This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft File: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json) Hash identifier: wyFAKYRCvJm7O/zH7iiWVeTWCUIJPR9ZlcJJfjQZ0rQ= Subject key identifier: EA:14:6B:23:27:29:9B:2F:0A:CF:1D:EF:C8:C7:86:1B:18:D4:0F:89 Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A Certificate issuer: /CN=5e5214158af310ffa9c315298343f4c3e66aec9a Certificate serial: 019B334441635A96AB4A1F70CED2A7ED0C33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft Manifest number: 07CF Signing time: Thu 18 Dec 2025 21:01:09 +0000 Manifest this update: Thu 18 Dec 2025 21:01:09 +0000 Manifest next update: Fri 19 Dec 2025 21:01:09 +0000 Files and hashes: 1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: JAN9mPvErCMPwKQ44SiGmFN72ToiLpeBv6k/jdqtHFk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:41:63:5a:96:ab:4a:1f:70:ce:d2:a7:ed:0c:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a Validity Not Before: Dec 18 21:01:09 2025 GMT Not After : Dec 19 21:01:09 2025 GMT Subject: CN=ea146b2327299b2f0acf1defc8c7861b18d40f89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f6:13:01:d4:2b:bd:b7:9e:50:db:84:04:52: c5:11:0f:a0:7b:8f:5e:eb:ea:32:16:a9:d4:b7:c8: 5b:da:51:24:27:07:b0:b3:27:44:88:4a:81:bd:95: bf:f0:d1:77:1f:8c:22:7d:bb:4b:4d:b5:f6:e3:40: 53:db:d9:f4:9c:eb:e3:82:0f:fb:28:08:8f:11:c6: d4:db:90:57:04:dd:e4:37:8a:f0:1c:06:a6:e1:76: b1:5f:31:9a:e3:ef:87:70:4c:b3:08:e4:10:1c:b6: f2:f5:1e:36:ab:77:7a:b6:1c:a5:06:3e:27:db:aa: 74:a0:aa:8b:af:26:7e:c6:94:1e:f3:38:f3:3c:99: de:89:21:9a:8c:9a:11:2d:29:a7:11:51:da:2d:ca: 7e:b9:49:dc:41:64:f6:89:38:70:b4:98:fa:b5:1c: 71:9d:f4:78:3c:20:01:33:a7:3a:bb:04:19:82:07: 95:c4:ec:67:b3:7b:88:ed:73:60:52:d6:49:43:03: 35:db:e8:d0:1b:d5:cc:0d:de:b7:19:73:f8:cf:64: f9:43:1a:2e:32:d9:89:d0:30:a1:bf:8b:73:c4:64: 15:4e:bf:39:ad:d3:c9:94:f7:ba:2c:09:ae:0f:5a: 55:a6:d4:f8:00:c1:0a:b2:20:18:1e:76:e3:e3:1a: 06:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:14:6B:23:27:29:9B:2F:0A:CF:1D:EF:C8:C7:86:1B:18:D4:0F:89 X509v3 Authority Key Identifier: keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:96:4d:05:54:51:35:80:5c:8c:09:85:55:e2:50:7f:d9:29: 4d:67:d3:67:5e:e1:7a:89:99:dd:ad:f5:18:98:b0:ee:bc:5a: 29:51:8e:b5:8d:67:16:d4:96:ca:14:d6:12:3e:11:e5:8e:a8: b6:00:5d:5b:ed:28:f2:c0:01:92:0e:0c:2a:8d:4f:d3:de:ea: 4b:d8:91:dc:11:c4:95:0d:c0:07:0b:cd:17:f9:0e:33:27:31: e1:df:9c:a2:cd:50:e4:85:4a:ed:b2:e6:28:d5:64:ae:44:5e: 46:e4:67:fe:65:3a:98:cc:0a:00:ba:00:b2:fe:18:69:d6:4d: 77:95:b3:62:a2:16:4d:99:8d:8b:dc:17:4b:d8:21:91:f8:59: da:12:5c:6f:2a:70:cb:94:80:2c:1e:2a:6f:05:48:f4:66:2d: 28:9d:84:3a:55:63:f1:81:aa:96:41:0b:c5:f8:0b:74:d3:97: d9:1e:b6:fb:a6:57:8e:7a:52:f3:d3:57:e3:5c:6b:c2:c1:de: c9:b6:ed:dd:a6:a9:c6:a8:e6:ac:ec:67:00:56:58:ed:8e:29: 6a:78:09:d0:35:3a:5c:4f:06:84:08:9e:36:9b:bf:12:61:b5: 8a:da:d0:35:9c:38:7d:b3:45:9c:89:89:c9:98:83:8e:77:cb: 1c:d2:6c:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszREFjWparSh9wztKn7QwzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2 YWVjOWEwHhcNMjUxMjE4MjEwMTA5WhcNMjUxMjE5MjEwMTA5WjAzMTEwLwYDVQQD EyhlYTE0NmIyMzI3Mjk5YjJmMGFjZjFkZWZjOGM3ODYxYjE4ZDQwZjg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfYTAdQrvbeeUNuEBFLFEQ+ge49e 6+oyFqnUt8hb2lEkJwewsydEiEqBvZW/8NF3H4wifbtLTbX240BT29n0nOvjgg/7 KAiPEcbU25BXBN3kN4rwHAam4XaxXzGa4++HcEyzCOQQHLby9R42q3d6thylBj4n 26p0oKqLryZ+xpQe8zjzPJneiSGajJoRLSmnEVHaLcp+uUncQWT2iThwtJj6tRxx nfR4PCABM6c6uwQZggeVxOxns3uI7XNgUtZJQwM12+jQG9XMDd63GXP4z2T5Qxou MtmJ0DChv4tzxGQVTr85rdPJlPe6LAmuD1pVptT4AMEKsiAYHnbj4xoGWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOoUayMnKZsvCs8d78jHhhsY1A+JMB8GA1UdIwQY MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4 LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZZNBVRR NYBcjAmFVeJQf9kpTWfTZ17heomZ3a31GJiw7rxaKVGOtY1nFtSWyhTWEj4R5Y6o tgBdW+0o8sABkg4MKo1P097qS9iR3BHElQ3ABwvNF/kOMycx4d+cos1Q5IVK7bLm KNVkrkReRuRn/mU6mMwKALoAsv4YadZNd5WzYqIWTZmNi9wXS9ghkfhZ2hJcbypw y5SALB4qbwVI9GYtKJ2EOlVj8YGqlkELxfgLdNOX2R62+6ZXjnpS89NX41xrwsHe ybbt3aapxqjmrOxnAFZY7Y4pangJ0DU6XE8GhAieNpu/EmG1itrQNZw4fbNFnImJ yZiDjnfLHNJsMw== -----END CERTIFICATE-----Generated at Fri Dec 19 02:22:29 2025 by rpki-client