This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft File: xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json) Hash identifier: L0eOBRXbly8BTqBldPWj7j7u9A2d8VQCLwpMgwYodcs= Subject key identifier: C1:D8:2D:DE:D5:ED:33:21:E0:B1:8D:AE:DF:B0:69:F2:D7:2D:C7:C7 Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21 Certificate issuer: /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621 Certificate serial: 019B39EB4D838E6B9E1110BF55515E059A28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft Manifest number: 1784 Signing time: Sat 20 Dec 2025 04:01:20 +0000 Manifest this update: Sat 20 Dec 2025 04:01:20 +0000 Manifest next update: Sun 21 Dec 2025 04:01:20 +0000 Files and hashes: 1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: NhU6BuL9g55XZVtP7q7TFcZZAmrKPShKo7LgHVl2PwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:eb:4d:83:8e:6b:9e:11:10:bf:55:51:5e:05:9a:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621 Validity Not Before: Dec 20 04:01:20 2025 GMT Not After : Dec 21 04:01:20 2025 GMT Subject: CN=c1d82dded5ed3321e0b18daedfb069f2d72dc7c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cc:cd:79:0b:5d:ff:db:52:60:82:42:b1:c6: af:aa:7b:ec:44:95:50:e2:9c:9c:f5:50:c3:4d:9b: 85:33:78:88:1d:96:d6:a4:a4:77:df:06:cc:87:33: 08:26:47:43:a4:f5:31:0b:73:7e:37:de:0d:a8:80: ac:14:ea:c4:a3:02:fc:47:af:4e:ce:98:c1:66:95: 19:db:c2:29:51:a9:24:ad:b8:d3:d9:fd:8f:71:e4: 36:be:cd:fa:64:53:db:44:5c:1b:7e:ed:fd:6e:f5: 43:08:fa:a7:f8:6e:42:a6:d1:00:04:11:22:43:ee: 8a:8b:37:ce:62:70:a8:31:b0:d7:56:83:a4:fc:c4: 67:4f:76:62:d9:2e:d2:7b:ce:41:c9:01:b6:dc:66: 9b:4b:60:48:9c:47:37:6e:33:e6:1d:31:b7:37:9c: 44:aa:17:9b:35:58:07:01:48:0d:2f:30:ba:73:ac: 40:17:4f:17:20:76:4d:4d:75:3f:c3:9b:0e:4a:42: bc:80:03:49:7f:c8:30:68:b7:42:00:31:fa:63:e0: 07:b9:13:2a:c8:75:02:81:2a:2e:bc:a8:cc:ae:5d: 2c:f6:a7:7c:b3:59:00:8e:27:75:ec:cb:e3:13:64: 38:77:ff:c5:a5:7d:5f:36:9f:56:9f:7d:25:38:4f: 91:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:D8:2D:DE:D5:ED:33:21:E0:B1:8D:AE:DF:B0:69:F2:D7:2D:C7:C7 X509v3 Authority Key Identifier: keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:30:f9:25:6f:49:1f:ac:e2:f9:7c:78:b0:6f:ed:8b:3f:96: b8:96:62:84:6f:f3:7f:51:7c:38:c2:d5:73:9e:82:37:d6:ea: 5e:a4:0a:58:38:1f:07:71:f4:f8:5a:53:74:9b:dd:9d:b8:6f: c9:7a:47:37:c6:14:43:1c:01:e5:60:31:fe:b8:40:26:5d:bd: 97:f7:8e:8c:ec:50:1c:36:92:67:e2:86:37:ef:08:ee:c3:6d: a3:c6:83:17:41:ec:16:70:6f:6e:71:1d:53:6f:bc:2a:9e:97: aa:9a:7f:a5:00:05:46:ce:57:a7:a1:17:39:19:94:d9:25:12: fc:8e:64:35:5b:91:ef:cf:95:ef:51:01:4c:76:0f:95:e9:43: 16:07:89:3c:dc:db:72:25:3b:62:d5:d6:74:98:4f:ad:af:36: 54:2a:62:81:e5:d8:6d:5b:0a:a0:2e:35:cf:bf:75:cb:29:b8: 80:ba:43:1d:71:bc:b9:bd:3c:eb:2e:d8:4a:10:fe:25:34:99: 86:15:50:f4:62:b9:1e:39:2b:a8:64:5f:b4:c5:84:13:2c:2e: 3f:c5:86:f0:bc:84:53:0b:bc:b2:9d:09:f0:d4:56:51:69:1f: 55:cb:d9:d3:19:01:e1:97:4d:ae:16:6d:00:59:5e:a5:dd:9e: 19:8f:4a:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5602DjmueERC/VVFeBZooMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0 MjM2MjEwHhcNMjUxMjIwMDQwMTIwWhcNMjUxMjIxMDQwMTIwWjAzMTEwLwYDVQQD EyhjMWQ4MmRkZWQ1ZWQzMzIxZTBiMThkYWVkZmIwNjlmMmQ3MmRjN2M3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMzNeQtd/9tSYIJCscavqnvsRJVQ 4pyc9VDDTZuFM3iIHZbWpKR33wbMhzMIJkdDpPUxC3N+N94NqICsFOrEowL8R69O zpjBZpUZ28IpUakkrbjT2f2PceQ2vs36ZFPbRFwbfu39bvVDCPqn+G5CptEABBEi Q+6KizfOYnCoMbDXVoOk/MRnT3Zi2S7Se85ByQG23GabS2BInEc3bjPmHTG3N5xE qhebNVgHAUgNLzC6c6xAF08XIHZNTXU/w5sOSkK8gANJf8gwaLdCADH6Y+AHuRMq yHUCgSouvKjMrl0s9qd8s1kAjid17MvjE2Q4d//FpX1fNp9Wn30lOE+RzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMHYLd7V7TMh4LGNrt+wafLXLcfHMB8GA1UdIwQY MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTD5JW9J H6zi+Xx4sG/tiz+WuJZihG/zf1F8OMLVc56CN9bqXqQKWDgfB3H0+FpTdJvdnbhv yXpHN8YUQxwB5WAx/rhAJl29l/eOjOxQHDaSZ+KGN+8I7sNto8aDF0HsFnBvbnEd U2+8Kp6Xqpp/pQAFRs5Xp6EXORmU2SUS/I5kNVuR78+V71EBTHYPlelDFgeJPNzb ciU7YtXWdJhPra82VCpigeXYbVsKoC41z791yym4gLpDHXG8ub086y7YShD+JTSZ hhVQ9GK5HjkrqGRftMWEEywuP8WG8LyEUwu8sp0J8NRWUWkfVcvZ0xkB4ZdNrhZt AFlepd2eGY9KVA== -----END CERTIFICATE-----Generated at Sat Dec 20 06:51:15 2025 by rpki-client