This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json) Hash identifier: s9+EVte8+E7qyRF5VE03ij3+W8chfwxaIRiGXMGohfI= Subject key identifier: A4:7A:63:A7:55:FA:36:66:C6:59:BF:26:2E:EF:AC:08:A8:63:B9:DE Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Certificate serial: 019B42B7A7805EE13CF7751227F57F1DCB72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft Manifest number: 079D Signing time: Sun 21 Dec 2025 21:01:30 +0000 Manifest this update: Sun 21 Dec 2025 21:01:30 +0000 Manifest next update: Mon 22 Dec 2025 21:01:30 +0000 Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: zGBQ4tKZWPuIQqYnhikt/iQxzH3Ygv8sQmLJuEtLxzc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:a7:80:5e:e1:3c:f7:75:12:27:f5:7f:1d:cb:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Validity Not Before: Dec 21 21:01:30 2025 GMT Not After : Dec 22 21:01:30 2025 GMT Subject: CN=a47a63a755fa3666c659bf262eefac08a863b9de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:19:01:f3:5b:f1:72:e7:75:7d:35:3e:aa:b8: eb:b9:02:3c:31:1b:24:1a:6e:95:a3:72:7a:3a:ce: fa:e3:4b:31:17:a0:d4:90:6d:f6:38:c7:09:22:f2: 9c:57:7e:8e:95:d0:56:48:50:f3:ed:be:20:54:bb: 45:8a:63:85:b6:29:d6:66:15:65:aa:9c:71:f1:a6: 88:25:d4:2f:09:ba:99:e1:fa:a7:30:46:16:07:2e: 66:7c:ed:4e:0d:bb:42:cd:f4:e3:be:2c:35:f2:7d: 4a:a5:a5:88:be:90:28:ab:dd:a9:6c:18:9f:d0:bf: f6:47:e9:66:42:0c:9e:54:e6:a9:23:69:c7:a9:5a: 95:04:68:52:90:d7:b9:aa:7f:22:61:21:b0:31:cc: d9:52:cd:b8:71:f7:5c:e1:3c:07:49:f3:62:68:0a: af:ab:00:28:88:12:0b:29:85:98:c5:8a:de:3b:25: c3:95:48:f6:45:50:76:6c:be:6f:eb:4b:52:05:b1: 8e:fc:e4:0a:0d:88:2d:61:5f:ba:e7:2f:c2:b5:97: 50:92:bf:30:fd:ff:3e:f4:60:e1:de:d2:ec:a1:8e: f4:52:39:61:70:52:fc:e9:b1:b9:0b:b9:a9:83:43: 7d:6c:37:51:3b:1e:47:89:d1:30:b5:d5:5a:ff:7f: 39:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:7A:63:A7:55:FA:36:66:C6:59:BF:26:2E:EF:AC:08:A8:63:B9:DE X509v3 Authority Key Identifier: keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:c8:45:3b:97:57:70:de:32:c8:50:08:0c:79:a9:e5:ef:20: 97:77:a7:60:bc:1a:47:5a:30:cf:49:31:46:00:9e:35:9b:e6: 54:cc:f9:52:8e:48:28:81:67:6c:e8:27:f8:e7:8e:a7:19:fe: dd:76:bc:b6:ce:d6:f4:a5:12:3a:a6:0b:c4:b2:4a:93:9e:d2: a1:e1:32:48:a9:ed:de:3f:91:8d:f2:b8:58:29:4a:0c:33:f1: 6c:c3:2d:0f:47:cd:bc:74:a4:fb:40:0e:30:54:94:29:bb:28: 29:ab:02:f3:2f:86:e3:fe:20:6f:af:12:c9:f2:26:99:16:1d: 98:09:aa:62:ac:26:3d:7c:dd:dc:a0:e9:2e:59:be:ce:50:be: 94:c6:0d:20:9a:62:2e:62:8a:75:d2:5b:6a:bb:b8:81:25:ea: 67:af:2f:ba:64:95:18:5d:87:d9:81:42:33:ac:ad:b1:6c:05: 00:44:c9:ac:93:4f:de:b1:a7:59:93:a9:22:64:0f:1f:a1:a8: 39:16:26:de:5d:62:61:3d:61:69:66:c6:cf:d7:a6:74:de:d9: 61:5c:ab:e3:b9:5a:df:6f:83:b0:a9:4e:f5:3e:d6:6d:63:be: 9b:91:f8:6c:15:2d:85:33:39:7b:f0:73:f1:cd:60:6b:93:29: 8a:e6:6a:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt6eAXuE893USJ/V/HctyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2 ZDA0OTUwHhcNMjUxMjIxMjEwMTMwWhcNMjUxMjIyMjEwMTMwWjAzMTEwLwYDVQQD EyhhNDdhNjNhNzU1ZmEzNjY2YzY1OWJmMjYyZWVmYWMwOGE4NjNiOWRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BkB81vxcud1fTU+qrjruQI8MRsk Gm6Vo3J6Os7640sxF6DUkG32OMcJIvKcV36OldBWSFDz7b4gVLtFimOFtinWZhVl qpxx8aaIJdQvCbqZ4fqnMEYWBy5mfO1ODbtCzfTjviw18n1KpaWIvpAoq92pbBif 0L/2R+lmQgyeVOapI2nHqVqVBGhSkNe5qn8iYSGwMczZUs24cfdc4TwHSfNiaAqv qwAoiBILKYWYxYreOyXDlUj2RVB2bL5v60tSBbGO/OQKDYgtYV+65y/CtZdQkr8w /f8+9GDh3tLsoY70UjlhcFL86bG5C7mpg0N9bDdROx5HidEwtdVa/385yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKR6Y6dV+jZmxlm/Ji7vrAioY7neMB8GA1UdIwQY MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF8hFO5dX cN4yyFAIDHmp5e8gl3enYLwaR1owz0kxRgCeNZvmVMz5Uo5IKIFnbOgn+OeOpxn+ 3Xa8ts7W9KUSOqYLxLJKk57SoeEySKnt3j+RjfK4WClKDDPxbMMtD0fNvHSk+0AO MFSUKbsoKasC8y+G4/4gb68SyfImmRYdmAmqYqwmPXzd3KDpLlm+zlC+lMYNIJpi LmKKddJbaru4gSXqZ68vumSVGF2H2YFCM6ytsWwFAETJrJNP3rGnWZOpImQPH6Go ORYm3l1iYT1haWbGz9emdN7ZYVyr47la32+DsKlO9T7WbWO+m5H4bBUthTM5e/Bz 8c1ga5MpiuZqPQ== -----END CERTIFICATE-----Generated at Mon Dec 22 00:02:02 2025 by rpki-client