This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft File: Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json) Hash identifier: EwcdFyATfu/24vpITl2uDTLnhbCUcaRAAi0UitlNsJg= Subject key identifier: B6:E7:45:9E:AD:CF:EA:FA:D2:4B:83:92:A6:0C:FB:CD:87:54:5E:E5 Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D Certificate issuer: /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d Certificate serial: 019B4AA7F8726610EAFFA59EAE250F5A3AE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft Manifest number: 159E Signing time: Tue 23 Dec 2025 10:01:20 +0000 Manifest this update: Tue 23 Dec 2025 10:01:20 +0000 Manifest next update: Wed 24 Dec 2025 10:01:20 +0000 Files and hashes: 1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: 2k0JMFqxWVdyx4Ru013cZBF5kdAcjcSM7ljUePbfHYA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a7:f8:72:66:10:ea:ff:a5:9e:ae:25:0f:5a:3a:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d Validity Not Before: Dec 23 10:01:20 2025 GMT Not After : Dec 24 10:01:20 2025 GMT Subject: CN=b6e7459eadcfeafad24b8392a60cfbcd87545ee5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c8:3d:ad:2f:32:fc:dc:85:1c:c9:b5:b8:38: b0:21:e4:ee:54:b4:9f:34:7b:7b:a5:9a:2e:38:97: 6f:6f:84:99:75:a7:ae:34:06:36:10:ab:b7:2c:78: 9f:4b:3d:92:08:96:05:04:8d:5d:54:ae:4b:ac:07: 34:34:f2:27:48:0b:45:e5:bc:bd:92:76:72:36:11: 53:a8:36:8a:a2:2c:74:ca:30:23:ac:b3:c0:30:f0: e2:78:bf:6a:c3:71:57:e2:4a:dd:f0:26:66:bd:aa: c4:87:bc:9b:59:ad:bf:b3:fe:0b:cd:d1:57:1d:05: e1:5a:c4:3c:8f:69:c6:4d:57:d4:5d:c7:58:db:04: e4:da:67:a3:3c:6d:5a:08:ba:6f:77:0c:a1:a9:69: b3:75:52:3e:24:b2:35:0c:67:de:49:66:6f:aa:f3: 67:01:90:0a:01:2f:9c:a6:6a:fd:27:68:79:06:8e: f4:03:ed:d6:b7:29:a2:48:24:9b:e2:59:71:ff:97: 5a:04:d7:cc:1f:0b:75:8a:2b:a6:d1:34:17:ec:8d: 41:b0:6b:f4:bb:af:88:43:b4:33:86:8e:d5:1c:5c: 9f:d1:a1:d2:78:b2:b4:97:5c:63:bb:f5:b4:22:e5: 95:be:fe:aa:a7:fb:67:37:93:18:5a:ac:54:5e:7c: c2:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:E7:45:9E:AD:CF:EA:FA:D2:4B:83:92:A6:0C:FB:CD:87:54:5E:E5 X509v3 Authority Key Identifier: keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:70:0b:2d:f6:85:4f:95:5e:60:73:b3:99:25:85:45:4d:d6: b4:43:af:97:98:31:5b:a1:46:7a:5b:32:45:69:df:a1:d9:0c: 90:a5:19:d9:d1:3d:85:f5:73:d8:ff:42:9a:ca:20:14:9a:5e: 6c:de:5c:38:02:2e:4b:c1:6e:62:fb:57:b0:ca:f6:34:a7:ee: 87:6c:48:7e:c3:12:b6:10:ad:92:a1:13:00:d8:09:80:a2:2b: 68:91:eb:84:c8:c2:bb:f1:fd:af:2a:38:81:e9:87:b5:79:a3: 16:21:95:81:3d:d9:66:9f:f4:ea:19:8e:50:49:07:f1:0d:0f: 76:7e:9b:a7:ad:10:69:b2:03:ae:3e:6b:1f:8e:ab:f5:90:f9: 74:bb:39:7d:68:4a:52:d3:b8:cc:14:d2:3f:be:62:5b:55:53: 43:d0:49:c0:df:5e:b2:85:f6:15:c5:2d:ce:08:6e:7b:7d:ba: 06:a7:4c:41:f5:ed:c3:ca:82:61:c5:be:9b:94:47:77:ec:18: 62:92:73:c6:f5:37:93:c7:c7:ee:e3:3e:f6:f0:51:2a:50:dc: 8e:41:4b:fa:d1:d1:52:e0:d9:aa:11:54:ab:6c:73:88:d2:59: 61:69:50:61:9c:b0:cb:50:90:5a:2a:ce:69:4e:48:de:d5:8a: 95:85:82:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKp/hyZhDq/6WeriUPWjrlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl NzU4MWQwHhcNMjUxMjIzMTAwMTIwWhcNMjUxMjI0MTAwMTIwWjAzMTEwLwYDVQQD EyhiNmU3NDU5ZWFkY2ZlYWZhZDI0YjgzOTJhNjBjZmJjZDg3NTQ1ZWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusg9rS8y/NyFHMm1uDiwIeTuVLSf NHt7pZouOJdvb4SZdaeuNAY2EKu3LHifSz2SCJYFBI1dVK5LrAc0NPInSAtF5by9 knZyNhFTqDaKoix0yjAjrLPAMPDieL9qw3FX4krd8CZmvarEh7ybWa2/s/4LzdFX HQXhWsQ8j2nGTVfUXcdY2wTk2mejPG1aCLpvdwyhqWmzdVI+JLI1DGfeSWZvqvNn AZAKAS+cpmr9J2h5Bo70A+3WtymiSCSb4llx/5daBNfMHwt1iium0TQX7I1BsGv0 u6+IQ7Qzho7VHFyf0aHSeLK0l1xju/W0IuWVvv6qp/tnN5MYWqxUXnzCiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLbnRZ6tz+r60kuDkqYM+82HVF7lMB8GA1UdIwQY MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1 LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIHALLfaF T5VeYHOzmSWFRU3WtEOvl5gxW6FGelsyRWnfodkMkKUZ2dE9hfVz2P9CmsogFJpe bN5cOAIuS8FuYvtXsMr2NKfuh2xIfsMSthCtkqETANgJgKIraJHrhMjCu/H9ryo4 gemHtXmjFiGVgT3ZZp/06hmOUEkH8Q0Pdn6bp60QabIDrj5rH46r9ZD5dLs5fWhK UtO4zBTSP75iW1VTQ9BJwN9esoX2FcUtzghue326BqdMQfXtw8qCYcW+m5RHd+wY YpJzxvU3k8fH7uM+9vBRKlDcjkFL+tHRUuDZqhFUq2xziNJZYWlQYZywy1CQWirO aU5I3tWKlYWCOQ== -----END CERTIFICATE-----Generated at Tue Dec 23 12:41:27 2025 by rpki-client