This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft File: XOMWuo-zBWfOy8cnBR02QA4lH8c.mft (raw, json) Hash identifier: 4BfeZrDVmjdjmXdePyn2UdCoGlcO59YXuoceR1KII38= Subject key identifier: 68:3A:16:8E:22:5E:E8:D2:87:AF:97:4C:74:A5:4E:D1:87:07:35:C1 Authority key identifier: 5C:E3:16:BA:8F:B3:05:67:CE:CB:C7:27:05:1D:36:40:0E:25:1F:C7 Certificate issuer: /CN=5ce316ba8fb30567cecbc727051d36400e251fc7 Certificate serial: 019B44DCB0F6EABAC60EE24CA0D514B46EC2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft Manifest number: 0564 Signing time: Mon 22 Dec 2025 07:01:12 +0000 Manifest this update: Mon 22 Dec 2025 07:01:12 +0000 Manifest next update: Tue 23 Dec 2025 07:01:12 +0000 Files and hashes: 1: XOMWuo-zBWfOy8cnBR02QA4lH8c.crl (hash: g9XuiZ9Wk9i5K1QOe5Twv5bpgW0NubyRJBp+7E2JdJo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 07:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:dc:b0:f6:ea:ba:c6:0e:e2:4c:a0:d5:14:b4:6e:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ce316ba8fb30567cecbc727051d36400e251fc7 Validity Not Before: Dec 22 07:01:12 2025 GMT Not After : Dec 23 07:01:12 2025 GMT Subject: CN=683a168e225ee8d287af974c74a54ed1870735c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:7f:8b:07:be:f5:e6:cf:5a:b8:f9:0b:61:25: bc:1f:01:34:ff:bf:28:dd:51:9f:eb:d6:8c:d5:95: 04:52:73:a6:48:51:d2:7a:5c:a0:7e:aa:93:1b:d5: 3c:54:a9:71:de:2c:ad:91:84:39:1c:8e:e2:6e:be: 8d:9f:33:f7:c5:37:f0:0b:fb:35:76:f9:6f:e9:e8: 13:5a:fb:a3:02:97:3a:cf:09:1c:c3:b5:58:2d:ab: 80:a3:ce:92:ac:4c:79:f0:b6:b9:08:d1:c9:b7:57: 2c:a2:0c:cb:5d:c4:00:75:21:b9:87:7a:ab:ac:46: ca:04:40:4c:da:8c:ef:46:e7:f9:cf:c4:3c:7e:51: 9b:62:a1:bf:b8:04:73:b1:d0:69:9a:b5:5a:51:5a: 5f:ac:f8:7d:92:08:52:0c:35:cc:32:e3:8a:34:d4: 04:f1:ba:29:d2:30:4c:2c:20:9a:45:aa:3f:8d:a9: a6:55:82:30:a8:82:fc:68:a7:8b:64:1a:ec:53:86: 41:9f:d1:36:93:e1:b9:d0:ff:83:a4:d4:43:1d:95: 9b:b1:87:c8:be:7e:46:4b:41:0a:ff:c8:42:49:b8: b2:cd:3d:57:1b:40:55:e4:47:72:6c:bd:fa:f6:28: 37:ff:0f:f7:ce:67:63:0e:1f:39:39:80:94:f3:b0: 48:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:3A:16:8E:22:5E:E8:D2:87:AF:97:4C:74:A5:4E:D1:87:07:35:C1 X509v3 Authority Key Identifier: keyid:5C:E3:16:BA:8F:B3:05:67:CE:CB:C7:27:05:1D:36:40:0E:25:1F:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:c0:f4:52:5b:f0:aa:01:c8:25:4f:40:59:8d:6c:3f:10:eb: 