This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft File: XlTVGjJHsX9vlqDM4lMBktyfdCI.mft (raw, json) Hash identifier: 3r69MdelSombnAwi1Rv1qZuZe2SB8Cyu7nkgn0qJC/0= Subject key identifier: FE:DB:21:7B:61:54:F3:FB:AB:A1:C6:DA:F5:00:AD:F2:CD:05:A2:38 Authority key identifier: 5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22 Certificate issuer: /CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422 Certificate serial: 019AF19B1753B3394430750B0B30C1B187E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft Manifest number: 0732 Signing time: Sat 06 Dec 2025 03:01:04 +0000 Manifest this update: Sat 06 Dec 2025 03:01:04 +0000 Manifest next update: Sun 07 Dec 2025 03:01:04 +0000 Files and hashes: 1: XlTVGjJHsX9vlqDM4lMBktyfdCI.crl (hash: OjSyVXpBg+n1wZZqdLV2xYlPMckslEdZ9Z29wyJStvA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:17:53:b3:39:44:30:75:0b:0b:30:c1:b1:87:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422 Validity Not Before: Dec 6 03:01:04 2025 GMT Not After : Dec 7 03:01:04 2025 GMT Subject: CN=fedb217b6154f3fbaba1c6daf500adf2cd05a238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:78:1a:c8:3d:d7:d1:5d:55:b7:0e:65:7c:ec: 2f:72:48:bc:80:ae:d6:28:cd:1f:95:e2:35:a4:b8: e0:44:a7:8e:9a:4e:50:05:72:92:76:1e:2b:b9:b1: 8a:1e:a3:2b:fc:27:a0:11:b6:db:6c:cb:ba:52:23: 79:75:a7:5b:9f:57:32:15:1f:07:99:cb:9e:3e:48: 4e:a1:fa:2f:dc:77:bc:99:62:db:1c:b9:08:0a:28: ec:52:f0:12:b5:c4:fd:87:a4:a4:33:3b:8e:26:c3: c7:62:60:f9:be:1a:bc:aa:2a:00:3d:d6:63:1a:10: 5b:a7:8d:7d:5f:70:2b:e6:11:ef:fd:88:1c:13:fd: 68:24:39:de:73:3d:9d:43:8c:c9:ff:cf:4e:2e:7e: b0:4e:12:da:16:57:e3:eb:9a:ae:cb:d6:d7:44:7a: da:73:6d:33:0a:85:96:30:4f:12:b7:a2:0e:0e:85: 8a:fa:02:6b:43:98:f5:d8:af:3c:68:a2:95:a9:0a: 9f:26:1d:f1:8f:94:24:5a:a3:5c:56:53:0e:c5:b6: a4:83:96:fe:76:8e:42:7b:15:78:47:6a:39:a1:bc: 72:7e:3c:e9:13:ab:62:f5:f7:03:c7:d3:bd:65:96: 14:45:03:0f:ff:c8:a3:ec:4d:52:f7:6e:5e:28:6c: b7:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:DB:21:7B:61:54:F3:FB:AB:A1:C6:DA:F5:00:AD:F2:CD:05:A2:38 X509v3 Authority Key Identifier: keyid:5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:46:b5:79:63:1e:3e:fe:fc:0d:20:72:f1:b3:48:6e:e1:a6: 4e:0a:50:d6:76:da:33:8e:f9:eb:f7:22:f4:2b:49:8d:82:21: 3a:1c:be:e2:f2:b0:8b:0c:00:b1:1a:76:20:da:99:08:6f:89: 24:07:ba:cd:f4:eb:e8:c9:93:05:2f:cc:4b:40:bf:c5:06:76: 2f:2d:be:4c:51:c7:86:9f:e5:e5:31:e0:e7:3d:e3:57:e9:45: 84:ca:70:f7:86:f9:e4:74:70:a3:b1:be:0f:be:87:d2:ef:e7: a9:8c:19:3e:78:47:e5:bb:ab:29:f6:a3:d3:77:1c:65:77:40: df:93:73:6a:81:77:5c:51:7e:ae:95:7d:66:d5:b0:54:cd:e9: e3:4a:ef:1a:36:2d:65:29:ad:66:6f:99:8c:6f:0f:8d:33:6b: af:eb:7d:da:2c:6e:20:4b:dd:56:c3:2e:dd:62:ca:bc:03:e3: 51:1e:8b:83:84:cd:21:3e:54:f3:48:d4:12:10:2e:a0:b1:77: a0:9c:3b:44:e9:19:61:b8:56:ad:38:c3:6d:0b:59:f5:91:66: 06:49:3b:1d:66:eb:29:7d:5a:50:3f:7a:f4:15:80:c3:bf:85: 5b:a9:f5:16:0c:10:7c:52:57:b3:59:f9:89:1c:d5:e6:53:ef: 77:d0:25:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmxdTszlEMHULCzDBsYfhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNTRkNTFhMzI0N2IxN2Y2Zjk2YTBjY2UyNTMwMTkyZGM5 Zjc0MjIwHhcNMjUxMjA2MDMwMTA0WhcNMjUxMjA3MDMwMTA0WjAzMTEwLwYDVQQD EyhmZWRiMjE3YjYxNTRmM2ZiYWJhMWM2ZGFmNTAwYWRmMmNkMDVhMjM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ngayD3X0V1Vtw5lfOwvcki8gK7W KM0fleI1pLjgRKeOmk5QBXKSdh4rubGKHqMr/CegEbbbbMu6UiN5dadbn1cyFR8H mcuePkhOofov3He8mWLbHLkICijsUvAStcT9h6SkMzuOJsPHYmD5vhq8qioAPdZj GhBbp419X3Ar5hHv/YgcE/1oJDnecz2dQ4zJ/89OLn6wThLaFlfj65quy9bXRHra c20zCoWWME8St6IODoWK+gJrQ5j12K88aKKVqQqfJh3xj5QkWqNcVlMOxbakg5b+ do5CexV4R2o5obxyfjzpE6ti9fcDx9O9ZZYURQMP/8ij7E1S925eKGy3iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP7bIXthVPP7q6HG2vUArfLNBaI4MB8GA1UdIwQY MBaAFF5U1RoyR7F/b5agzOJTAZLcn3QiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMt NzJlMWZjNGEzMDZlLzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMtNzJlMWZjNGEzMDZl LzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0a1eWMe Pv78DSBy8bNIbuGmTgpQ1nbaM4756/ci9CtJjYIhOhy+4vKwiwwAsRp2INqZCG+J JAe6zfTr6MmTBS/MS0C/xQZ2Ly2+TFHHhp/l5THg5z3jV+lFhMpw94b55HRwo7G+ D76H0u/nqYwZPnhH5burKfaj03ccZXdA35NzaoF3XFF+rpV9ZtWwVM3p40rvGjYt ZSmtZm+ZjG8PjTNrr+t92ixuIEvdVsMu3WLKvAPjUR6Lg4TNIT5U80jUEhAuoLF3 oJw7ROkZYbhWrTjDbQtZ9ZFmBkk7HWbrKX1aUD969BWAw7+FW6n1FgwQfFJXs1n5 iRzV5lPvd9AlTA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:55 2025 by rpki-client