This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft File: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json) Hash identifier: rStIojUQhVVvDWVxCcUp6CA3LmfA/ZLmb29nZKfijm0= Subject key identifier: 34:3E:93:DD:66:D1:E0:2F:40:A5:40:CE:F3:35:CC:E0:57:C1:43:1E Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 Certificate issuer: /CN=5ed6772b90212e577249f7356c218ed1068b6776 Certificate serial: 019B53AB5F77DB37684ABAE26E8188424B33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft Manifest number: 1792 Signing time: Thu 25 Dec 2025 04:01:38 +0000 Manifest this update: Thu 25 Dec 2025 04:01:38 +0000 Manifest next update: Fri 26 Dec 2025 04:01:38 +0000 Files and hashes: 1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: yOkUySEDtupXYCHd9PTTPlOh5sXD2Bgef10KZHBTaTw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:5f:77:db:37:68:4a:ba:e2:6e:81:88:42:4b:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776 Validity Not Before: Dec 25 04:01:38 2025 GMT Not After : Dec 26 04:01:38 2025 GMT Subject: CN=343e93dd66d1e02f40a540cef335cce057c1431e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:05:81:5c:88:3b:58:cd:5f:9a:08:dd:f2:97: 6f:ee:ab:5f:38:0b:b9:0a:fb:b7:27:10:14:94:e9: fb:d0:bb:f0:86:bc:e4:9b:c6:3c:ed:f3:bf:c0:9f: 7e:eb:f8:eb:c2:82:2a:07:e4:a2:8f:89:04:4f:d6: 45:3f:78:5c:73:bf:5c:47:56:be:a1:47:4b:df:ba: 62:88:a8:fb:af:d9:f2:27:58:2b:98:3b:c1:92:95: c1:6e:c8:49:86:d4:e6:15:85:41:04:5c:4e:9a:a6: 11:ba:3a:9c:82:24:c9:b4:d3:0d:8d:71:b4:7b:87: 6c:2d:0d:b7:99:49:0e:bf:33:ee:c3:83:83:c6:10: 15:a0:12:bf:1e:5e:39:c7:ac:71:55:ea:ad:40:1b: 60:56:cc:c9:5c:c0:90:4c:70:7b:ba:d7:1d:26:f4: c3:13:28:a4:42:3e:de:ff:d7:41:ce:c4:9c:14:57: 3b:cd:a2:3a:df:af:b9:9c:0e:eb:77:d1:5b:cf:8a: af:0a:02:dd:1f:e5:34:ab:1a:89:9b:ae:54:be:62: be:b8:ca:35:b7:16:cb:f3:69:60:d4:78:7e:23:e4: ca:d3:92:fd:9e:6d:eb:a3:65:a2:a0:a0:f5:e2:69: 44:a4:c4:5b:91:2c:8c:13:40:8a:b4:8b:a2:97:9d: e0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:3E:93:DD:66:D1:E0:2F:40:A5:40:CE:F3:35:CC:E0:57:C1:43:1E X509v3 Authority Key Identifier: keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:5c:71:f9:45:04:fb:67:00:5e:23:46:2b:c5:5e:6d:28:c6: 09:ce:55:fc:81:a9:d0:08:93:dd:41:58:ca:15:a4:69:cb:5b: 52:80:78:b6:f2:96:4e:48:b3:35:66:6a:5e:a6:a3:03:e5:9a: ca:be:e6:ed:aa:55:16:d2:bd:97:11:b0:e7:6e:d6:af:77:be: 51:77:5f:8c:87:ea:b4:e8:0e:44:e0:92:92:96:76:de:bd:3d: 0a:55:d7:a4:8f:89:27:2a:57:d4:dd:84:18:57:bd:4e:90:a5: a7:9f:65:9e:92:9d:c4:9f:04:32:f4:20:6a:c2:a9:d6:4f:23: 67:87:7b:a7:5d:f9:d3:74:6b:c3:8b:cc:4e:71:18:33:5d:d3: 7c:7c:c8:89:f7:fe:ba:79:d7:f0:6b:a0:19:dc:3a:12:5a:7e: 50:ba:cf:05:1d:4c:3b:e2:52:c9:d9:c2:f7:11:11:7a:c7:34: 48:68:6b:3d:68:d6:2a:dd:db:51:6d:db:7b:66:03:37:9d:d4: 0b:70:47:9e:96:10:0b:f6:3f:e3:50:35:d0:97:56:11:ea:6a: 55:41:72:7a:cc:df:60:b3:bc:e1:c1:d2:4b:a2:d6:98:99:26: 20:57:a3:2c:d1:9e:61:46:72:e5:86:19:1e:72:14:f2:85:ed: e9:40:81:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq1932zdoSrriboGIQkszMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4 YjY3NzYwHhcNMjUxMjI1MDQwMTM4WhcNMjUxMjI2MDQwMTM4WjAzMTEwLwYDVQQD EygzNDNlOTNkZDY2ZDFlMDJmNDBhNTQwY2VmMzM1Y2NlMDU3YzE0MzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAWBXIg7WM1fmgjd8pdv7qtfOAu5 Cvu3JxAUlOn70Lvwhrzkm8Y87fO/wJ9+6/jrwoIqB+Sij4kET9ZFP3hcc79cR1a+ oUdL37piiKj7r9nyJ1grmDvBkpXBbshJhtTmFYVBBFxOmqYRujqcgiTJtNMNjXG0 e4dsLQ23mUkOvzPuw4ODxhAVoBK/Hl45x6xxVeqtQBtgVszJXMCQTHB7utcdJvTD EyikQj7e/9dBzsScFFc7zaI636+5nA7rd9Fbz4qvCgLdH+U0qxqJm65UvmK+uMo1 txbL82lg1Hh+I+TK05L9nm3ro2WioKD14mlEpMRbkSyME0CKtIuil53gqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQ+k91m0eAvQKVAzvM1zOBXwUMeMB8GA1UdIwQY MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlxx+UUE +2cAXiNGK8VebSjGCc5V/IGp0AiT3UFYyhWkactbUoB4tvKWTkizNWZqXqajA+Wa yr7m7apVFtK9lxGw527Wr3e+UXdfjIfqtOgOROCSkpZ23r09ClXXpI+JJypX1N2E GFe9TpClp59lnpKdxJ8EMvQgasKp1k8jZ4d7p13503Rrw4vMTnEYM13TfHzIiff+ unnX8GugGdw6Elp+ULrPBR1MO+JSydnC9xEResc0SGhrPWjWKt3bUW3be2YDN53U C3BHnpYQC/Y/41A10JdWEepqVUFyeszfYLO84cHSS6LWmJkmIFejLNGeYUZy5YYZ HnIU8oXt6UCB1w== -----END CERTIFICATE-----Generated at Thu Dec 25 11:22:14 2025 by rpki-client