6e:78:77:4a:37:65:9c:ac:58:e0:00:87:8a:18:b7:cf:00:ec: da:83:06:94:7b:6e:d5:67:41:c4:00:c5:c0:b6:01:9b:43:51: c1:75:70:20:c1:14:5c:f3:bc:fe:8a:53:37:00:f6:8d:f2:7e: 6d:28:b6:6c:32:2f:de:b1:d0:18:e8:ba:41:eb:d3:70:3a:aa: 0f:56:40:2f:05:70:53:3c:54:e7:80:73:75:26:6a:8a:2e:78: 1b:15:5f:3c:26:aa:c1:86:e6:21:0c:aa:36:45:5e:27:72:7e: 4a:29:bd:65:dd:5c:02:95:cb:02:8d:c2:b7:48:b4:0b:ae:74: 88:ee:5e:ea:9e:88:78:c5:08:c3:4f:11:de:3a:3f:d9:2e:20: d4:8b:f6:c9:ec:2a:51:c6:8b:cb:40:0d:61:33:26:f9:d9:a7: 8a:d0:f5:a8:ab:c8:6f:40:ab:d7:54:4a:64:30:0c:92:9f:5c: 18:00:d3:1b:e3:c3:4a:43:ec:a1:8b:cc:f2:9e:65:cc:75:03: f9:18:e7:71:e0:cd:4f:31:f6:23:73:14:94:ef:60:d4:67:4f: 6f:c4:88:d2:4d:43:54:ca:f7:6e:a7:2e:75:9a:28:10:9e:14: a1:ad:a7:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtE3LD26rrGDuJMoNUUtG7CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZTMxNmJhOGZiMzA1NjdjZWNiYzcyNzA1MWQzNjQwMGUy NTFmYzcwHhcNMjUxMjIyMDcwMTEyWhcNMjUxMjIzMDcwMTEyWjAzMTEwLwYDVQQD Eyg2ODNhMTY4ZTIyNWVlOGQyODdhZjk3NGM3NGE1NGVkMTg3MDczNWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3+LB7715s9auPkLYSW8HwE0/78o 3VGf69aM1ZUEUnOmSFHSelygfqqTG9U8VKlx3iytkYQ5HI7ibr6NnzP3xTfwC/s1 dvlv6egTWvujApc6zwkcw7VYLauAo86SrEx58La5CNHJt1csogzLXcQAdSG5h3qr rEbKBEBM2ozvRuf5z8Q8flGbYqG/uARzsdBpmrVaUVpfrPh9kghSDDXMMuOKNNQE 8bop0jBMLCCaRao/jammVYIwqIL8aKeLZBrsU4ZBn9E2k+G50P+DpNRDHZWbsYfI vn5GS0EK/8hCSbiyzT1XG0BV5EdybL369ig3/w/3zmdjDh85OYCU87BIhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGg6Fo4iXujSh6+XTHSlTtGHBzXBMB8GA1UdIwQY MBaAFFzjFrqPswVnzsvHJwUdNkAOJR/HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yNDdlZWYtZjcxYS00MjFmLWJiODYt MjY3MjlkODk0ZWY3LzEvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8yNDdlZWYtZjcxYS00MjFmLWJiODYtMjY3MjlkODk0ZWY3 LzEvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8D0Ulvw qgHIJU9AWY1sPxDrbnh3SjdlnKxY4ACHihi3zwDs2oMGlHtu1WdBxADFwLYBm0NR wXVwIMEUXPO8/opTNwD2jfJ+bSi2bDIv3rHQGOi6QevTcDqqD1ZALwVwUzxU54Bz dSZqii54GxVfPCaqwYbmIQyqNkVeJ3J+Sim9Zd1cApXLAo3Ct0i0C650iO5e6p6I eMUIw08R3jo/2S4g1Iv2yewqUcaLy0ANYTMm+dmnitD1qKvIb0Cr11RKZDAMkp9c GADTG+PDSkPsoYvM8p5lzHUD+RjnceDNTzH2I3MUlO9g1GdPb8SI0k1DVMr3bqcu dZooEJ4Uoa2nfw== -----END CERTIFICATE-----Generated at Mon Dec 22 14:12:24 2025 by rpki-client