This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft File: X7qw05-2l5_k09JIOgG908k77O8.mft (raw, json) Hash identifier: EdUMgLW+YRTiXKBsjAy2qbNLhMNPV2BcaszXwcB0REk= Subject key identifier: AD:33:1E:23:EB:0E:6C:24:62:62:C4:35:A5:22:9C:EF:C7:E6:A9:56 Authority key identifier: 5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF Certificate issuer: /CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef Certificate serial: 019B058F40118AC9AA3678A23D9D8759E890 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft Manifest number: 0C7B Signing time: Wed 10 Dec 2025 00:00:32 +0000 Manifest this update: Wed 10 Dec 2025 00:00:32 +0000 Manifest next update: Thu 11 Dec 2025 00:00:32 +0000 Files and hashes: 1: X7qw05-2l5_k09JIOgG908k77O8.crl (hash: HgDCIxde8PJZ2R3jkiftvTmr+RIi9fvmDdh41lLqJdE=) 2: vKqft3GpUgOOXSf2VjTKls-pWMw.roa (hash: 5Tvu15lYIVA9/K7Qk9i7l4tCbiMQ02zrBkIoUMRXadY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 00:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:05:8f:40:11:8a:c9:aa:36:78:a2:3d:9d:87:59:e8:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef Validity Not Before: Dec 10 00:00:32 2025 GMT Not After : Dec 11 00:00:32 2025 GMT Subject: CN=ad331e23eb0e6c246262c435a5229cefc7e6a956 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:36:83:77:37:59:c4:2b:07:e4:f1:44:66:64: 94:a7:aa:4e:9e:b2:38:81:0d:fc:1a:1c:4e:11:97: 48:9b:8c:cf:f2:bb:96:3a:0b:f7:5d:3c:79:c7:2a: fe:41:bb:55:24:93:16:1b:50:ac:49:e2:f9:79:db: 66:7c:e1:89:89:4a:12:f0:7a:97:3e:21:4e:4b:0e: f9:8a:79:3c:cc:ae:f0:09:7a:8d:43:ff:51:5b:06: ba:a9:63:52:bf:dc:e9:ec:11:23:0a:ca:18:3c:cc: 25:6f:47:72:7d:d4:bc:01:e6:99:a9:4a:93:1c:61: c4:3a:3d:24:f7:ad:79:eb:4c:2e:b6:b8:62:18:28: 52:b0:17:57:54:c8:93:68:ee:48:8c:6d:a0:d0:7f: b2:b0:49:c0:e1:7a:e2:b3:1d:82:ec:3d:d5:9d:8c: f7:07:80:f0:b9:4a:6a:bf:71:a1:e9:05:a9:5c:4b: b6:f2:6e:3a:73:51:27:63:a6:d6:1e:29:4f:2a:64: f4:a4:7a:87:9d:82:26:fd:70:f5:89:d1:84:71:96: c7:10:e1:80:57:95:a2:5e:0e:4b:09:27:b6:f4:09: 0b:94:be:75:db:99:69:22:ba:5b:67:07:b2:9c:e5: 8b:35:b5:a1:ad:ad:10:ce:5c:76:d7:88:7b:c3:a3: c6:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:33:1E:23:EB:0E:6C:24:62:62:C4:35:A5:22:9C:EF:C7:E6:A9:56 X509v3 Authority Key Identifier: keyid:5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption dd:4e:f6:5d:00:4f:b1:f9:8a:7f:60:a0:a4:c8:e3:02:f8:47: b9:3e:dc:fd:30:19:19:8d:dc:79:90:29:47:18:c5:c8:9a:45: cf:a2:44:46:b5:b7:ed:a8:66:35:b6:b2:37:26:64:b5:b8:40: ea:34:51:08:05:c6:93:af:9c:b6:59:32:98:f6:af:9b:54:01: 1c:db:25:37:e0:1a:e3:f7:cf:29:1e:90:b1:51:64:4a:9b:35: b0:dd:d2:57:3c:bb:e0:c1:8e:ef:60:97:41:f3:8c:d5:bc:89: 71:b7:55:b7:e4:02:1d:93:8d:41:96:a3:16:9c:15:ad:9c:d4: 99:00:b1:85:e2:14:6f:87:bd:2b:5f:86:88:f6:86:49:f2:69: 56:5d:35:79:cc:fe:66:ed:68:b8:b4:d4:b5:66:10:a2:52:d7: 70:9c:c7:30:0b:3e:3a:78:ec:33:70:0b:7f:29:ff:2c:c0:7d: 2d:d5:05:d9:60:3d:c8:33:d4:e8:47:31:d7:58:6b:93:c5:3f: b8:58:04:1f:2d:6c:c3:ae:62:1b:5e:9a:c2:9b:b5:e1:bd:29: d5:ba:f2:07:9c:dc:3c:65:93:c3:6e:be:2c:59:87:17:89:13: 87:12:b6:8f:32:2c:77:73:82:84:4d:ce:d8:0d:fb:89:91:41: e1:87:3c:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsFj0ARismqNniiPZ2HWeiQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYmFiMGQzOWZiNjk3OWZlNGQzZDI0ODNhMDFiZGQzYzkz YmVjZWYwHhcNMjUxMjEwMDAwMDMyWhcNMjUxMjExMDAwMDMyWjAzMTEwLwYDVQQD EyhhZDMzMWUyM2ViMGU2YzI0NjI2MmM0MzVhNTIyOWNlZmM3ZTZhOTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjaDdzdZxCsH5PFEZmSUp6pOnrI4 gQ38GhxOEZdIm4zP8ruWOgv3XTx5xyr+QbtVJJMWG1CsSeL5edtmfOGJiUoS8HqX PiFOSw75ink8zK7wCXqNQ/9RWwa6qWNSv9zp7BEjCsoYPMwlb0dyfdS8AeaZqUqT HGHEOj0k961560wutrhiGChSsBdXVMiTaO5IjG2g0H+ysEnA4Xrisx2C7D3VnYz3 B4DwuUpqv3Gh6QWpXEu28m46c1EnY6bWHilPKmT0pHqHnYIm/XD1idGEcZbHEOGA V5WiXg5LCSe29AkLlL5125lpIrpbZweynOWLNbWhra0Qzlx214h7w6PGWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK0zHiPrDmwkYmLENaUinO/H5qlWMB8GA1UdIwQY MBaAFF+6sNOftpef5NPSSDoBvdPJO+zvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAt MzBkZjYyNDI5ZGYwLzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAtMzBkZjYyNDI5ZGYw LzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3U72XQBP sfmKf2CgpMjjAvhHuT7c/TAZGY3ceZApRxjFyJpFz6JERrW37ahmNbayNyZktbhA 6jRRCAXGk6+ctlkymPavm1QBHNslN+Aa4/fPKR6QsVFkSps1sN3SVzy74MGO72CX QfOM1byJcbdVt+QCHZONQZajFpwVrZzUmQCxheIUb4e9K1+GiPaGSfJpVl01ecz+ Zu1ouLTUtWYQolLXcJzHMAs+OnjsM3ALfyn/LMB9LdUF2WA9yDPU6Ecx11hrk8U/ uFgEHy1sw65iG16awpu14b0p1bryB5zcPGWTw26+LFmHF4kThxK2jzIsd3OChE3O 2A37iZFB4Yc8+g== -----END CERTIFICATE-----Generated at Wed Dec 10 09:02:23 2025 by rpki-client