This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft File: XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft (raw, json) Hash identifier: f3Lt1uTJgz/DBvwyL9lk3LJ7QZRVrlEfLeX2bFkyg9g= Subject key identifier: CB:20:1C:FD:26:D7:E5:AE:0C:80:03:F6:89:5B:E0:30:5A:C6:8A:C4 Authority key identifier: 5F:2A:13:3E:C2:FE:60:67:B5:64:96:E8:19:D5:BF:B4:E4:47:1F:94 Certificate issuer: /CN=5f2a133ec2fe6067b56496e819d5bfb4e4471f94 Certificate serial: 019B3231D1A03538A81E227BB4F22A635C4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft Manifest number: 0993 Signing time: Thu 18 Dec 2025 16:01:24 +0000 Manifest this update: Thu 18 Dec 2025 16:01:24 +0000 Manifest next update: Fri 19 Dec 2025 16:01:24 +0000 Files and hashes: 1: XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl (hash: Q+ra8mW2XsVXB6VVS5S0P3tm1docBmnK625bbavrzQQ=) 2: zw3OOzLu7F0rCvVUhFlHNjK6_48.roa (hash: EC4+NtSiW4UmHKtwZdLsHrR4X7fUOJDCpzkjNoARw5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:d1:a0:35:38:a8:1e:22:7b:b4:f2:2a:63:5c:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f2a133ec2fe6067b56496e819d5bfb4e4471f94 Validity Not Before: Dec 18 16:01:24 2025 GMT Not After : Dec 19 16:01:24 2025 GMT Subject: CN=cb201cfd26d7e5ae0c8003f6895be0305ac68ac4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:88:81:49:f9:53:d2:05:7f:4b:c2:0d:16:14: 49:9f:9c:73:f7:83:08:b6:65:73:3f:bb:6d:e9:5f: 78:86:be:da:c0:b4:27:55:91:fb:f8:86:74:f1:ab: e0:c4:ee:2d:3b:41:56:86:84:c2:ae:3e:de:46:7d: b0:a0:d7:4d:52:bf:ce:05:a7:e0:a6:91:6d:d8:1b: ed:80:31:29:56:94:7d:5d:7e:5d:90:c8:3f:43:18: f2:eb:c6:28:5f:2a:2b:6c:1b:3e:92:e2:7d:77:cd: 99:13:04:1b:15:3a:95:1f:e0:51:27:cd:ff:8b:40: b2:cc:af:5e:e8:af:9c:71:87:a2:ad:d0:fd:03:b4: 4e:9b:55:cd:8e:b5:0f:5a:6d:6c:78:01:7a:c4:06: cb:9f:37:4a:73:83:48:2c:28:e5:48:40:ff:25:86: dd:cb:24:a7:41:c1:b3:e2:51:30:bf:e8:94:5e:d5: 88:c2:35:15:50:6d:a2:0c:0c:3f:1c:ac:aa:79:9a: ec:3a:05:ae:ba:36:da:89:b7:b5:9d:57:c6:76:c3: 70:f3:43:e6:b6:7b:d6:64:94:d7:0b:95:07:f2:49: c9:9a:c5:04:61:8c:c0:f3:df:cf:d2:bc:b8:80:f2: 66:c7:40:18:5c:c3:67:e6:80:d8:3b:1c:f4:01:79: 6b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:20:1C:FD:26:D7:E5:AE:0C:80:03:F6:89:5B:E0:30:5A:C6:8A:C4 X509v3 Authority Key Identifier: