This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft File: XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json) Hash identifier: Lm0/Z2hdm6q3da2u9q7XyZSkRl14BWywChxHo75JFO4= Subject key identifier: 89:A6:E3:6B:56:0D:8A:AB:F5:AE:94:3C:8E:58:A8:94:C5:6C:FD:76 Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0 Certificate issuer: /CN=5c002c4479bb4c96e2234399ce71f560345299d0 Certificate serial: 019AF31BA1B267D3C811C238215C27DB9262 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft Manifest number: 09F6 Signing time: Sat 06 Dec 2025 10:01:05 +0000 Manifest this update: Sat 06 Dec 2025 10:01:05 +0000 Manifest next update: Sun 07 Dec 2025 10:01:05 +0000 Files and hashes: 1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: wgmr5/2wjxhMcS4EQ6SNXYyk+urb1IssUuIU0O62i7c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:a1:b2:67:d3:c8:11:c2:38:21:5c:27:db:92:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0 Validity Not Before: Dec 6 10:01:05 2025 GMT Not After : Dec 7 10:01:05 2025 GMT Subject: CN=89a6e36b560d8aabf5ae943c8e58a894c56cfd76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:89:d5:8d:6f:0c:21:bc:03:10:fb:18:21:f1: 98:fb:fa:f5:f6:73:a5:f1:c3:70:29:10:48:1c:9d: 4f:0c:81:82:32:c4:03:e0:61:4d:92:53:13:85:0f: 0b:45:fb:55:f9:42:d3:4c:b4:1a:83:49:d8:d0:1f: f3:7f:c1:19:e9:07:62:a1:fd:74:14:d1:83:47:9f: f3:90:a5:cc:de:04:3d:15:ba:1f:08:6c:d3:da:cc: 85:93:3a:3e:0d:aa:d6:b1:6d:19:7d:a2:b2:03:26: 65:76:2c:ec:21:8e:d1:82:58:5c:c7:0e:66:67:ff: a3:44:45:51:2d:3b:04:61:9b:36:b8:45:eb:18:cd: 26:1d:b2:0d:ed:bc:19:6c:4d:e7:f6:72:64:4a:5b: 57:47:31:ca:c2:bd:a8:e0:17:2f:da:4a:54:fc:6f: 13:61:ff:da:3f:99:fe:77:0b:3e:42:92:dd:68:3a: e8:b5:bc:f9:13:fd:f0:6c:fe:2e:ab:ee:47:b9:1f: 71:3b:25:5c:70:0a:35:a1:96:3c:2d:56:eb:3c:99: df:8e:83:a4:a6:cf:da:d1:74:9e:4a:35:27:fa:a6: 4e:62:fd:b1:13:1c:f1:c0:95:01:b4:ae:bc:db:59: f8:73:3a:91:2e:6b:f9:6a:1a:84:3e:2f:b8:02:b6: 2c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A6:E3:6B:56:0D:8A:AB:F5:AE:94:3C:8E:58:A8:94:C5:6C:FD:76 X509v3 Authority Key Identifier: keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:73:16:48:c0:73:3e:3f:6a:5b:59:68:6d:5d:0a:9a:7b:1c: a1:3b:33:17:16:ce:63:24:d4:e1:57:c4:fb:41:d3:83:5f:e5: a6:66:82:59:2b:e7:09:9b:9d:b2:38:69:e7:2c:aa:b0:14:58: 77:4f:df:c2:12:82:9b:bd:d4:72:30:78:4b:8e:7c:db:76:48: 45:8f:2e:fb:bf:23:9f:a6:81:b7:bf:4a:aa:e4:6a:4f:de:15: a3:f0:d9:ce:54:93:88:0e:ea:15:47:c2:23:a6:fa:54:f4:4f: 19:dc:9a:a4:7a:45:b4:b4:02:61:21:3e:57:fc:8d:9a:f0:7d: 54:b6:86:b0:9c:5c:ca:81:46:ef:9c:b5:1b:7f:09:4e:28:09: da:1c:d3:59:1d:93:65:27:bf:8a:c5:44:2f:2b:f0:e4:8a:38: 33:94:c4:20:53:87:ba:c9:63:82:66:83:09:9b:b4:db:18:0e: 6f:be:fc:21:bd:bb:09:ea:fe:c4:50:89:46:11:b7:31:f3:ac: 0e:e4:a1:43:6a:ea:2a:a8:04:b3:40:37:bf:c2:f0:d6:96:5a: 92:d4:65:75:32:03:29:46:44:ef:9a:aa:e9:e3:1a:73:e8:3d: 87:4f:5f:22:b7:b9:e4:f6:f8:58:01:7a:2f:c6:bd:9f:ac:98: 15:31:b9:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG6GyZ9PIEcI4IVwn25JiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1 Mjk5ZDAwHhcNMjUxMjA2MTAwMTA1WhcNMjUxMjA3MTAwMTA1WjAzMTEwLwYDVQQD Eyg4OWE2ZTM2YjU2MGQ4YWFiZjVhZTk0M2M4ZTU4YTg5NGM1NmNmZDc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YnVjW8MIbwDEPsYIfGY+/r19nOl 8cNwKRBIHJ1PDIGCMsQD4GFNklMThQ8LRftV+ULTTLQag0nY0B/zf8EZ6Qdiof10 FNGDR5/zkKXM3gQ9FbofCGzT2syFkzo+DarWsW0ZfaKyAyZldizsIY7Rglhcxw5m Z/+jREVRLTsEYZs2uEXrGM0mHbIN7bwZbE3n9nJkSltXRzHKwr2o4Bcv2kpU/G8T Yf/aP5n+dws+QpLdaDrotbz5E/3wbP4uq+5HuR9xOyVccAo1oZY8LVbrPJnfjoOk ps/a0XSeSjUn+qZOYv2xExzxwJUBtK6821n4czqRLmv5ahqEPi+4ArYsXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFImm42tWDYqr9a6UPI5YqJTFbP12MB8GA1UdIwQY MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0 LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPHMWSMBz Pj9qW1lobV0KmnscoTszFxbOYyTU4VfE+0HTg1/lpmaCWSvnCZudsjhp5yyqsBRY d0/fwhKCm73UcjB4S45823ZIRY8u+78jn6aBt79KquRqT94Vo/DZzlSTiA7qFUfC I6b6VPRPGdyapHpFtLQCYSE+V/yNmvB9VLaGsJxcyoFG75y1G38JTigJ2hzTWR2T ZSe/isVELyvw5Io4M5TEIFOHusljgmaDCZu02xgOb778Ib27Cer+xFCJRhG3MfOs DuShQ2rqKqgEs0A3v8Lw1pZaktRldTIDKUZE75qq6eMac+g9h09fIre55Pb4WAF6 L8a9n6yYFTG5Gg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:20:19 2025 by rpki-client