This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json) Hash identifier: 4p/i7pgwL5GX7fBshgt8frCKC8YRrpleWJJRJV5/l7Q= Subject key identifier: 97:2F:F2:38:3C:D9:8A:E1:EC:C7:45:A1:AF:5B:5D:88:5B:0A:0F:11 Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d Certificate serial: 019B7FA79FEA05A2FC5D0D136BC66A202E5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft Manifest number: 03CF Signing time: Fri 02 Jan 2026 17:00:50 +0000 Manifest this update: Fri 02 Jan 2026 17:00:50 +0000 Manifest next update: Sat 03 Jan 2026 17:00:50 +0000 Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: bQKl+z2KbA6FmOplP18E39DJr7Is3zPgrPUKolit6Zw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 17:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:a7:9f:ea:05:a2:fc:5d:0d:13:6b:c6:6a:20:2e:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d Validity Not Before: Jan 2 17:00:50 2026 GMT Not After : Jan 3 17:00:50 2026 GMT Subject: CN=972ff2383cd98ae1ecc745a1af5b5d885b0a0f11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:20:b3:5f:0a:0e:a3:be:42:63:16:7d:e3:40: 69:d6:65:ea:37:8c:aa:14:b2:64:61:3c:95:5b:c0: 11:ef:30:9f:00:61:20:1f:92:0e:ad:04:a2:b6:c0: 54:fc:f0:be:6e:28:5f:ea:c6:59:9c:6a:fc:b6:46: 8d:ff:8e:a9:bf:20:e8:ff:2e:37:58:df:ee:88:1a: 26:dd:01:37:f2:cf:1d:4f:8a:d6:7b:61:c9:76:43: 97:d9:ba:5a:ee:6c:ea:9c:d8:8f:ac:b8:3b:73:e8: d1:71:b1:5a:0c:ab:18:41:db:bf:54:82:ce:90:87: 86:f9:7c:6b:d0:c9:e0:d9:c0:89:58:70:d8:a8:21: c6:28:89:57:ba:61:60:c7:da:ac:8d:a4:8f:60:b6: 93:f0:a3:97:81:41:a5:22:ed:66:d9:aa:99:63:fe: 9f:c0:69:5b:12:f5:b1:f2:2c:de:6d:c2:44:6b:76: 85:16:bf:fd:6f:91:3f:60:fb:e7:dc:82:fc:5b:e7: 87:8b:80:f2:61:79:d6:f7:b7:19:3d:23:b8:f7:71: ca:19:a8:c5:e5:45:18:5a:65:a6:c6:e9:c5:d7:37: 2d:a8:b1:d1:26:de:9a:3f:2b:90:e7:65:35:75:ca: ed:bf:27:fc:bc:90:64:00:6b:30:a1:54:37:51:79: d8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2F:F2:38:3C:D9:8A:E1:EC:C7:45:A1:AF:5B:5D:88:5B:0A:0F:11 X509v3 Authority Key Identifier: keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:1b:b1:54:54:14:36:9b:e1:8a:c6:3f:34:12:33:1e:15:0c: 53:a5:de:94:2b:ac:ec:7f:e8:e8:3b:c6:8f:04:ea:1e:38:9c: df:c9:8d:6e:4d:5e:a5:c2:2e:2d:b1:e4:72:07:a4:37:b7:d7: e8:49:b4:1f:15:18:8d:7c:ec:a7:1e:b9:58:81:00:e6:a3:a7: ef:9e:6c:b4:7b:b1:94:40:68:e7:23:cd:43:9f:d6:f8:42:7d: 5a:f7:9d:3a:f9:b1:78:08:34:11:41:00:6c:ef:4c:08:e6:a0: b1:ad:66:c1:3b:9b:b7:d2:47:1f:e9:a4:a8:5b:ee:e7:9e:65: a7:3f:66:dc:2c:8f:c1:8c:65:f1:7d:24:2c:96:3c:81:69:23: 34:e0:36:80:da:3d:57:2c:5f:a5:d3:b4:5a:f4:fa:62:65:9f: 8b:d9:1f:38:5f:9d:51:d1:30:d3:b6:72:bf:b6:74:17:65:c4: 20:96:37:0d:df:43:2a:10:87:c0:26:c4:c9:46:a0:ed:8c:07: fe:a2:4a:47:b3:72:1f:b6:8e:fc:24:84:b3:09:12:e5:10:3b: 6a:99:75:d7:46:b7:88:7d:dc:7d:65:f1:54:b3:bc:4a:b6:25: 8e:1f:8f:24:ec:22:8f:52:44:39:fa:0b:f3:0d:3d:6e:c9:db: e9:f6:08:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt/p5/qBaL8XQ0Ta8ZqIC5eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm YjE1M2QwHhcNMjYwMTAyMTcwMDUwWhcNMjYwMTAzMTcwMDUwWjAzMTEwLwYDVQQD Eyg5NzJmZjIzODNjZDk4YWUxZWNjNzQ1YTFhZjViNWQ4ODViMGEwZjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SCzXwoOo75CYxZ940Bp1mXqN4yq FLJkYTyVW8AR7zCfAGEgH5IOrQSitsBU/PC+bihf6sZZnGr8tkaN/46pvyDo/y43 WN/uiBom3QE38s8dT4rWe2HJdkOX2bpa7mzqnNiPrLg7c+jRcbFaDKsYQdu/VILO kIeG+Xxr0Mng2cCJWHDYqCHGKIlXumFgx9qsjaSPYLaT8KOXgUGlIu1m2aqZY/6f wGlbEvWx8izebcJEa3aFFr/9b5E/YPvn3IL8W+eHi4DyYXnW97cZPSO493HKGajF 5UUYWmWmxunF1zctqLHRJt6aPyuQ52U1dcrtvyf8vJBkAGswoVQ3UXnYQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJcv8jg82Yrh7MdFoa9bXYhbCg8RMB8GA1UdIwQY MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYxuxVFQU NpvhisY/NBIzHhUMU6XelCus7H/o6DvGjwTqHjic38mNbk1epcIuLbHkcgekN7fX 6Em0HxUYjXzspx65WIEA5qOn755stHuxlEBo5yPNQ5/W+EJ9WvedOvmxeAg0EUEA bO9MCOagsa1mwTubt9JHH+mkqFvu555lpz9m3CyPwYxl8X0kLJY8gWkjNOA2gNo9 VyxfpdO0WvT6YmWfi9kfOF+dUdEw07Zyv7Z0F2XEIJY3Dd9DKhCHwCbEyUag7YwH /qJKR7NyH7aO/CSEswkS5RA7apl110a3iH3cfWXxVLO8SrYljh+PJOwij1JEOfoL 8w09bsnb6fYI9w== -----END CERTIFICATE-----Generated at Sat Jan 3 02:20:03 2026 by rpki-client