:5e:76:0c:73:2f:d1:d2:05:7e:a0:c3:d7:82:9d: 48:20:5c:b0:5d:33:aa:f5:8c:ca:38:c8:c7:64:63:93:36:4f: 6b:6f:9c:a2:f2:f5:b3:88:32:ba:79:4d:33:31:dc:b3:3f:fe: 97:9b:9e:a2:56:54:6a:da:75:f4:83:95:84:19:41:ea:50:88: 19:5e:9e:62:50:bd:c2:3e:00:9b:ed:ba:c7:34:83:ce:02:67: 05:7d:61:b7:58:66:e3:2b:7a:0a:47:5b:e2:b3:d1:2a:b2:12: 98:d7:c2:4b:65:34:3e:0f:9f:80:0b:1a:48:b6:2a:6f:e5:36: a0:93:2c:6f:17:1c:13:6b:f9:6d:29:f7:f0:26:3d:44:43:38: 27:59:65:9c:c7:61:f3:68:c6:79:9c:55:e6:ff:62:c2:16:ae: 12:09:0d:ac:43:b2:53:e0:e3:05:31:1b:45:c4:94:8c:78:53: 06:51:27:8f:6e:35:5a:86:e9:c6:5b:1a:23:08:f4:7b:0d:69: 00:93:29:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxVZ6BR0HFWLAd2ISjAUWXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNTRkNTFhMzI0N2IxN2Y2Zjk2YTBjY2UyNTMwMTkyZGM5 Zjc0MjIwHhcNMjUxMjE4MTIwMDUzWhcNMjUxMjE5MTIwMDUzWjAzMTEwLwYDVQQD Eyg5Y2YxZTY2M2Q3ZmIyZWRkOTQ5OTQ5ZTE1NzU4Y2M3YzgyN2Y1OWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3GveKZswERS3HvqHXZIPVazZiml hmoLtO7OqLO+XcmVyuF3FLfxzuUlMj4Ga0pA6CXtSd8DMKICZSvDsShA3NCYCVXu +BZnYEmSRgur7kk2LOmUmjJaGjBg3Ocuq03ypfM7cA5WoT3JVDOF0+V7vf19zWI2 +gZf2Vztls8gG8QYklDMkVoof11OOJzzpISUsbEMGymdhFewf1nyvEG/w0Khqjq2 HqE+eRfEFOMHY/fRNSXClz47w8WNUXV5fq+a7Orib8J+lq4lvbPbIOXgDr+1AqSK BZMU4zn+OfSBwpYrDSkhnSrYTEyUnUAafpSV/KF5BTbZkC0GG9JOCR7DPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJzx5mPX+y7dlJlJ4VdYzHyCf1nWMB8GA1UdIwQY MBaAFF5U1RoyR7F/b5agzOJTAZLcn3QiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMt NzJlMWZjNGEzMDZlLzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMtNzJlMWZjNGEzMDZl LzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJnhd3qg c3aaDk21i8B4K5QdyTvSx3tpcDmpAC9fx3kb+0IIF1lVhF8UVA8vaaLhhK7nWvBm 8O5OE152DHMv0dIFfqDD14KdSCBcsF0zqvWMyjjIx2RjkzZPa2+covL1s4gyunlN MzHcsz/+l5ueolZUatp19IOVhBlB6lCIGV6eYlC9wj4Am+26xzSDzgJnBX1ht1hm 4yt6Ckdb4rPRKrISmNfCS2U0Pg+fgAsaSLYqb+U2oJMsbxccE2v5bSn38CY9REM4 J1llnMdh82jGeZxV5v9iwhauEgkNrEOyU+DjBTEbRcSUjHhTBlEnj241Wobpxlsa Iwj0ew1pAJMpYw== -----END CERTIFICATE-----Generated at Thu Dec 18 15:26:55 2025 by rpki-client