This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft File: xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json) Hash identifier: jjclshxXBh4CvGvj974fS8DYFkIwWN28H8OxjyKJmIs= Subject key identifier: 59:22:CA:68:01:6C:80:5A:C5:03:AD:64:21:50:60:5C:31:22:26:03 Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81 Certificate issuer: /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981 Certificate serial: 019B77B7389F903520727B78BF95D478C229 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft Manifest number: 17A4 Signing time: Thu 01 Jan 2026 04:00:54 +0000 Manifest this update: Thu 01 Jan 2026 04:00:54 +0000 Manifest next update: Fri 02 Jan 2026 04:00:54 +0000 Files and hashes: 1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: G/9bJJpX+qmCGzDzZx1qWkmCyFbFEfQftKi48lNhDys=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 00:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:b7:38:9f:90:35:20:72:7b:78:bf:95:d4:78:c2:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981 Validity Not Before: Jan 1 04:00:54 2026 GMT Not After : Jan 2 04:00:54 2026 GMT Subject: CN=5922ca68016c805ac503ad642150605c31222603 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:48:0a:dc:db:ef:98:f3:de:59:f2:21:46:68: 6d:9d:b1:ed:61:95:ee:54:51:4b:cf:67:15:22:74: 4b:2d:4a:0d:ac:75:13:e7:eb:16:2a:83:19:b3:47: 31:35:62:66:af:ec:f9:a9:f4:50:eb:65:db:cc:07: 76:6a:a1:10:cf:ba:67:d9:c4:4b:f6:7c:10:97:e3: 5d:86:b7:10:f4:ab:6e:7d:4b:0b:cb:57:52:19:c4: 64:ef:1b:80:f7:b0:6a:77:f7:04:0c:8c:b4:2b:fe: 65:ba:c2:da:12:3d:8d:f5:4b:c4:b6:ca:08:d7:6b: 4e:bc:47:61:fe:f7:e6:bd:f9:c9:2f:26:92:5c:54: 39:5e:aa:93:81:2a:18:1e:a3:89:42:c3:aa:08:35: f7:f5:09:34:ad:b1:66:4f:ab:e2:64:a7:27:bf:fe: 50:ec:72:2f:59:5b:47:96:c3:1b:d0:1f:bf:22:03: 1b:69:91:bc:3a:1c:dc:9b:d4:ad:28:da:91:11:82: e1:3c:a4:5a:33:7f:7a:08:ea:4a:2f:7b:0b:2a:ce: e6:b4:48:ca:df:d9:08:e2:99:20:43:f0:fb:20:e2: 7b:7b:73:e0:e4:7d:70:cc:64:11:99:7a:b6:25:7d: b8:73:37:7e:ce:44:41:2d:c8:9b:69:00:57:c3:e4: ed:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:22:CA:68:01:6C:80:5A:C5:03:AD:64:21:50:60:5C:31:22:26:03 X509v3 Authority Key Identifier: keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:2e:14:a5:7d:42:1f:06:d7:32:d8:16:b9:13:40:cf:ae:ce: 00:11:e0:23:0c:fa:82:30:30:41:3d:81:d3:49:6c:93:84:4c: df:2d:8b:35:d9:43:61:f0:a9:9e:86:3b:9c:1d:b2:24:36:35: 17:24:d6:34:04:0d:ab:2e:8b:9d:76:6e:99:d3:09:9b:52:ab: 82:24:0f:77:95:ec:87:58:1f:14:6e:42:b9:20:e6:57:1c:e9: c8:2a:75:be:00:c8:36:3e:7e:7d:5a:fe:29:04:74:fb:3f:a2: 87:9a:82:74:6a:a3:92:7f:c4:19:4c:ce:ff:21:f9:d5:b0:b2: c2:02:03:b1:8c:41:19:98:c8:6e:03:71:7c:fe:0a:5a:17:36: eb:30:e8:a3:a9:48:0e:b8:7b:1a:2e:9b:84:d6:b7:b5:d3:62: f4:24:e8:ed:28:28:ac:c8:20:5f:a2:26:32:54:37:8a:b3:9d: 7d:6a:45:b8:43:53:ea:9f:38:c3:b7:a0:90:d8:5a:2d:37:d3: 65:f4:be:8d:5b:f8:d1:4f:4e:36:70:d8:ec:ff:8e:c9:ed:15: ff:db:a3:f5:75:4d:a6:61:5d:fc:59:3f:83:98:4b:ae:88:16: 4c:a0:bc:fa:96:a2:c0:cd:49:f6:ac:42:d5:ea:e4:25:42:d5: ea:a3:5a:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt3tzifkDUgcnt4v5XUeMIpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk Y2M5ODEwHhcNMjYwMTAxMDQwMDU0WhcNMjYwMTAyMDQwMDU0WjAzMTEwLwYDVQQD Eyg1OTIyY2E2ODAxNmM4MDVhYzUwM2FkNjQyMTUwNjA1YzMxMjIyNjAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UgK3NvvmPPeWfIhRmhtnbHtYZXu VFFLz2cVInRLLUoNrHUT5+sWKoMZs0cxNWJmr+z5qfRQ62XbzAd2aqEQz7pn2cRL 9nwQl+NdhrcQ9KtufUsLy1dSGcRk7xuA97Bqd/cEDIy0K/5lusLaEj2N9UvEtsoI 12tOvEdh/vfmvfnJLyaSXFQ5XqqTgSoYHqOJQsOqCDX39Qk0rbFmT6viZKcnv/5Q 7HIvWVtHlsMb0B+/IgMbaZG8Ohzcm9StKNqREYLhPKRaM396COpKL3sLKs7mtEjK 39kI4pkgQ/D7IOJ7e3Pg5H1wzGQRmXq2JX24czd+zkRBLcibaQBXw+Tt4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFkiymgBbIBaxQOtZCFQYFwxIiYDMB8GA1UdIwQY MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy4UpX1C HwbXMtgWuRNAz67OABHgIwz6gjAwQT2B00lsk4RM3y2LNdlDYfCpnoY7nB2yJDY1 FyTWNAQNqy6LnXZumdMJm1KrgiQPd5Xsh1gfFG5CuSDmVxzpyCp1vgDINj5+fVr+ KQR0+z+ih5qCdGqjkn/EGUzO/yH51bCywgIDsYxBGZjIbgNxfP4KWhc26zDoo6lI Drh7Gi6bhNa3tdNi9CTo7SgorMggX6ImMlQ3irOdfWpFuENT6p84w7egkNhaLTfT ZfS+jVv40U9ONnDY7P+Oye0V/9uj9XVNpmFd/Fk/g5hLrogWTKC8+paiwM1J9qxC 1erkJULV6qNa0A== -----END CERTIFICATE-----Generated at Thu Jan 1 08:48:19 2026 by rpki-client