This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft File: kXWIXPl40u9mE3YhRTC57WjFtFg.mft (raw, json) Hash identifier: m0wRxSnYVclI0hMg0vWnL1aNwc+orK9BADeEMmdl85Q= Subject key identifier: ED:12:12:49:72:94:98:23:01:04:AA:9A:43:B2:7B:C8:7F:57:8F:D1 Authority key identifier: 91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58 Certificate issuer: /CN=9175885cf978d2ef661376214530b9ed68c5b458 Certificate serial: 019AF12E5403945FCBB2A78E6520119129AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft Manifest number: 0A7E Signing time: Sat 06 Dec 2025 01:02:16 +0000 Manifest this update: Sat 06 Dec 2025 01:02:16 +0000 Manifest next update: Sun 07 Dec 2025 01:02:16 +0000 Files and hashes: 1: kXWIXPl40u9mE3YhRTC57WjFtFg.crl (hash: x1SO/CDXFGNImTSn1y/XfoIIWSKEY/AIms+vew/v/OI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:54:03:94:5f:cb:b2:a7:8e:65:20:11:91:29:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9175885cf978d2ef661376214530b9ed68c5b458 Validity Not Before: Dec 6 01:02:16 2025 GMT Not After : Dec 7 01:02:16 2025 GMT Subject: CN=ed121249729498230104aa9a43b27bc87f578fd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:20:47:9c:ed:11:ff:2b:8c:c4:d0:1c:ef:ae: 09:59:2a:e6:df:04:5b:10:a4:a1:d6:0a:db:d8:a9: 56:0c:47:09:19:1a:78:39:6c:c9:1c:b3:2e:77:98: 29:cc:cc:2e:8f:5e:71:2b:5a:87:86:cd:02:e9:a5: ec:2e:00:ed:10:89:b6:55:21:01:fa:cd:7c:60:44: bd:a3:63:45:34:07:1d:ba:bc:44:a3:b0:20:98:bb: fb:3e:49:b0:6c:39:df:1c:b5:a8:98:40:1a:83:ba: d7:45:67:39:73:c7:2d:b1:a7:46:5c:8c:ee:69:2d: 2b:99:38:b0:09:51:9c:a0:c3:a6:14:01:bb:ed:7f: a4:39:c2:cb:99:21:4a:a3:f8:66:9b:3d:7b:71:63: 9e:f8:28:36:01:6b:67:a2:5e:2d:c4:76:b6:f9:98: a3:72:63:b0:27:e0:71:67:33:87:04:1b:60:2a:1c: 93:b8:f0:a5:34:2c:3d:50:4b:05:ba:ed:26:07:97: dd:1c:75:ae:d3:56:55:7c:77:8a:cf:8b:d3:29:48: 89:bb:1c:a7:53:c0:8f:3e:1b:a8:68:ff:6e:b6:3d: e5:e1:0d:94:6e:c7:1d:0a:c9:29:14:c0:88:0c:c8: 02:e4:b5:08:a5:10:a2:84:f2:fc:9e:a6:4c:81:d9: 58:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:12:12:49:72:94:98:23:01:04:AA:9A:43:B2:7B:C8:7F:57:8F:D1 X509v3 Authority Key Identifier: keyid:91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:09:70:89:39:8f:3a:2f:56:a2:26:44:98:d3:2f:89:95:38: 9f:a2:4f:a8:4c:b3:9c:29:a8:df:33:0c:03:76:b4:33:ac:21: 49:11:bf:5d:72:a9:b9:9d:4a:ae:1b:2f:9c:71:e1:89:70:08: e0:6a:36:e1:a2:d0:ba:7c:f6:ee:41:98:38:1b:c6:d2:4f:92: 8d:ef:97:ac:07:de:dc:a5:29:af:1d:79:fb:2e:f9:ea:50:26: 8a:09:0d:35:8e:03:ad:f5:e0:79:4b:ff:e7:8c:88:8a:e6:b9: 58:75:b7:08:64:79:4c:7a:76:aa:2a:62:e5:8b:bb:25:83:19: 7c:54:6d:c1:f9:14:5a:74:53:50:28:f0:39:56:89:41:87:ec: 65:ce:a8:2e:42:02:93:e6:5c:37:d1:8d:fa:4c:3f:9e:68:2d: 76:17:13:5f:35:24:38:0e:3b:a6:65:ac:15:ca:f8:7a:44:6d: 6e:94:22:44:bc:20:9e:4e:68:33:86:85:23:f7:b5:63:09:d7: c0:5c:25:55:87:a7:28:48:62:87:5d:58:dc:0c:d0:50:76:0a: 70:ed:ed:03:9e:60:67:6d:00:b0:a4:ed:3d:f8:e9:33:0e:ea: 84:ea:34:6c:f9:c1:fb:c6:84:37:66:b6:a9:a7:19:43:be:ca: 8b:99:39:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLlQDlF/LsqeOZSARkSmuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNzU4ODVjZjk3OGQyZWY2NjEzNzYyMTQ1MzBiOWVkNjhj NWI0NTgwHhcNMjUxMjA2MDEwMjE2WhcNMjUxMjA3MDEwMjE2WjAzMTEwLwYDVQQD EyhlZDEyMTI0OTcyOTQ5ODIzMDEwNGFhOWE0M2IyN2JjODdmNTc4ZmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyBHnO0R/yuMxNAc764JWSrm3wRb EKSh1grb2KlWDEcJGRp4OWzJHLMud5gpzMwuj15xK1qHhs0C6aXsLgDtEIm2VSEB +s18YES9o2NFNAcdurxEo7AgmLv7PkmwbDnfHLWomEAag7rXRWc5c8ctsadGXIzu aS0rmTiwCVGcoMOmFAG77X+kOcLLmSFKo/hmmz17cWOe+Cg2AWtnol4txHa2+Zij cmOwJ+BxZzOHBBtgKhyTuPClNCw9UEsFuu0mB5fdHHWu01ZVfHeKz4vTKUiJuxyn U8CPPhuoaP9utj3l4Q2UbscdCskpFMCIDMgC5LUIpRCihPL8nqZMgdlYTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO0SEklylJgjAQSqmkOye8h/V4/RMB8GA1UdIwQY MBaAFJF1iFz5eNLvZhN2IUUwue1oxbRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQt MWI5NTgxOWNmYzljLzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQtMWI5NTgxOWNmYzlj LzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQlwiTmP Oi9WoiZEmNMviZU4n6JPqEyznCmo3zMMA3a0M6whSRG/XXKpuZ1KrhsvnHHhiXAI 4Go24aLQunz27kGYOBvG0k+Sje+XrAfe3KUprx15+y756lAmigkNNY4DrfXgeUv/ 54yIiua5WHW3CGR5THp2qipi5Yu7JYMZfFRtwfkUWnRTUCjwOVaJQYfsZc6oLkIC k+ZcN9GN+kw/nmgtdhcTXzUkOA47pmWsFcr4ekRtbpQiRLwgnk5oM4aFI/e1YwnX wFwlVYenKEhih11Y3AzQUHYKcO3tA55gZ20AsKTtPfjpMw7qhOo0bPnB+8aEN2a2 qacZQ77Ki5k5Wg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:34 2025 by rpki-client