This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft File: Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json) Hash identifier: IR1N1kxACTvuAD0JxRpFdWlmAjgw5T8Gj3ZjWhMjzEs= Subject key identifier: C1:06:23:FD:7F:70:09:5F:32:B2:94:65:85:CF:BB:C9:C4:DD:18:30 Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B Certificate issuer: /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Certificate serial: 019AF509AC9CE7F36B28BAF71AAC050FE936 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft Manifest number: 01FC Signing time: Sat 06 Dec 2025 19:00:43 +0000 Manifest this update: Sat 06 Dec 2025 19:00:43 +0000 Manifest next update: Sun 07 Dec 2025 19:00:43 +0000 Files and hashes: 1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: XPvW/83LLjyB2kxpTYJ1/Eq24GdVLnyrLP73UWTlvtw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:ac:9c:e7:f3:6b:28:ba:f7:1a:ac:05:0f:e9:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Validity Not Before: Dec 6 19:00:43 2025 GMT Not After : Dec 7 19:00:43 2025 GMT Subject: CN=c10623fd7f70095f32b2946585cfbbc9c4dd1830 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:93:a7:77:73:2c:96:77:c3:70:c4:10:d3:a4: 8e:6f:f0:55:4a:ad:f5:b5:b2:9a:5c:94:27:6e:c0: b7:8a:03:6d:e7:17:ca:71:67:22:21:a7:fb:ea:7d: ff:05:f6:4a:91:cd:39:14:b7:53:d1:ae:66:a4:41: a2:77:da:99:44:c1:33:bf:95:08:06:b4:90:1c:b2: c9:63:e8:7d:61:85:3f:c0:08:7b:b5:ed:39:4c:ce: 9b:98:77:24:b5:6d:d0:42:de:de:85:32:05:19:fa: ca:d5:f6:6f:61:45:e5:54:d3:d9:91:95:b4:00:3d: df:3f:d3:82:ab:28:e8:af:d8:55:c2:b5:53:54:af: 92:b5:9f:9c:42:89:c3:1d:eb:73:b0:29:44:23:5e: 70:2c:18:ed:0b:8b:58:5a:67:c9:46:7e:65:d1:db: 06:e5:03:c6:68:2d:3c:b3:01:97:93:3a:a1:1f:e3: ac:46:b1:03:56:a7:f8:9d:fd:a0:50:7e:c6:45:f5: b8:49:d0:5b:51:77:44:5a:ce:94:5d:41:79:18:24: 03:49:22:f7:d9:5a:2d:59:eb:46:4f:2b:00:45:43: d7:86:78:fe:2e:cd:84:0f:bb:0b:b5:11:2e:bf:45: 79:10:28:20:cc:88:45:61:6d:63:68:17:b5:7c:c2: 4e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:06:23:FD:7F:70:09:5F:32:B2:94:65:85:CF:BB:C9:C4:DD:18:30 X509v3 Authority Key Identifier: keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:15:ec:19:c8:f9:a1:de:a9:d5:7f:00:af:50:f0:eb:0d:1a: ea:21:b0:33:3b:94:7b:4b:26:72:e8:cb:87:1a:88:79:83:1c: 8b:14:e6:5b:ed:7c:07:0b:82:10:b0:05:00:e1:00:13:a7:4f: af:1c:31:85:ec:88:68:b2:c3:bb:56:b6:e9:d9:38:ef:16:75: eb:ce:10:86:5e:8c:2c:f1:59:29:56:bc:a4:e8:20:26:df:f0: c3:8a:6e:f0:8a:a8:7f:e4:e9:3c:cd:e6:35:bd:4a:6e:3d:2b: 88:51:97:bc:15:45:9c:3f:47:52:94:16:26:29:2d:8b:ae:b6: 66:54:9c:d6:ff:dc:3a:a8:d5:fb:3e:65:92:17:26:68:08:3c: a9:bc:c1:44:dc:e3:9a:8b:80:09:a2:a1:a5:6e:d1:a7:42:64: d1:fb:cc:2a:a3:8e:14:c3:49:c0:71:49:52:0a:51:91:d7:0e: 9c:5d:71:b6:fc:4d:2c:c9:7d:56:b1:ca:0d:a9:db:9c:06:77: fc:83:74:d4:77:05:ab:9b:22:be:a7:47:c7:0b:f9:1f:62:56: 96:13:ba:a2:0a:ea:d6:d8:a4:66:8e:88:d2:35:0a:8a:91:c1: 40:f5:db:ce:c2:30:57:9c:fd:0d:cf:70:a2:da:dd:6d:76:94: c9:03:1f:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cayc5/NrKLr3GqwFD+k2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl YzNiNWIwHhcNMjUxMjA2MTkwMDQzWhcNMjUxMjA3MTkwMDQzWjAzMTEwLwYDVQQD EyhjMTA2MjNmZDdmNzAwOTVmMzJiMjk0NjU4NWNmYmJjOWM0ZGQxODMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZOnd3MslnfDcMQQ06SOb/BVSq31 tbKaXJQnbsC3igNt5xfKcWciIaf76n3/BfZKkc05FLdT0a5mpEGid9qZRMEzv5UI BrSQHLLJY+h9YYU/wAh7te05TM6bmHcktW3QQt7ehTIFGfrK1fZvYUXlVNPZkZW0 AD3fP9OCqyjor9hVwrVTVK+StZ+cQonDHetzsClEI15wLBjtC4tYWmfJRn5l0dsG 5QPGaC08swGXkzqhH+OsRrEDVqf4nf2gUH7GRfW4SdBbUXdEWs6UXUF5GCQDSSL3 2VotWetGTysARUPXhnj+Ls2ED7sLtREuv0V5ECggzIhFYW1jaBe1fMJOkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMEGI/1/cAlfMrKUZYXPu8nE3RgwMB8GA1UdIwQY MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApxXsGcj5 od6p1X8Ar1Dw6w0a6iGwMzuUe0smcujLhxqIeYMcixTmW+18BwuCELAFAOEAE6dP rxwxheyIaLLDu1a26dk47xZ1684Qhl6MLPFZKVa8pOggJt/ww4pu8Iqof+TpPM3m Nb1Kbj0riFGXvBVFnD9HUpQWJikti662ZlSc1v/cOqjV+z5lkhcmaAg8qbzBRNzj mouACaKhpW7Rp0Jk0fvMKqOOFMNJwHFJUgpRkdcOnF1xtvxNLMl9VrHKDanbnAZ3 /IN01HcFq5sivqdHxwv5H2JWlhO6ogrq1tikZo6I0jUKipHBQPXbzsIwV5z9Dc9w otrdbXaUyQMfHw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:58:43 2025 by rpki-client