keyid:5F:2A:13:3E:C2:FE:60:67:B5:64:96:E8:19:D5:BF:B4:E4:47:1F:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:eb:f2:49:b9:d4:87:df:c6:1a:06:51:45:c3:8b:1b:e0:43: 25:23:3d:c2:9a:57:84:b3:98:20:55:18:27:9e:d1:16:e9:05: f9:6e:92:af:77:b5:ca:06:5c:17:27:d4:f2:f5:2f:47:15:5c: 56:6a:24:ec:10:3b:d6:8f:ef:87:73:7a:a7:5c:9e:20:bd:d3: a6:44:66:6c:6c:a7:5a:a2:77:68:1f:33:cf:72:b6:c0:48:8b: 50:3e:c5:46:49:14:bf:4f:2d:cc:c2:d3:41:1f:e0:66:b7:2b: cf:13:0a:2a:bf:a2:e7:f9:a5:2f:52:21:09:bf:8a:02:66:e7: f6:6d:95:36:1e:ba:07:0c:7e:12:52:13:e3:23:fc:59:8a:7b: bb:76:bc:63:84:af:ae:11:82:78:47:f0:78:6b:78:4b:e5:19: 75:85:ca:04:07:25:69:a0:3e:2b:01:d5:dd:7d:f0:0e:a0:a7: 46:1d:3a:5d:b5:60:9e:35:ea:d9:96:5b:e2:c4:f4:ab:ee:05: 01:29:ab:58:13:f1:c6:b3:ff:62:0e:21:da:14:e8:33:5f:1e: 2f:4c:88:e0:50:31:d2:de:89:82:03:e6:24:62:4d:4f:40:56: a2:da:17:eb:76:e5:a5:c5:a8:f2:9a:fe:df:41:6c:84:d9:f4: c5:8e:23:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMdGgNTioHiJ7tPIqY1xLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMmExMzNlYzJmZTYwNjdiNTY0OTZlODE5ZDViZmI0ZTQ0 NzFmOTQwHhcNMjUxMjE4MTYwMTI0WhcNMjUxMjE5MTYwMTI0WjAzMTEwLwYDVQQD EyhjYjIwMWNmZDI2ZDdlNWFlMGM4MDAzZjY4OTViZTAzMDVhYzY4YWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIiBSflT0gV/S8INFhRJn5xz94MI tmVzP7tt6V94hr7awLQnVZH7+IZ08avgxO4tO0FWhoTCrj7eRn2woNdNUr/OBafg ppFt2BvtgDEpVpR9XX5dkMg/Qxjy68YoXyorbBs+kuJ9d82ZEwQbFTqVH+BRJ83/ i0CyzK9e6K+ccYeirdD9A7ROm1XNjrUPWm1seAF6xAbLnzdKc4NILCjlSED/JYbd yySnQcGz4lEwv+iUXtWIwjUVUG2iDAw/HKyqeZrsOgWuujbaibe1nVfGdsNw80Pm tnvWZJTXC5UH8knJmsUEYYzA89/P0ry4gPJmx0AYXMNn5oDYOxz0AXlrcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMsgHP0m1+WuDIAD9olb4DBaxorEMB8GA1UdIwQY MBaAFF8qEz7C/mBntWSW6BnVv7TkRx+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNjFkMmYtZWM4Ny00NzE4LTkzNjQt ZmEyYzE1MzcxNzI2LzEvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8xNjFkMmYtZWM4Ny00NzE4LTkzNjQtZmEyYzE1MzcxNzI2 LzEvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+vySbnU h9/GGgZRRcOLG+BDJSM9wppXhLOYIFUYJ57RFukF+W6Sr3e1ygZcFyfU8vUvRxVc Vmok7BA71o/vh3N6p1yeIL3TpkRmbGynWqJ3aB8zz3K2wEiLUD7FRkkUv08tzMLT QR/gZrcrzxMKKr+i5/mlL1IhCb+KAmbn9m2VNh66Bwx+ElIT4yP8WYp7u3a8Y4Sv rhGCeEfweGt4S+UZdYXKBAclaaA+KwHV3X3wDqCnRh06XbVgnjXq2ZZb4sT0q+4F ASmrWBPxxrP/Yg4h2hToM18eL0yI4FAx0t6JggPmJGJNT0BWotoX63blpcWo8pr+ 30FshNn0xY4j8Q== -----END CERTIFICATE-----Generated at Fri Dec 19 01:24:53 2025 by rpki-client