This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft File: xcSzrlnZgfJQzIfatZeFSr7XowA.mft (raw, json) Hash identifier: V1F2jdWcOQCl1Kaq0ccnfl/RAEk/BN7rQUxAYwlE3AQ= Subject key identifier: 50:5D:8A:A3:E7:8F:FF:02:35:01:D2:89:DD:39:04:EF:CE:9B:FC:37 Authority key identifier: C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00 Certificate issuer: /CN=c5c4b3ae59d981f250cc87dab597854abed7a300 Certificate serial: 019B0E9265E87973D4A29792A40DE3BF9B11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft Manifest number: 0689 Signing time: Thu 11 Dec 2025 18:00:33 +0000 Manifest this update: Thu 11 Dec 2025 18:00:33 +0000 Manifest next update: Fri 12 Dec 2025 18:00:33 +0000 Files and hashes: 1: tSYSYm63yj3qobuZYMSr1LAsH4E.roa (hash: e9vbUkUz5x9f5ya8J4QgHE0l9ibgPIgGHQ86whMQdU8=) 2: xcSzrlnZgfJQzIfatZeFSr7XowA.crl (hash: 8epbVMJgTVXTUheE5BhwImhwu4a6nPGIUqkqL7Bxolw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 18:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:65:e8:79:73:d4:a2:97:92:a4:0d:e3:bf:9b:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5c4b3ae59d981f250cc87dab597854abed7a300 Validity Not Before: Dec 11 18:00:33 2025 GMT Not After : Dec 12 18:00:33 2025 GMT Subject: CN=505d8aa3e78fff023501d289dd3904efce9bfc37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5a:70:76:60:f5:02:44:2f:bc:08:f7:8e:d7: 3d:f1:08:46:a5:9b:f2:cd:29:e3:0d:2c:b0:c2:bf: af:48:ff:74:be:bc:dd:41:a8:01:0a:78:0b:d4:bb: 03:08:9a:b1:28:1d:98:e6:77:a3:54:7a:d0:57:07: bc:62:2d:f4:62:7e:45:24:54:62:30:79:8d:7f:29: 6b:b1:65:e8:50:4c:14:d0:e5:ef:6e:61:6b:bb:d1: 14:b7:ef:2a:21:85:79:ef:31:0f:52:21:68:f1:a8: 14:f6:e4:78:a4:25:a7:36:28:9c:54:74:db:b5:33: c9:ba:9b:58:36:ff:73:41:63:e6:84:30:68:cc:fe: 8e:c7:54:1e:d8:88:74:dc:23:99:84:70:35:6d:66: 91:f1:a1:31:e1:d4:4b:4a:04:63:46:e8:bd:a1:47: fd:7a:53:9f:9f:51:89:c8:be:99:16:6d:d1:04:f2: 8a:33:2e:74:11:f3:28:69:09:50:87:5b:89:66:ff: 3c:5b:42:58:c3:4b:7a:bd:f5:5d:7c:9d:9c:dc:d7: 07:9f:ab:9d:09:eb:a5:36:6d:79:09:6c:32:11:d4: a2:d4:95:57:ac:7c:0e:29:bd:83:77:c2:a5:bd:ca: 23:76:f7:c7:8d:19:81:94:47:a4:95:a8:05:0a:29: ee:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:5D:8A:A3:E7:8F:FF:02:35:01:D2:89:DD:39:04:EF:CE:9B:FC:37 X509v3 Authority Key Identifier: keyid:C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:3e:9e:84:78:cd:47:7f:4e:8a:7f:9e:a2:f8:17:7b:55:1c: ea:20:56:a4:86:e4:1a:ed:0f:b3:c6:ea:23:1b:4f:29:40:37: 06:3f:76:db:c4:59:ad:38:9c:45:a6:94:28:6b:88:55:52:11: d1:72:56:2d:bb:dd:6c:a8:d9:aa:af:ac:9d:89:93:91:08:61: ce:ef:14:63:50:e2:4b:03:a3:be:6d:65:36:1a:6a:6f:1a:a3: 8f:83:f8:db:8d:0d:df:34:bb:32:fd:c4:8c:e0:21:3a:fc:5a: 6f:be:c9:0a:b1:c9:89:56:ee:0a:45:a8:72:08:74:77:9d:e1: c3:1d:15:16:8a:55:ab:59:5e:02:52:14:f5:62:81:fd:f5:26: a5:a2:43:2c:ec:be:e1:c7:be:5b:8c:85:63:de:48:c5:75:4b: 7d:03:7c:0a:a8:15:a3:84:b7:a4:31:57:60:91:08:17:81:35: 80:b5:fa:89:d0:9d:bd:3d:78:d3:4f:c8:3e:72:3c:24:16:ea: 12:9c:8f:29:d6:5f:39:86:91:7a:de:41:a5:03:a8:2a:d4:b2: ed:b5:e8:63:92:23:9a:63:bf:f9:7f:61:56:5a:69:2c:1e:e2: 72:79:e2:f1:21:f3:4a:b4:d1:ba:f4:58:c3:de:73:96:2b:fd: 15:f6:bf:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOkmXoeXPUopeSpA3jv5sRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YzRiM2FlNTlkOTgxZjI1MGNjODdkYWI1OTc4NTRhYmVk N2EzMDAwHhcNMjUxMjExMTgwMDMzWhcNMjUxMjEyMTgwMDMzWjAzMTEwLwYDVQQD Eyg1MDVkOGFhM2U3OGZmZjAyMzUwMWQyODlkZDM5MDRlZmNlOWJmYzM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1pwdmD1AkQvvAj3jtc98QhGpZvy zSnjDSywwr+vSP90vrzdQagBCngL1LsDCJqxKB2Y5nejVHrQVwe8Yi30Yn5FJFRi MHmNfylrsWXoUEwU0OXvbmFru9EUt+8qIYV57zEPUiFo8agU9uR4pCWnNiicVHTb tTPJuptYNv9zQWPmhDBozP6Ox1Qe2Ih03COZhHA1bWaR8aEx4dRLSgRjRui9oUf9 elOfn1GJyL6ZFm3RBPKKMy50EfMoaQlQh1uJZv88W0JYw0t6vfVdfJ2c3NcHn6ud CeulNm15CWwyEdSi1JVXrHwOKb2Dd8KlvcojdvfHjRmBlEeklagFCinuaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBdiqPnj/8CNQHSid05BO/Om/w3MB8GA1UdIwQY MBaAFMXEs65Z2YHyUMyH2rWXhUq+16MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYt ZWRkZjUyN2U4ZjJkLzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYtZWRkZjUyN2U4ZjJk LzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsT6ehHjN R39Oin+eovgXe1Uc6iBWpIbkGu0Ps8bqIxtPKUA3Bj9228RZrTicRaaUKGuIVVIR 0XJWLbvdbKjZqq+snYmTkQhhzu8UY1DiSwOjvm1lNhpqbxqjj4P4240N3zS7Mv3E jOAhOvxab77JCrHJiVbuCkWocgh0d53hwx0VFopVq1leAlIU9WKB/fUmpaJDLOy+ 4ce+W4yFY95IxXVLfQN8CqgVo4S3pDFXYJEIF4E1gLX6idCdvT1400/IPnI8JBbq EpyPKdZfOYaRet5BpQOoKtSy7bXoY5IjmmO/+X9hVlppLB7icnni8SHzSrTRuvRY w95zliv9Ffa/lA== -----END CERTIFICATE-----Generated at Fri Dec 12 04:01:58 2025 by rpki-client