This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft File: xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json) Hash identifier: d43b2wnlzWq4THQV6TwZG5vt+zCn94L5uNaBRytkxos= Subject key identifier: F9:3C:69:81:37:42:FB:20:4F:2E:7C:F3:F7:DE:56:B4:70:C2:D5:3D Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52 Certificate issuer: /CN=c677739f0f9546b4f025772c5c2b179785923852 Certificate serial: 019B4E84C42E104275D5C8AFBBD38D54AE5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft Manifest number: 15A3 Signing time: Wed 24 Dec 2025 04:01:22 +0000 Manifest this update: Wed 24 Dec 2025 04:01:22 +0000 Manifest next update: Thu 25 Dec 2025 04:01:22 +0000 Files and hashes: 1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: 4NXSHohOj5/etxmiob1AwJHJCgf46A6SgBKEtCGf8vA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 04:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:84:c4:2e:10:42:75:d5:c8:af:bb:d3:8d:54:ae:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852 Validity Not Before: Dec 24 04:01:22 2025 GMT Not After : Dec 25 04:01:22 2025 GMT Subject: CN=f93c69813742fb204f2e7cf3f7de56b470c2d53d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:bd:a5:0e:85:9c:75:c5:9a:a6:10:bd:42:39: 43:a8:1c:3f:48:31:18:81:37:5f:78:93:9f:98:77: 0c:f0:36:20:6e:90:68:a5:98:36:5e:06:5a:70:ca: 86:16:e9:91:89:02:e6:8b:5d:10:df:f0:76:32:9c: 5f:84:f9:37:67:63:ce:5e:62:14:69:dc:eb:95:5f: a4:3d:63:05:f5:22:c0:b1:26:dd:b3:bf:5b:6e:07: e9:b6:33:9a:fd:94:d1:68:3e:bf:6f:80:80:40:b8: b8:b5:17:12:50:47:e9:27:de:af:c4:ba:7d:c2:59: f3:61:18:c8:e8:bc:43:f9:65:cd:c7:51:12:db:31: aa:d3:e0:f9:7b:b8:d2:8c:3e:cc:e0:f4:72:0e:d0: 8c:ee:94:79:b6:7f:58:98:cd:39:57:54:6c:86:3e: 58:1a:87:51:9a:d8:e8:c5:d2:e3:80:42:16:0c:a3: 1b:a0:3b:2b:04:76:95:13:22:e7:e2:78:6b:9f:72: 82:29:64:2c:e4:cb:ca:02:36:69:3a:a8:24:91:5b: 0b:e6:dc:09:e8:f3:fe:d7:dc:77:38:7c:ff:7b:e8: 05:c0:c2:01:0a:8e:33:63:16:1e:da:5c:3f:2b:d8: 4c:3c:39:6f:96:f4:55:4f:db:91:ab:d9:5b:52:b6: b6:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:3C:69:81:37:42:FB:20:4F:2E:7C:F3:F7:DE:56:B4:70:C2:D5:3D X509v3 Authority Key Identifier: keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:6b:18:e4:3b:a9:1f:19:2b:cc:7c:a8:d5:f6:bd:5d:53:cb: 54:07:71:ee:2e:2b:1e:0b:e2:ee:67:30:43:94:d0:96:fd:e9: fe:c4:d7:8e:a6:db:12:e1:bc:fb:7a:5c:c8:65:20:df:fe:71: 47:51:aa:ad:6b:e9:22:3e:ad:18:eb:2b:a5:7d:77:6e:82:db: a8:d0:68:bf:d8:ce:fc:8a:1d:60:57:c7:ed:f2:95:f9:48:4a: de:49:5d:6c:50:30:c6:8e:e7:c7:ca:71:8c:0b:a7:27:13:d4: 09:f6:4e:82:a2:67:cb:ca:66:b7:1f:96:86:79:dc:cf:7e:7f: 67:39:66:72:28:d2:96:38:c4:8d:a1:eb:3c:3a:ef:3c:b9:a1: 86:49:52:6b:89:b4:80:3f:c9:9c:2e:9d:5a:09:80:05:5b:be: 6c:20:3a:61:7c:85:a7:6a:13:af:3c:0d:b8:80:b2:51:25:d5: 28:e6:36:c4:5e:3d:a2:79:1d:bc:ea:08:f4:09:02:1a:40:3f: 82:6f:c9:88:5d:04:ff:ba:2a:32:af:6c:02:64:08:3f:99:39: 86:a7:0a:87:d4:0b:f2:c1:71:68:b7:56:0a:de:2a:46:67:b8: 0f:df:91:b0:ff:f6:a7:03:11:18:cc:03:77:d8:81:71:01:3f: 0d:36:72:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOhMQuEEJ11civu9ONVK5fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5 MjM4NTIwHhcNMjUxMjI0MDQwMTIyWhcNMjUxMjI1MDQwMTIyWjAzMTEwLwYDVQQD EyhmOTNjNjk4MTM3NDJmYjIwNGYyZTdjZjNmN2RlNTZiNDcwYzJkNTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp72lDoWcdcWaphC9QjlDqBw/SDEY gTdfeJOfmHcM8DYgbpBopZg2XgZacMqGFumRiQLmi10Q3/B2MpxfhPk3Z2POXmIU adzrlV+kPWMF9SLAsSbds79bbgfptjOa/ZTRaD6/b4CAQLi4tRcSUEfpJ96vxLp9 wlnzYRjI6LxD+WXNx1ES2zGq0+D5e7jSjD7M4PRyDtCM7pR5tn9YmM05V1Rshj5Y GodRmtjoxdLjgEIWDKMboDsrBHaVEyLn4nhrn3KCKWQs5MvKAjZpOqgkkVsL5twJ 6PP+19x3OHz/e+gFwMIBCo4zYxYe2lw/K9hMPDlvlvRVT9uRq9lbUra2+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPk8aYE3QvsgTy588/feVrRwwtU9MB8GA1UdIwQY MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3 LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATWsY5Dup HxkrzHyo1fa9XVPLVAdx7i4rHgvi7mcwQ5TQlv3p/sTXjqbbEuG8+3pcyGUg3/5x R1GqrWvpIj6tGOsrpX13boLbqNBov9jO/IodYFfH7fKV+UhK3kldbFAwxo7nx8px jAunJxPUCfZOgqJny8pmtx+Whnncz35/ZzlmcijSljjEjaHrPDrvPLmhhklSa4m0 gD/JnC6dWgmABVu+bCA6YXyFp2oTrzwNuICyUSXVKOY2xF49onkdvOoI9AkCGkA/ gm/JiF0E/7oqMq9sAmQIP5k5hqcKh9QL8sFxaLdWCt4qRme4D9+RsP/2pwMRGMwD d9iBcQE/DTZyAQ== -----END CERTIFICATE-----Generated at Wed Dec 24 10:33:08 2025 by rpki-client