This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft File: XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft (raw, json) Hash identifier: 9DGKWZZYULKf354xu3ApGEXChDbXtHufRELSnWf/Ja0= Subject key identifier: 30:16:E5:3D:92:72:DB:6F:96:F8:B1:93:28:94:01:27:8C:E1:12:D1 Authority key identifier: 5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25 Certificate issuer: /CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25 Certificate serial: 019B59E424C2FE38FE25B803AA7E37ED4E80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft Manifest number: 1795 Signing time: Fri 26 Dec 2025 09:01:22 +0000 Manifest this update: Fri 26 Dec 2025 09:01:22 +0000 Manifest next update: Sat 27 Dec 2025 09:01:22 +0000 Files and hashes: 1: XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl (hash: QV+xlkVX2uIxQ9aJxq6WEEPNqcnUTGXUDg4HrbBBNgI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 09:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:24:c2:fe:38:fe:25:b8:03:aa:7e:37:ed:4e:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25 Validity Not Before: Dec 26 09:01:22 2025 GMT Not After : Dec 27 09:01:22 2025 GMT Subject: CN=3016e53d9272db6f96f8b193289401278ce112d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ec:fc:b5:d2:68:8e:d9:15:77:4d:57:7d:d7: 53:81:cc:0a:4a:d6:2f:b9:91:cc:9f:09:8e:fe:73: b8:66:5a:01:73:bd:83:8a:7e:97:60:de:49:a0:87: c9:e3:60:37:50:56:e0:22:24:67:a0:26:2d:64:66: a2:f3:ca:ed:38:06:a7:3e:16:a2:01:b1:e8:40:4b: 90:ea:20:eb:0a:de:da:e7:5b:6f:a8:a3:89:29:88: fc:b4:c7:c1:2a:c1:55:80:91:33:65:b9:e0:d3:36: c2:df:01:eb:b1:c5:59:22:c5:02:41:09:72:5b:63: 86:88:aa:39:72:37:a6:9d:8a:99:e6:75:9b:8d:30: d7:1d:e7:2f:bd:ee:a6:2a:dd:fe:ed:37:a3:75:3f: c6:21:13:95:d9:73:04:e9:cd:5b:5c:fe:e1:90:b7: cb:a6:a7:d8:0a:2e:27:4e:a2:74:78:64:40:c4:67: 92:9d:52:58:50:2c:00:14:b1:a0:75:50:93:fd:32: e3:25:1d:6b:81:9d:cf:3c:97:fd:e6:ea:db:3b:e2: 01:ad:7c:cf:3e:c8:9b:76:51:c2:5b:b0:b9:90:41: 18:4d:b9:9a:e0:9e:de:02:7f:97:65:7f:40:7e:8c: ac:86:3a:14:e0:ab:3c:4b:7a:76:44:89:e8:d2:da: 43:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:16:E5:3D:92:72:DB:6F:96:F8:B1:93:28:94:01:27:8C:E1:12:D1 X509v3 Authority Key Identifier: keyid:5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:9f:6e:01:d1:d0:8d:23:e5:b2:6f:d9:cf:15:bc:d5:1f:b5: f0:af:cd:19:6e:30:8c:df:9d:9d:7e:49:e6:df:9c:4d:72:28: b1:a7:2b:97:19:2e:91:ad:06:60:f0:50:c9:ab:63:68:45:ae: 52:26:c3:a7:45:6c:d1:89:e4:a1:3e:48:9d:f3:31:47:83:74: 20:fd:6f:1c:63:d1:a5:b9:3c:69:f0:1b:ca:db:a5:be:05:d1: 62:62:58:c5:dd:ab:00:e6:d4:13:f6:86:e3:89:5d:03:9d:5b: 9c:e0:ac:eb:96:57:a1:61:9f:b5:b1:3b:67:a5:39:de:b0:0f: 54:16:1e:8d:4c:37:fd:34:ca:3c:87:e0:e8:14:b5:49:40:24: a2:fc:70:d2:7f:f4:9e:9e:33:e7:b4:68:ec:37:2e:c1:16:41: 56:70:da:59:dd:cd:75:9a:30:ed:26:bf:65:dc:f2:b9:28:8c: 1c:16:c3:98:6e:ee:a9:23:ec:56:e8:db:6c:77:b6:66:f2:c6: 35:6d:75:92:36:fc:4b:1b:86:a9:04:fa:b3:da:eb:5e:5f:4f: 16:40:1c:9b:d1:fa:5b:76:f9:c9:d7:e4:53:73:8c:3f:82:5f: db:95:ae:21:37:79:39:43:c6:ee:9f:d9:58:66:db:4e:f3:6d: cd:99:3e:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5CTC/jj+JbgDqn437U6AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMjY0M2VjMjlmOGIwNGY4MzhkNmU1ZGM1MDY5YzEwNjRj NWJkMjUwHhcNMjUxMjI2MDkwMTIyWhcNMjUxMjI3MDkwMTIyWjAzMTEwLwYDVQQD EygzMDE2ZTUzZDkyNzJkYjZmOTZmOGIxOTMyODk0MDEyNzhjZTExMmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuz8tdJojtkVd01XfddTgcwKStYv uZHMnwmO/nO4ZloBc72Din6XYN5JoIfJ42A3UFbgIiRnoCYtZGai88rtOAanPhai AbHoQEuQ6iDrCt7a51tvqKOJKYj8tMfBKsFVgJEzZbng0zbC3wHrscVZIsUCQQly W2OGiKo5cjemnYqZ5nWbjTDXHecvve6mKt3+7TejdT/GIROV2XME6c1bXP7hkLfL pqfYCi4nTqJ0eGRAxGeSnVJYUCwAFLGgdVCT/TLjJR1rgZ3PPJf95urbO+IBrXzP PsibdlHCW7C5kEEYTbma4J7eAn+XZX9AfoyshjoU4Ks8S3p2RIno0tpDRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDAW5T2ScttvlvixkyiUASeM4RLRMB8GA1UdIwQY MBaAFF4mQ+wp+LBPg41uXcUGnBBkxb0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEt YTRjM2E4NWYzZjBhLzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEtYTRjM2E4NWYzZjBh LzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZ9uAdHQ jSPlsm/ZzxW81R+18K/NGW4wjN+dnX5J5t+cTXIosacrlxkuka0GYPBQyatjaEWu UibDp0Vs0YnkoT5InfMxR4N0IP1vHGPRpbk8afAbytulvgXRYmJYxd2rAObUE/aG 44ldA51bnOCs65ZXoWGftbE7Z6U53rAPVBYejUw3/TTKPIfg6BS1SUAkovxw0n/0 np4z57Ro7DcuwRZBVnDaWd3NdZow7Sa/ZdzyuSiMHBbDmG7uqSPsVujbbHe2ZvLG NW11kjb8SxuGqQT6s9rrXl9PFkAcm9H6W3b5ydfkU3OMP4Jf25WuITd5OUPG7p/Z WGbbTvNtzZk+9Q== -----END CERTIFICATE-----Generated at Fri Dec 26 17:42:26 2025 by rpki-client