This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft File: XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json) Hash identifier: WT5ACwRSynhC9NVTTxg1kW/aMWFdNlbh0ddEsGDjKE4= Subject key identifier: E2:EB:96:9D:0B:F5:4C:3C:BD:4C:80:C4:49:96:47:9B:11:8C:B1:F3 Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB Certificate issuer: /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb Certificate serial: 019B1F86681B86CE11F022B9174A6F1265DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft Manifest number: 0C85 Signing time: Mon 15 Dec 2025 01:01:00 +0000 Manifest this update: Mon 15 Dec 2025 01:01:00 +0000 Manifest next update: Tue 16 Dec 2025 01:01:00 +0000 Files and hashes: 1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: fYpITWhB0A+aVCk/AuLxrOPsbAOz4tlKrUtK2tORl44=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:86:68:1b:86:ce:11:f0:22:b9:17:4a:6f:12:65:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb Validity Not Before: Dec 15 01:01:00 2025 GMT Not After : Dec 16 01:01:00 2025 GMT Subject: CN=e2eb969d0bf54c3cbd4c80c44996479b118cb1f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8e:8e:6c:c2:e4:44:ba:c7:6b:77:cf:95:a6: 74:db:3c:1d:95:e1:10:86:98:f1:e3:fc:24:be:04: bf:22:23:99:df:62:de:b0:a2:f8:3a:2e:57:d6:df: bf:6b:4e:11:08:0a:98:7d:16:8a:16:d0:93:83:20: 32:73:f8:46:0b:6d:e8:dc:f8:f7:71:1f:61:d5:2b: 39:cb:06:ee:9e:b7:92:29:83:4e:23:73:00:f1:e4: ec:39:e5:b8:b0:e1:a3:a8:38:5a:a4:09:b0:77:52: db:c2:63:13:dd:b0:06:03:80:25:1f:13:1a:9e:a1: d7:d7:bb:f6:cd:ea:5b:f9:78:89:4e:03:48:a1:7a: 06:7c:45:5a:7b:63:f1:36:df:60:75:99:a5:86:b9: 18:03:17:fb:95:3f:9d:50:5b:68:a8:3f:b9:5c:4c: ec:52:f7:ea:47:b9:63:46:d2:a0:9a:6f:55:fd:68: a1:6b:aa:72:75:30:8e:12:c9:74:fc:6c:2e:f0:4c: c1:78:81:2b:ab:89:c4:9c:9d:93:c0:9e:3d:94:e3: b0:51:15:7a:86:e7:f5:97:b0:d1:5d:d2:f7:14:8e: c8:cb:e2:b1:ec:c5:22:8a:79:b5:00:bb:24:8a:0e: a6:87:af:42:23:37:cc:a0:23:63:59:6f:a2:10:f8: 4d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:EB:96:9D:0B:F5:4C:3C:BD:4C:80:C4:49:96:47:9B:11:8C:B1:F3 X509v3 Authority Key Identifier: keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:1e:3f:98:79:60:54:1b:a0:06:49:a1:96:1c:d8:8a:83:53: 06:73:1d:fa:0b:f1:fc:3d:66:56:26:c1:29:a6:c3:30:78:05: 27:2d:61:35:b0:82:66:ce:e8:e8:c8:f2:26:e3:7e:7d:f0:91: 65:e7:62:a3:b6:fd:f5:54:9a:1f:65:37:68:ac:1d:88:eb:96: 51:54:66:f7:5a:e0:9a:0e:5f:00:b3:06:78:3f:2f:75:33:8f: f3:24:1a:b8:74:2c:13:90:79:f6:f0:8a:7c:8d:cd:5a:64:8e: 6d:45:ec:fd:0c:66:02:75:68:78:0d:53:17:12:d8:f1:11:2d: 82:eb:c6:e5:fa:89:7d:9f:01:7a:26:02:98:87:00:9e:1c:84: f7:be:f3:10:ad:56:48:50:65:f0:65:94:33:82:0e:62:06:93: 7b:49:76:cb:22:c4:f5:14:d0:fb:a9:e6:2d:4d:a0:3e:9b:55: 66:46:8b:8a:83:70:98:15:8a:a2:13:27:f7:7a:88:96:19:34: 66:b4:32:ac:eb:5b:9f:55:35:ba:34:fa:b9:45:f7:77:61:6f: fe:2d:3c:9b:06:17:08:6d:9c:b1:46:6a:db:ed:70:11:71:18: fa:b7:5b:ba:3c:4f:9b:7a:9a:8d:73:1a:62:39:fa:57:5b:47: 01:93:2b:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfhmgbhs4R8CK5F0pvEmXcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh MDg1Y2IwHhcNMjUxMjE1MDEwMTAwWhcNMjUxMjE2MDEwMTAwWjAzMTEwLwYDVQQD EyhlMmViOTY5ZDBiZjU0YzNjYmQ0YzgwYzQ0OTk2NDc5YjExOGNiMWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I6ObMLkRLrHa3fPlaZ02zwdleEQ hpjx4/wkvgS/IiOZ32LesKL4Oi5X1t+/a04RCAqYfRaKFtCTgyAyc/hGC23o3Pj3 cR9h1Ss5ywbunreSKYNOI3MA8eTsOeW4sOGjqDhapAmwd1LbwmMT3bAGA4AlHxMa nqHX17v2zepb+XiJTgNIoXoGfEVae2PxNt9gdZmlhrkYAxf7lT+dUFtoqD+5XEzs UvfqR7ljRtKgmm9V/Wiha6pydTCOEsl0/Gwu8EzBeIErq4nEnJ2TwJ49lOOwURV6 huf1l7DRXdL3FI7Iy+Kx7MUiinm1ALskig6mh69CIzfMoCNjWW+iEPhNtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOLrlp0L9Uw8vUyAxEmWR5sRjLHzMB8GA1UdIwQY MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0 LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjx4/mHlg VBugBkmhlhzYioNTBnMd+gvx/D1mVibBKabDMHgFJy1hNbCCZs7o6MjyJuN+ffCR Zedio7b99VSaH2U3aKwdiOuWUVRm91rgmg5fALMGeD8vdTOP8yQauHQsE5B59vCK fI3NWmSObUXs/QxmAnVoeA1TFxLY8REtguvG5fqJfZ8BeiYCmIcAnhyE977zEK1W SFBl8GWUM4IOYgaTe0l2yyLE9RTQ+6nmLU2gPptVZkaLioNwmBWKohMn93qIlhk0 ZrQyrOtbn1U1ujT6uUX3d2Fv/i08mwYXCG2csUZq2+1wEXEY+rdbujxPm3qajXMa Yjn6V1tHAZMraA== -----END CERTIFICATE-----Generated at Mon Dec 15 04:51:41 2025 by rpki-client