This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft File: _XBhwg1PCXYTrAMTI3pt8rsstdw.mft (raw, json) Hash identifier: ohexs5sZU6eHC+ewKp7KrELV8TJs847+4zmCHmGGP4U= Subject key identifier: 90:9E:C2:37:75:25:31:5B:A0:AB:07:6E:F0:84:07:FA:66:24:8C:CF Authority key identifier: FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC Certificate issuer: /CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc Certificate serial: 019AF1D191FA33E86DF46391B7E4B69C2CD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft Manifest number: 02F7 Signing time: Sat 06 Dec 2025 04:00:34 +0000 Manifest this update: Sat 06 Dec 2025 04:00:34 +0000 Manifest next update: Sun 07 Dec 2025 04:00:34 +0000 Files and hashes: 1: _XBhwg1PCXYTrAMTI3pt8rsstdw.crl (hash: 6FxRFOBOuSi1jeBF16A4P4NZQ4kOhqSQ+CBZo5zCmPc=) 2: bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa (hash: u3cvjQO/JSlrsYEw7MORRhOpl1pZlSv4+pYCjFsW1wU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:91:fa:33:e8:6d:f4:63:91:b7:e4:b6:9c:2c:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc Validity Not Before: Dec 6 04:00:34 2025 GMT Not After : Dec 7 04:00:34 2025 GMT Subject: CN=909ec2377525315ba0ab076ef08407fa66248ccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:56:70:c4:b9:04:6b:b5:44:be:6d:8b:1e:a6: 69:b6:be:c9:63:83:04:ed:46:3c:31:77:1d:40:d4: a8:b5:93:72:e1:89:a7:18:a7:12:d8:61:2d:7b:f5: f0:b0:7e:d0:d1:23:07:33:de:75:73:7a:33:5e:77: 1c:3e:fe:6e:10:86:7a:27:5b:bb:c3:be:75:b4:51: 09:3b:23:a8:99:46:4d:de:00:a7:61:a5:c1:fd:a3: c9:62:30:42:6d:65:b0:66:51:67:18:6f:f6:87:ec: 04:6a:c2:43:db:70:8d:53:d7:03:77:3a:2c:7c:3e: fb:19:3d:4e:3c:a5:ea:fa:d7:5e:6e:80:8c:2f:1d: b5:39:43:f6:27:ad:d1:43:52:f6:ab:7c:55:39:54: 95:39:69:b6:59:ec:cb:c4:95:79:8e:4e:36:ab:e8: da:db:b8:18:47:27:66:09:ab:5d:ee:20:94:96:64: 7f:4d:76:00:f0:8d:b3:93:9e:cb:d9:e8:60:00:24: 94:12:9c:5a:7f:77:ed:39:3a:45:5f:8f:96:66:f9: 3a:3e:be:1f:51:4b:d1:71:d8:f0:54:07:f9:13:a3: 6d:e7:f5:d7:12:ce:f9:f0:f3:78:d3:21:b5:d0:dd: c9:46:58:7c:d7:28:c2:fd:a2:86:73:24:bc:93:c3: 45:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:9E:C2:37:75:25:31:5B:A0:AB:07:6E:F0:84:07:FA:66:24:8C:CF X509v3 Authority Key Identifier: keyid:FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:92:6b:e3:bf:41:ed:c7:d2:ef:3d:c3:58:d6:2b:21:55:3f: c5:9a:94:b1:1d:1c:bd:6c:ef:f4:e9:50:5e:ef:9d:99:4f:9a: f4:62:31:94:95:b1:b9:8d:78:83:e2:81:d4:f3:cc:7d:df:12: d0:a4:09:75:3d:d5:c3:db:d5:06:4b:53:fd:6d:70:ab:84:b9: 6e:dc:b8:35:b8:6e:95:38:ae:07:ea:5e:dc:19:34:4c:a0:20: dc:14:e9:72:9a:e7:00:e4:ea:85:02:a3:77:d1:93:af:6b:89: 37:cd:e6:18:6f:e8:fb:47:a4:76:db:67:85:46:11:44:d4:b5: 20:f5:e1:a6:2e:e7:7b:64:b0:4d:1e:9f:7b:3e:ad:71:26:48: b5:2a:64:d9:e4:9c:7f:4e:82:90:59:40:ef:79:16:fd:4c:7a: 6e:2f:7a:a6:32:cd:03:dc:83:3b:89:05:dc:db:58:36:e7:7c: f1:70:9d:f8:22:73:2a:fa:97:f6:26:ea:29:a9:a9:2d:76:28: d9:29:6b:e9:22:c8:d0:30:b8:8b:16:89:5c:fa:76:fc:1d:5d: 47:e3:25:28:53:29:b7:d0:c8:8c:22:be:3f:28:b9:a2:4e:2b: eb:02:d2:78:b6:10:bf:18:93:12:0c:4c:07:b9:da:67:38:fd: 1a:1c:9e:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ZH6M+ht9GORt+S2nCzXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzA2MWMyMGQ0ZjA5NzYxM2FjMDMxMzIzN2E2ZGYyYmIy Y2I1ZGMwHhcNMjUxMjA2MDQwMDM0WhcNMjUxMjA3MDQwMDM0WjAzMTEwLwYDVQQD Eyg5MDllYzIzNzc1MjUzMTViYTBhYjA3NmVmMDg0MDdmYTY2MjQ4Y2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ZwxLkEa7VEvm2LHqZptr7JY4ME 7UY8MXcdQNSotZNy4YmnGKcS2GEte/XwsH7Q0SMHM951c3ozXnccPv5uEIZ6J1u7 w751tFEJOyOomUZN3gCnYaXB/aPJYjBCbWWwZlFnGG/2h+wEasJD23CNU9cDdzos fD77GT1OPKXq+tdeboCMLx21OUP2J63RQ1L2q3xVOVSVOWm2WezLxJV5jk42q+ja 27gYRydmCatd7iCUlmR/TXYA8I2zk57L2ehgACSUEpxaf3ftOTpFX4+WZvk6Pr4f UUvRcdjwVAf5E6Nt5/XXEs758PN40yG10N3JRlh81yjC/aKGcyS8k8NF2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJCewjd1JTFboKsHbvCEB/pmJIzPMB8GA1UdIwQY MBaAFP1wYcINTwl2E6wDEyN6bfK7LLXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEt YTIwMTk5ODgzMzBmLzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEtYTIwMTk5ODgzMzBm LzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAepJr479B 7cfS7z3DWNYrIVU/xZqUsR0cvWzv9OlQXu+dmU+a9GIxlJWxuY14g+KB1PPMfd8S 0KQJdT3Vw9vVBktT/W1wq4S5bty4NbhulTiuB+pe3Bk0TKAg3BTpcprnAOTqhQKj d9GTr2uJN83mGG/o+0ekdttnhUYRRNS1IPXhpi7ne2SwTR6fez6tcSZItSpk2eSc f06CkFlA73kW/Ux6bi96pjLNA9yDO4kF3NtYNud88XCd+CJzKvqX9ibqKampLXYo 2Slr6SLI0DC4ixaJXPp2/B1dR+MlKFMpt9DIjCK+Pyi5ok4r6wLSeLYQvxiTEgxM B7naZzj9GhyeQg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:44:14 2025 by rpki-client