This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft File: _XBhwg1PCXYTrAMTI3pt8rsstdw.mft (raw, json) Hash identifier: C8WcLQ7DiNgJiRkjx01cixR5hk9ROO/YzHswFNbIhmU= Subject key identifier: 29:0B:3D:A1:DE:11:3C:31:D8:AA:8E:A8:9B:1C:2E:A6:5F:D4:2D:44 Authority key identifier: FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC Certificate issuer: /CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc Certificate serial: 019B2407AA94215E439A662647632C34A7DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft Manifest number: 0311 Signing time: Mon 15 Dec 2025 22:00:40 +0000 Manifest this update: Mon 15 Dec 2025 22:00:40 +0000 Manifest next update: Tue 16 Dec 2025 22:00:40 +0000 Files and hashes: 1: _XBhwg1PCXYTrAMTI3pt8rsstdw.crl (hash: VP9ec0PhNeKmUp7NXTgnTwEYRztbJNtkB4ymlfRYU1o=) 2: bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa (hash: u3cvjQO/JSlrsYEw7MORRhOpl1pZlSv4+pYCjFsW1wU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:07:aa:94:21:5e:43:9a:66:26:47:63:2c:34:a7:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc Validity Not Before: Dec 15 22:00:40 2025 GMT Not After : Dec 16 22:00:40 2025 GMT Subject: CN=290b3da1de113c31d8aa8ea89b1c2ea65fd42d44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:75:f0:a2:a2:cd:d3:6e:60:52:66:8f:50:da: 9e:dc:e3:6f:9a:c9:4e:7e:00:db:7b:40:0c:27:42: 3e:35:3c:10:d8:57:6a:a9:14:a4:8a:d2:63:fa:c0: f0:7f:b4:53:69:33:fd:38:c8:6a:e0:06:02:9d:42: 83:ba:58:fe:33:9c:a5:c6:c0:43:e4:96:a5:10:48: b2:af:64:a0:15:82:bc:8b:6a:63:6d:f9:e6:36:63: 81:54:4c:2a:ec:89:5c:df:a8:07:92:63:bd:1f:b7: 76:85:6b:30:68:4b:29:f1:f9:12:a1:5c:f6:78:a5: 62:11:8f:3c:45:88:cc:b7:0f:3f:7c:62:a4:95:d8: 5d:fb:a2:98:a6:bd:85:ef:2d:42:0e:cc:de:07:b3: 64:f9:c8:18:75:7e:b9:89:b7:59:08:d1:16:cc:25: 32:7c:40:38:0c:bc:0f:3b:f6:98:ab:84:38:9a:d4: 9a:6b:89:16:39:89:e5:cc:fb:1c:b3:ae:38:f7:bc: e8:3e:43:91:4c:21:3d:7b:69:af:15:3e:94:9e:1e: ef:26:db:d0:ff:15:d1:b0:07:d3:7a:e8:b0:46:33: 0c:20:0a:e8:fa:b3:e1:75:e8:8d:27:35:15:ce:e4: 66:ca:e7:dd:49:01:4c:af:9c:2f:64:2c:d2:29:2e: be:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0B:3D:A1:DE:11:3C:31:D8:AA:8E:A8:9B:1C:2E:A6:5F:D4:2D:44 X509v3 Authority Key Identifier: keyid:FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d7:1b:a1:db:c9:88:54:9e:15:50:5d:60:a8:0a:e9:be:53:fe: 7c:c3:34:8a:f3:3f:52:2a:74:67:db:b3:99:8a:28:f3:cc:f8: 20:f6:60:e8:21:b5:73:58:d3:71:e5:cb:b9:02:d9:90:fb:4e: 5c:10:53:d0:60:85:8a:eb:cb:da:d6:18:26:26:da:af:c4:fe: c3:aa:99:69:a7:8f:23:95:38:1e:59:6d:e5:87:7a:f0:f4:69: 14:ee:a1:a7:44:28:33:e9:ff:1a:98:bf:1d:26:5f:3c:ba:f0: ef:da:e8:c8:f7:15:11:1c:e8:11:fd:88:64:a5:fe:84:b6:27: 15:2d:ee:4f:c7:8c:64:85:d0:dd:99:9c:c2:b4:7f:2e:fb:fe: 92:93:c4:46:b4:4e:22:ee:2c:89:7c:1d:d9:a0:5d:44:61:8a: e7:5a:10:3a:46:24:b2:df:45:97:dc:23:1f:d7:8a:e2:d5:3e: f5:4a:de:4b:ba:8b:6b:1f:a3:b6:14:af:fb:bc:d8:26:f3:76: 11:c7:3c:f4:49:30:81:4c:c4:51:3f:63:37:4d:9a:1d:e2:3c: 31:69:13:15:0f:b8:a1:4c:41:93:e0:d1:26:87:3a:51:f0:c0: 8f:35:41:d1:1c:0d:e7:77:54:71:fa:1a:f9:e6:a9:85:46:ce: 68:75:f3:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskB6qUIV5DmmYmR2MsNKfdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzA2MWMyMGQ0ZjA5NzYxM2FjMDMxMzIzN2E2ZGYyYmIy Y2I1ZGMwHhcNMjUxMjE1MjIwMDQwWhcNMjUxMjE2MjIwMDQwWjAzMTEwLwYDVQQD EygyOTBiM2RhMWRlMTEzYzMxZDhhYThlYTg5YjFjMmVhNjVmZDQyZDQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3XwoqLN025gUmaPUNqe3ONvmslO fgDbe0AMJ0I+NTwQ2FdqqRSkitJj+sDwf7RTaTP9OMhq4AYCnUKDulj+M5ylxsBD 5JalEEiyr2SgFYK8i2pjbfnmNmOBVEwq7Ilc36gHkmO9H7d2hWswaEsp8fkSoVz2 eKViEY88RYjMtw8/fGKkldhd+6KYpr2F7y1CDszeB7Nk+cgYdX65ibdZCNEWzCUy fEA4DLwPO/aYq4Q4mtSaa4kWOYnlzPscs64497zoPkORTCE9e2mvFT6Unh7vJtvQ /xXRsAfTeuiwRjMMIAro+rPhdeiNJzUVzuRmyufdSQFMr5wvZCzSKS6+hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCkLPaHeETwx2KqOqJscLqZf1C1EMB8GA1UdIwQY MBaAFP1wYcINTwl2E6wDEyN6bfK7LLXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEt YTIwMTk5ODgzMzBmLzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEtYTIwMTk5ODgzMzBm LzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1xuh28mI VJ4VUF1gqArpvlP+fMM0ivM/Uip0Z9uzmYoo88z4IPZg6CG1c1jTceXLuQLZkPtO XBBT0GCFiuvL2tYYJibar8T+w6qZaaePI5U4Hllt5Yd68PRpFO6hp0QoM+n/Gpi/ HSZfPLrw79royPcVERzoEf2IZKX+hLYnFS3uT8eMZIXQ3ZmcwrR/Lvv+kpPERrRO Iu4siXwd2aBdRGGK51oQOkYkst9Fl9wjH9eK4tU+9UreS7qLax+jthSv+7zYJvN2 Ecc89EkwgUzEUT9jN02aHeI8MWkTFQ+4oUxBk+DRJoc6UfDAjzVB0RwN53dUcfoa +eaphUbOaHXzIg== -----END CERTIFICATE-----Generated at Tue Dec 16 00:33:11 2025 by rpki-client