This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft File: Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json) Hash identifier: rC9pjPSxK8PCSyYvyhBfkyulUjRoxuIipMO0zVJRcrs= Subject key identifier: 6E:0D:75:E2:8C:53:80:CA:59:0D:80:E1:77:29:A7:10:06:D0:94:8B Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B Certificate issuer: /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b Certificate serial: 019B4E4DDB55C9BA31A896F03F1EB49A8879 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft Manifest number: 0DE7 Signing time: Wed 24 Dec 2025 03:01:23 +0000 Manifest this update: Wed 24 Dec 2025 03:01:23 +0000 Manifest next update: Thu 25 Dec 2025 03:01:23 +0000 Files and hashes: 1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: cJirzHI+oDJ4Brf5cUJ1NFlV0WiAqNNim1A2NnJzVxk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:db:55:c9:ba:31:a8:96:f0:3f:1e:b4:9a:88:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b Validity Not Before: Dec 24 03:01:23 2025 GMT Not After : Dec 25 03:01:23 2025 GMT Subject: CN=6e0d75e28c5380ca590d80e17729a71006d0948b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:73:07:03:a3:02:2e:ce:1a:33:8c:dc:80:c8: dd:bc:8a:c8:91:da:ff:2f:70:4b:db:78:02:7c:f3: 91:25:05:4e:47:28:75:cd:e8:81:69:90:a1:75:38: 4b:5a:a3:03:9c:d6:e2:71:ba:06:d8:b8:cf:30:fd: cc:e4:81:0e:aa:32:b7:03:ea:80:70:a2:1e:f9:15: e7:a5:ab:0c:e6:63:d5:9a:aa:8c:0b:40:82:40:0f: 6f:83:43:ca:d9:49:d8:0e:65:d6:da:86:b2:1e:e6: db:ba:d3:09:2d:3d:1b:6f:d3:18:86:83:1a:a5:c2: 07:a0:01:f8:8a:f2:e5:10:c1:ce:02:69:4f:b4:63: 02:ba:16:05:50:98:22:24:c4:c8:61:24:c9:0c:ca: fd:0c:77:d5:12:f6:40:3e:62:37:91:0d:87:a3:0f: ca:a6:59:e3:44:bd:fe:ff:b5:07:a2:c7:58:f8:d3: 70:37:ae:14:f8:d6:20:ff:1d:75:73:01:11:b1:49: 39:55:54:92:2c:1b:a1:fa:00:35:15:e1:42:7c:f0: 80:25:58:1f:2a:91:ec:e2:37:de:68:a3:69:34:7e: 11:a8:e2:32:29:c0:e1:3e:d8:a3:4f:68:00:3f:b3: 90:89:54:f7:bc:8c:d9:a2:21:0a:08:40:91:87:a3: 58:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:0D:75:E2:8C:53:80:CA:59:0D:80:E1:77:29:A7:10:06:D0:94:8B X509v3 Authority Key Identifier: keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:a7:fd:92:af:39:59:d2:27:06:7d:61:d0:26:2a:db:51:3e: 5c:eb:20:26:32:2e:1b:d1:45:92:e9:12:02:1b:9e:e1:2d:60: 90:d1:a6:72:0c:43:de:51:90:54:2b:cd:26:12:53:3a:ae:6d: df:fa:47:d1:14:bd:22:b7:5d:86:d8:2b:fc:59:b0:7e:36:65: ec:0a:b3:33:e8:ec:e5:f0:c8:07:3d:7b:0f:7f:c3:2c:81:b1: 94:89:d2:7f:9d:84:17:c2:6b:2e:37:ba:4a:aa:8a:34:32:81: 19:3d:ba:3f:a0:d9:25:62:8a:12:b4:e0:4b:6f:33:6f:e4:61: 66:3f:3d:10:a8:81:79:10:ee:79:b3:cc:a3:8d:f4:65:4a:30: 9c:10:17:be:5c:e3:50:e4:89:5a:13:98:e3:7a:4a:56:72:ff: d8:0c:c4:40:0e:9d:33:09:e4:05:c2:20:41:3e:5a:34:5f:01: bd:ee:4e:d5:27:75:a5:f1:07:8a:d3:15:76:d5:1d:a6:a5:71: 75:73:47:65:47:c6:b8:53:70:6e:78:6e:d7:f8:1b:61:95:ce: 3b:23:97:80:fc:a2:12:69:a6:4b:16:47:ba:17:a1:e7:85:8d: c0:12:81:2b:72:95:48:b4:9b:62:d6:5b:c1:7e:b0:1a:6f:22: 1f:e5:e3:bc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTdtVyboxqJbwPx60moh5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5 Yjc4M2IwHhcNMjUxMjI0MDMwMTIzWhcNMjUxMjI1MDMwMTIzWjAzMTEwLwYDVQQD Eyg2ZTBkNzVlMjhjNTM4MGNhNTkwZDgwZTE3NzI5YTcxMDA2ZDA5NDhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXMHA6MCLs4aM4zcgMjdvIrIkdr/ L3BL23gCfPORJQVORyh1zeiBaZChdThLWqMDnNbicboG2LjPMP3M5IEOqjK3A+qA cKIe+RXnpasM5mPVmqqMC0CCQA9vg0PK2UnYDmXW2oayHubbutMJLT0bb9MYhoMa pcIHoAH4ivLlEMHOAmlPtGMCuhYFUJgiJMTIYSTJDMr9DHfVEvZAPmI3kQ2How/K plnjRL3+/7UHosdY+NNwN64U+NYg/x11cwERsUk5VVSSLBuh+gA1FeFCfPCAJVgf KpHs4jfeaKNpNH4RqOIyKcDhPtijT2gAP7OQiVT3vIzZoiEKCECRh6NYfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG4NdeKMU4DKWQ2A4XcppxAG0JSLMB8GA1UdIwQY MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6f9kq85 WdInBn1h0CYq21E+XOsgJjIuG9FFkukSAhue4S1gkNGmcgxD3lGQVCvNJhJTOq5t 3/pH0RS9Irddhtgr/FmwfjZl7AqzM+js5fDIBz17D3/DLIGxlInSf52EF8JrLje6 SqqKNDKBGT26P6DZJWKKErTgS28zb+RhZj89EKiBeRDuebPMo430ZUownBAXvlzj UOSJWhOY43pKVnL/2AzEQA6dMwnkBcIgQT5aNF8Bve5O1Sd1pfEHitMVdtUdpqVx dXNHZUfGuFNwbnhu1/gbYZXOOyOXgPyiEmmmSxZHuheh54WNwBKBK3KVSLSbYtZb wX6wGm8iH+XjvA== -----END CERTIFICATE-----Generated at Wed Dec 24 08:47:37 2025 by rpki-client