This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft File: xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json) Hash identifier: QcOqQuhzi/v0S37McTBerq9vJ1Vf+xNdsREzZK46RoY= Subject key identifier: E2:55:F5:39:33:A9:FD:EF:2B:C0:81:09:B8:1E:E1:FF:50:57:DF:38 Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0 Certificate issuer: /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0 Certificate serial: 019B631D96CEA0C3AABDFB8DFB25FE05E4AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft Manifest number: 0758 Signing time: Sun 28 Dec 2025 04:00:42 +0000 Manifest this update: Sun 28 Dec 2025 04:00:42 +0000 Manifest next update: Mon 29 Dec 2025 04:00:42 +0000 Files and hashes: 1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: Jx5KZKdgpxG6qduobUHtdRij2jUsn/eZwbvviVreM8k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1d:96:ce:a0:c3:aa:bd:fb:8d:fb:25:fe:05:e4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0 Validity Not Before: Dec 28 04:00:42 2025 GMT Not After : Dec 29 04:00:42 2025 GMT Subject: CN=e255f53933a9fdef2bc08109b81ee1ff5057df38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8c:e0:23:b4:50:ee:6c:2a:ac:f6:6c:83:52: 5f:0a:52:a3:b6:8e:f4:16:bc:ca:bd:84:d9:bb:16: 73:02:9b:bd:2f:01:52:38:48:9d:2d:27:7d:6d:a5: c7:92:75:36:eb:c9:87:60:26:96:c7:f9:de:4b:2a: f2:11:b1:88:7f:02:57:9b:8f:a9:f5:54:30:68:0d: 98:8c:d7:72:83:2d:5e:e7:be:22:59:b4:a9:02:5a: 3a:74:ba:06:aa:41:7a:cd:d4:73:1a:a7:78:45:2b: fb:ed:d2:77:d1:b9:99:b5:51:bb:33:d9:c2:96:27: c3:d0:92:f9:f8:cd:e3:93:87:c2:08:f5:48:da:30: 89:95:cf:6b:f8:57:f7:43:c8:bf:50:8c:07:f9:13: 4b:b9:aa:4e:8a:e5:04:62:b6:01:d1:50:ce:81:af: 4b:25:37:e9:7b:0a:94:77:b3:15:1d:bb:e1:c4:3c: 7a:f4:e0:ea:08:74:43:23:28:4e:99:d3:75:b9:05: 5f:77:08:f1:5a:4d:34:8d:25:06:37:72:00:86:ef: ef:14:f6:62:d9:f3:16:d6:77:ae:e5:67:c3:c1:04: 32:5e:63:9b:89:c2:a8:c9:4b:58:04:42:06:6e:37: 8a:6f:26:a4:42:a3:68:56:5d:bc:dc:05:82:02:02: 2a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:55:F5:39:33:A9:FD:EF:2B:C0:81:09:B8:1E:E1:FF:50:57:DF:38 X509v3 Authority Key Identifier: keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:05:af:8a:82:3a:f9:2a:5f:ba:8f:9f:c5:4e:71:c0:8a:3c: 76:fc:5c:8c:f7:fe:ae:2f:fd:21:d4:06:9f:e4:5f:b8:c2:9f: d9:8a:87:27:71:56:49:3e:bc:4f:1e:6e:85:f1:ee:0b:e5:ac: 9a:81:ac:63:c5:30:67:8d:52:d6:05:41:bc:f6:43:bd:50:af: 9d:72:0e:4f:c2:62:87:98:39:5d:82:df:b2:27:20:30:85:c9: a9:d7:6f:f9:91:5f:b5:aa:6e:c1:57:37:a6:61:66:1f:46:72: 75:d2:6f:65:7b:c5:55:51:9d:b1:e6:2d:e7:10:38:f4:08:36: b2:35:17:be:5d:5e:1b:a7:5d:9f:29:09:96:bf:3f:4f:b6:39: df:50:9d:fd:50:30:73:d3:df:cc:f7:d2:34:61:5f:11:3e:ee: d3:da:ae:d5:fd:87:25:70:11:79:7e:73:51:d8:4b:c5:04:cf: 96:cc:4c:63:41:51:6b:0a:c0:57:ff:5a:f9:59:53:63:e0:71: 18:50:20:31:eb:66:4b:46:0b:7e:cf:72:0d:00:38:1a:9a:3c: c9:60:cf:39:19:b0:48:e8:6c:b9:0d:7a:c2:54:aa:7e:d9:cb: fe:a5:01:d3:00:65:ac:94:09:52:8d:fb:d6:bd:8f:76:c9:54: 26:78:97:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHZbOoMOqvfuN+yX+BeStMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk YzY4YTAwHhcNMjUxMjI4MDQwMDQyWhcNMjUxMjI5MDQwMDQyWjAzMTEwLwYDVQQD EyhlMjU1ZjUzOTMzYTlmZGVmMmJjMDgxMDliODFlZTFmZjUwNTdkZjM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIzgI7RQ7mwqrPZsg1JfClKjto70 FrzKvYTZuxZzApu9LwFSOEidLSd9baXHknU268mHYCaWx/neSyryEbGIfwJXm4+p 9VQwaA2YjNdygy1e574iWbSpAlo6dLoGqkF6zdRzGqd4RSv77dJ30bmZtVG7M9nC lifD0JL5+M3jk4fCCPVI2jCJlc9r+Ff3Q8i/UIwH+RNLuapOiuUEYrYB0VDOga9L JTfpewqUd7MVHbvhxDx69ODqCHRDIyhOmdN1uQVfdwjxWk00jSUGN3IAhu/vFPZi 2fMW1neu5WfDwQQyXmObicKoyUtYBEIGbjeKbyakQqNoVl283AWCAgIq8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOJV9Tkzqf3vK8CBCbge4f9QV984MB8GA1UdIwQY MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQWvioI6 +Spfuo+fxU5xwIo8dvxcjPf+ri/9IdQGn+RfuMKf2YqHJ3FWST68Tx5uhfHuC+Ws moGsY8UwZ41S1gVBvPZDvVCvnXIOT8Jih5g5XYLfsicgMIXJqddv+ZFftapuwVc3 pmFmH0ZyddJvZXvFVVGdseYt5xA49Ag2sjUXvl1eG6ddnykJlr8/T7Y531Cd/VAw c9PfzPfSNGFfET7u09qu1f2HJXAReX5zUdhLxQTPlsxMY0FRawrAV/9a+VlTY+Bx GFAgMetmS0YLfs9yDQA4Gpo8yWDPORmwSOhsuQ16wlSqftnL/qUB0wBlrJQJUo37 1r2PdslUJniXSg== -----END CERTIFICATE-----Generated at Sun Dec 28 06:28:56 2025 by rpki-client