This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json) Hash identifier: Th8a0uPgOGYFzr5DsGM7DYuV0sOwnwqd5hmCAPRIh54= Subject key identifier: 34:92:CD:E0:4D:84:D4:73:D7:FD:31:F6:57:0E:A7:2A:AF:47:00:C8 Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d Certificate serial: 019B3268AF9432DEEE1EE3CD0F85933D86B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft Manifest number: 03A7 Signing time: Thu 18 Dec 2025 17:01:19 +0000 Manifest this update: Thu 18 Dec 2025 17:01:19 +0000 Manifest next update: Fri 19 Dec 2025 17:01:19 +0000 Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: DtHfru45oevI68HtpRGV/SkCYbcCmBzJubjvvsD4VE4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:af:94:32:de:ee:1e:e3:cd:0f:85:93:3d:86:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d Validity Not Before: Dec 18 17:01:19 2025 GMT Not After : Dec 19 17:01:19 2025 GMT Subject: CN=3492cde04d84d473d7fd31f6570ea72aaf4700c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f3:e9:8e:ee:33:17:88:17:15:47:df:a4:3c: 2a:f4:3c:df:d8:59:27:b9:c9:72:e4:3a:6f:60:ed: 4f:ac:45:f3:bd:8c:04:37:4d:60:78:2c:96:18:ec: f0:d7:3c:f6:c9:a8:31:26:f2:08:75:6b:e5:01:ae: e0:ca:fe:b0:c3:38:ac:eb:60:f7:c3:6c:8d:3a:fd: ca:46:7f:dc:06:dd:09:8d:69:9b:00:2a:92:be:b8: 37:92:6d:4b:98:d0:46:de:d5:83:0b:e3:c0:f7:aa: b7:4e:ce:9a:ab:eb:98:be:18:05:c6:1d:2a:11:55: 64:ea:e3:f8:eb:15:38:10:3e:84:63:0a:4f:d5:77: cf:43:4a:f6:bb:25:6e:4c:31:74:ea:17:4e:ea:ac: 99:7f:c0:2a:31:82:66:fe:09:e5:87:3c:67:18:36: ca:da:23:9c:00:b3:c2:43:5b:67:b5:c5:4d:e3:5f: 50:d1:c6:ab:07:ce:ee:c6:97:4d:6c:78:21:af:c0: 70:ae:06:11:70:c4:29:bf:81:3b:7b:ad:f8:89:3b: 5e:26:18:30:01:ef:d6:7f:59:e8:d1:43:ca:12:40: 6d:89:e8:70:aa:f3:c2:21:9c:a4:d6:51:a9:c6:21: 48:ab:21:37:40:5f:56:89:38:40:11:74:3d:cb:88: c9:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:92:CD:E0:4D:84:D4:73:D7:FD:31:F6:57:0E:A7:2A:AF:47:00:C8 X509v3 Authority Key Identifier: keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:14:73:d1:2a:ff:99:1c:c2:00:ec:5f:6a:18:84:77:0a:54: 5b:8c:97:38:ad:f9:18:ea:07:05:07:80:2d:fd:d8:ed:3b:a7: 6d:91:6e:cc:b6:a1:b6:a1:fc:36:1c:57:79:29:17:d3:d8:ca: 1d:f9:76:0a:03:80:c9:cc:07:b4:16:bb:52:16:36:cd:57:3e: fa:3b:d6:c5:2b:d8:75:88:15:8c:f5:dc:27:56:f4:a1:30:99: 0b:ed:fd:34:05:ce:be:04:ad:d0:30:9f:ca:82:81:13:e8:a5: cb:f7:8c:1f:ac:5b:14:de:3b:2a:cc:f3:40:c1:0e:85:b8:99: 5f:a5:4c:b0:83:88:77:de:bc:31:d7:35:fb:fe:52:96:43:20: ad:52:dd:71:b0:fc:70:be:ef:e8:00:5b:ff:7e:28:d4:b9:9e: 28:a1:ff:f2:8d:b5:9f:cf:83:79:05:98:f7:d7:84:39:22:77: 50:ea:07:e6:00:c7:83:80:98:1f:a8:93:d4:1c:52:d2:94:ef: 02:df:4f:38:ab:36:2e:b8:0a:b8:e9:77:9e:86:e6:f4:00:df: 34:c3:20:6b:8d:07:06:c5:a1:e8:35:5a:71:ab:10:a5:15:4e: f4:9c:86:c4:59:b2:5c:8e:41:73:2c:49:d5:87:2e:bf:45:59: 6a:e5:8f:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaK+UMt7uHuPND4WTPYa4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm YjE1M2QwHhcNMjUxMjE4MTcwMTE5WhcNMjUxMjE5MTcwMTE5WjAzMTEwLwYDVQQD EygzNDkyY2RlMDRkODRkNDczZDdmZDMxZjY1NzBlYTcyYWFmNDcwMGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/Ppju4zF4gXFUffpDwq9Dzf2Fkn ucly5DpvYO1PrEXzvYwEN01geCyWGOzw1zz2yagxJvIIdWvlAa7gyv6wwzis62D3 w2yNOv3KRn/cBt0JjWmbACqSvrg3km1LmNBG3tWDC+PA96q3Ts6aq+uYvhgFxh0q EVVk6uP46xU4ED6EYwpP1XfPQ0r2uyVuTDF06hdO6qyZf8AqMYJm/gnlhzxnGDbK 2iOcALPCQ1tntcVN419Q0carB87uxpdNbHghr8BwrgYRcMQpv4E7e634iTteJhgw Ae/Wf1no0UPKEkBtiehwqvPCIZyk1lGpxiFIqyE3QF9WiThAEXQ9y4jJywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDSSzeBNhNRz1/0x9lcOpyqvRwDIMB8GA1UdIwQY MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtxRz0Sr/ mRzCAOxfahiEdwpUW4yXOK35GOoHBQeALf3Y7TunbZFuzLahtqH8NhxXeSkX09jK Hfl2CgOAycwHtBa7UhY2zVc++jvWxSvYdYgVjPXcJ1b0oTCZC+39NAXOvgSt0DCf yoKBE+ily/eMH6xbFN47KszzQMEOhbiZX6VMsIOId968Mdc1+/5SlkMgrVLdcbD8 cL7v6ABb/34o1LmeKKH/8o21n8+DeQWY99eEOSJ3UOoH5gDHg4CYH6iT1BxS0pTv At9POKs2LrgKuOl3nobm9ADfNMMga40HBsWh6DVacasQpRVO9JyGxFmyXI5BcyxJ 1Ycuv0VZauWP4g== -----END CERTIFICATE-----Generated at Fri Dec 19 01:26:05 2025 by rpki-client