This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft File: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json) Hash identifier: Trp4yvoj8KuistVkJT8+2WddS0Wcbe9Py5X79YzmPl8= Subject key identifier: EC:6D:26:3F:88:34:3C:E8:D3:BE:14:2F:60:E8:AD:F4:11:4E:89:E9 Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 Certificate issuer: /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Certificate serial: 019B57F5D430D091D8861F80445BFF2E1D34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft Manifest number: 1507 Signing time: Fri 26 Dec 2025 00:01:26 +0000 Manifest this update: Fri 26 Dec 2025 00:01:26 +0000 Manifest next update: Sat 27 Dec 2025 00:01:26 +0000 Files and hashes: 1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: 5hHXc8seGIhHnbEPufVFzabtq77fihV9NJ06lHtkUyY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 00:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:57:f5:d4:30:d0:91:d8:86:1f:80:44:5b:ff:2e:1d:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Validity Not Before: Dec 26 00:01:26 2025 GMT Not After : Dec 27 00:01:26 2025 GMT Subject: CN=ec6d263f88343ce8d3be142f60e8adf4114e89e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5b:12:14:ad:7e:cc:41:0c:45:25:9c:56:bb: 5a:1f:fa:4b:a2:ca:a6:86:de:1e:4e:c8:ea:cf:ed: 51:2f:30:ab:58:03:a3:0b:42:09:c6:c3:6b:50:0b: 76:5b:94:bb:ed:f3:45:a9:95:b3:8e:61:76:9a:70: a1:5d:05:6e:d8:5b:9a:a5:f7:e4:af:14:d3:b3:00: fa:b9:49:50:77:39:c9:c1:8b:6f:7e:2b:96:96:ee: 7e:0e:69:19:1e:1b:0c:81:67:05:28:88:1c:57:af: 57:7f:c1:39:2e:a5:08:6b:53:0e:83:bc:d8:e6:1e: 00:fb:ba:50:b8:ff:ca:4b:34:ef:63:af:c6:30:99: 35:fb:20:37:db:bc:c2:6b:0f:30:7a:95:bc:da:4a: 2c:0d:56:d1:83:51:8e:9e:04:84:c0:d0:76:7c:65: 52:9a:84:ef:f1:60:be:88:95:e0:f9:73:a5:d6:8c: eb:24:c5:61:e6:29:ee:5f:c9:8d:03:7b:10:90:f0: 08:80:48:da:df:c5:3e:03:d9:63:2b:65:9a:9d:fc: 20:a3:62:e2:85:e9:ca:ef:c7:b2:03:3f:fa:34:9c: eb:6c:a7:70:9b:7c:38:7e:46:6b:67:8f:2d:9d:37: 49:bb:76:2c:48:c6:79:8b:0a:cf:d0:ce:d1:0b:76: 1d:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:6D:26:3F:88:34:3C:E8:D3:BE:14:2F:60:E8:AD:F4:11:4E:89:E9 X509v3 Authority Key Identifier: keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:67:ec:f3:66:ca:51:cd:d7:87:c4:f0:89:78:52:f6:80:4a: 87:02:ee:df:47:90:86:29:d6:05:ef:12:e9:74:fb:d8:15:79: 7a:09:46:b7:cc:86:7a:37:f8:79:ed:00:6e:ed:83:35:21:7b: f4:1b:80:e4:99:3f:af:14:f1:45:a6:d6:00:5b:f4:dd:e2:82: fd:7a:f1:ba:f0:7f:52:82:b9:78:7d:fb:58:7e:03:63:cb:66: 97:1c:d9:2b:dd:37:72:a5:1a:8e:86:2c:2e:ba:c1:09:8c:c9: 88:c2:6b:54:2f:a2:03:dd:9f:8c:ec:9e:b2:42:9e:69:6c:2a: af:b6:74:7a:fc:02:e9:05:bd:a6:c1:d2:d3:51:81:c8:66:ef: 9d:1c:1d:10:04:6f:55:a0:0c:91:2b:75:69:6b:30:19:3c:6d: aa:79:b0:53:58:e4:c3:d9:e6:d8:08:52:2a:80:f0:68:51:ac: bc:9e:75:3b:60:53:b1:6c:aa:06:2a:ca:c9:e2:8a:d0:ff:8a: 34:7e:34:bc:80:bd:1c:09:a7:0a:65:9d:42:82:69:70:ae:36: ea:a0:f1:46:2c:06:11:5e:83:04:6a:f8:45:54:5a:39:d4:a4: 46:00:29:d5:fb:cb:4d:ec:ec:0f:af:e7:ed:3f:3b:f6:89:62: 29:fd:34:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtX9dQw0JHYhh+ARFv/Lh00MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0 MGNiODIwHhcNMjUxMjI2MDAwMTI2WhcNMjUxMjI3MDAwMTI2WjAzMTEwLwYDVQQD EyhlYzZkMjYzZjg4MzQzY2U4ZDNiZTE0MmY2MGU4YWRmNDExNGU4OWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFsSFK1+zEEMRSWcVrtaH/pLosqm ht4eTsjqz+1RLzCrWAOjC0IJxsNrUAt2W5S77fNFqZWzjmF2mnChXQVu2Fuapffk rxTTswD6uUlQdznJwYtvfiuWlu5+DmkZHhsMgWcFKIgcV69Xf8E5LqUIa1MOg7zY 5h4A+7pQuP/KSzTvY6/GMJk1+yA327zCaw8wepW82kosDVbRg1GOngSEwNB2fGVS moTv8WC+iJXg+XOl1ozrJMVh5inuX8mNA3sQkPAIgEja38U+A9ljK2Wanfwgo2Li henK78eyAz/6NJzrbKdwm3w4fkZrZ48tnTdJu3YsSMZ5iwrP0M7RC3YdfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOxtJj+INDzo074UL2DorfQRTonpMB8GA1UdIwQY MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0 LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2fs82bK Uc3Xh8TwiXhS9oBKhwLu30eQhinWBe8S6XT72BV5eglGt8yGejf4ee0Abu2DNSF7 9BuA5Jk/rxTxRabWAFv03eKC/XrxuvB/UoK5eH37WH4DY8tmlxzZK903cqUajoYs LrrBCYzJiMJrVC+iA92fjOyeskKeaWwqr7Z0evwC6QW9psHS01GByGbvnRwdEARv VaAMkSt1aWswGTxtqnmwU1jkw9nm2AhSKoDwaFGsvJ51O2BTsWyqBirKyeKK0P+K NH40vIC9HAmnCmWdQoJpcK426qDxRiwGEV6DBGr4RVRaOdSkRgAp1fvLTezsD6/n 7T879oliKf00GQ== -----END CERTIFICATE-----Generated at Fri Dec 26 09:23:54 2025 by rpki-client