This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft File: XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json) Hash identifier: 5vTqSW8ODVvffAdPRLMPA/i2mxCWbXI2kRibCK/xyxw= Subject key identifier: 8E:06:88:D0:D4:B1:2B:F3:A8:0B:A2:77:72:43:98:67:60:3B:AF:5A Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1 Certificate issuer: /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1 Certificate serial: 019B511809C24D7E60B594E10933FAB148A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft Manifest number: 0C75 Signing time: Wed 24 Dec 2025 16:01:28 +0000 Manifest this update: Wed 24 Dec 2025 16:01:28 +0000 Manifest next update: Thu 25 Dec 2025 16:01:28 +0000 Files and hashes: 1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: w7ei1GNS043KVZNN6Yc1DgdiF5Vm5eybxziGsXMfBX8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:18:09:c2:4d:7e:60:b5:94:e1:09:33:fa:b1:48:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1 Validity Not Before: Dec 24 16:01:28 2025 GMT Not After : Dec 25 16:01:28 2025 GMT Subject: CN=8e0688d0d4b12bf3a80ba27772439867603baf5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7f:04:b4:61:1b:84:d1:3b:5e:16:5e:c8:4e: 71:4b:8d:e7:8b:81:69:a0:aa:fc:cb:22:b8:d8:da: da:2d:57:32:58:b2:77:1c:64:c3:3a:9d:c1:1b:92: 3e:72:d6:b6:87:60:05:12:bd:b0:6f:9f:3e:f4:a7: ba:c9:ef:c2:e6:f0:e1:b4:1d:07:91:99:4a:15:6c: 8b:3e:69:2a:94:2e:ba:f8:42:95:0c:a2:72:9e:6e: 14:f7:c2:b8:c4:a4:1a:07:2d:b4:96:15:0b:8a:a0: 61:a9:5d:f4:41:11:f3:f2:d2:b9:1f:99:10:29:d0: e8:ab:72:1c:b9:7e:65:cd:bc:6c:d9:42:2e:0c:87: cf:8c:5b:62:f4:d7:00:a3:06:69:54:0f:b9:8a:00: 27:18:a9:ef:68:89:ae:84:82:fe:2b:d2:1c:30:e9: 79:e0:bb:7a:8b:ab:48:a7:3a:06:27:f1:65:76:7d: 67:b4:0f:27:d8:9e:46:77:c7:97:5c:2e:cc:20:d7: 4c:8f:0a:a8:60:2e:0a:57:c1:37:34:e1:68:7c:eb: 9d:55:3c:08:9e:25:18:c8:f6:41:ee:5b:72:d3:11: ad:65:8a:23:6e:db:c6:07:f2:cc:c4:9c:0d:d8:a4: a1:33:9c:cb:b4:e6:1b:a6:19:2d:5a:cc:41:54:55: fc:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:06:88:D0:D4:B1:2B:F3:A8:0B:A2:77:72:43:98:67:60:3B:AF:5A X509v3 Authority Key Identifier: keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:40:b5:de:f5:e1:d1:d1:30:82:53:e0:f1:e0:cd:9f:ca:fc: 72:b1:5b:95:ce:bf:4e:c8:37:14:e4:4b:fd:19:a2:29:04:76: 05:b0:8d:7e:4b:15:c8:fa:d9:18:e0:05:ec:5a:cd:6f:f1:a5: 26:17:68:9b:b4:c4:72:6d:da:c5:04:70:83:f3:f3:1c:bf:d2: f2:36:96:40:ad:d5:8c:77:63:6d:88:4b:3b:d8:a8:ee:ee:b3: 37:21:15:e4:96:b9:2b:86:65:ec:f2:03:9e:3a:df:7b:b2:7f: d5:db:50:7f:1b:9e:f4:0e:91:2a:2f:ac:6e:8a:50:72:8e:69: dc:43:19:3e:9a:df:7c:05:71:ca:7b:dd:0c:da:90:4e:4b:42: 23:31:93:af:df:73:d5:51:7f:24:fc:8d:ae:ff:a3:4a:08:a2: a4:65:a3:71:1e:17:6e:da:e5:f4:83:7e:25:4e:f6:d5:20:82: 9c:f7:67:39:22:64:45:a6:f8:d5:2a:b3:51:8b:be:23:15:65: 41:04:7b:51:05:c6:a8:56:32:ce:80:be:a8:c9:d9:ba:89:72: 50:76:0a:08:e0:ea:cf:7e:17:0a:01:1d:b9:1b:52:5f:dc:05: 36:0e:bc:42:e5:1b:6f:51:f5:51:a9:49:aa:6a:da:9a:85:4f: 7a:9e:d1:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRGAnCTX5gtZThCTP6sUiiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2 MDY5YzEwHhcNMjUxMjI0MTYwMTI4WhcNMjUxMjI1MTYwMTI4WjAzMTEwLwYDVQQD Eyg4ZTA2ODhkMGQ0YjEyYmYzYTgwYmEyNzc3MjQzOTg2NzYwM2JhZjVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX8EtGEbhNE7XhZeyE5xS43ni4Fp oKr8yyK42NraLVcyWLJ3HGTDOp3BG5I+cta2h2AFEr2wb58+9Ke6ye/C5vDhtB0H kZlKFWyLPmkqlC66+EKVDKJynm4U98K4xKQaBy20lhULiqBhqV30QRHz8tK5H5kQ KdDoq3IcuX5lzbxs2UIuDIfPjFti9NcAowZpVA+5igAnGKnvaImuhIL+K9IcMOl5 4Lt6i6tIpzoGJ/Fldn1ntA8n2J5Gd8eXXC7MINdMjwqoYC4KV8E3NOFofOudVTwI niUYyPZB7lty0xGtZYojbtvGB/LMxJwN2KShM5zLtOYbphktWsxBVFX8mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI4GiNDUsSvzqAuid3JDmGdgO69aMB8GA1UdIwQY MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1 LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkC13vXh 0dEwglPg8eDNn8r8crFblc6/Tsg3FORL/RmiKQR2BbCNfksVyPrZGOAF7FrNb/Gl Jhdom7TEcm3axQRwg/PzHL/S8jaWQK3VjHdjbYhLO9io7u6zNyEV5Ja5K4Zl7PID njrfe7J/1dtQfxue9A6RKi+sbopQco5p3EMZPprffAVxynvdDNqQTktCIzGTr99z 1VF/JPyNrv+jSgiipGWjcR4Xbtrl9IN+JU721SCCnPdnOSJkRab41SqzUYu+IxVl QQR7UQXGqFYyzoC+qMnZuolyUHYKCODqz34XCgEduRtSX9wFNg68QuUbb1H1UalJ qmramoVPep7RCQ== -----END CERTIFICATE-----Generated at Wed Dec 24 18:27:06 2025 by rpki-client