This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft File: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json) Hash identifier: qW/ZxUoQVMzG0zIbyu2sApt0rva5FP5tiP2U2qSRuFk= Subject key identifier: 7A:B9:81:FC:C6:44:44:83:F3:F6:F2:61:E4:3D:F1:1F:23:67:E1:0F Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 Certificate issuer: /CN=5ed6772b90212e577249f7356c218ed1068b6776 Certificate serial: 019B34C608689743E01AEF49E2EA29B5EDA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft Manifest number: 1782 Signing time: Fri 19 Dec 2025 04:02:32 +0000 Manifest this update: Fri 19 Dec 2025 04:02:32 +0000 Manifest next update: Sat 20 Dec 2025 04:02:32 +0000 Files and hashes: 1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: 8yeP6Zrlm8/Kes825pqOklI7BNW8JJnLoTUVPA3nALQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c6:08:68:97:43:e0:1a:ef:49:e2:ea:29:b5:ed:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776 Validity Not Before: Dec 19 04:02:32 2025 GMT Not After : Dec 20 04:02:32 2025 GMT Subject: CN=7ab981fcc6444483f3f6f261e43df11f2367e10f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:d1:46:05:1d:d0:29:aa:e9:b0:45:41:79:4c: 50:b9:ab:0a:36:79:4c:45:f3:d7:63:bf:b7:ed:12: 56:2f:e2:28:00:0d:4c:73:ba:23:6a:1c:e6:de:98: 0d:dc:48:df:84:e7:43:68:2b:4c:bd:75:e5:9a:34: 95:6b:b0:13:f0:9f:a3:29:de:21:81:17:0e:65:a1: 33:e9:17:4b:22:0c:1a:d4:55:a2:a9:08:4f:aa:7f: 39:2e:60:aa:33:e0:8a:88:65:81:8f:95:09:2a:53: ce:4c:51:bb:5e:7c:5f:2d:65:f2:9c:56:bd:19:dc: 41:b9:4f:56:6f:42:d6:f8:47:86:3a:4b:1f:91:77: ce:46:ef:e6:00:9d:77:1a:b2:1c:a1:19:71:c5:81: a7:c8:52:e8:18:3d:b6:57:89:8a:c8:f0:6c:10:1e: bc:2d:6a:f5:1a:5e:1e:16:ec:f2:86:64:25:ab:db: c8:5c:da:87:75:ff:4e:ed:21:5e:c7:3e:f5:5e:55: 64:df:64:95:af:1a:bd:32:be:31:56:69:d1:21:6f: 20:d9:2f:53:38:19:bd:12:1b:88:04:78:e9:64:c5: d5:48:22:78:7c:46:2d:f4:5e:4d:59:23:e8:4b:24: 23:c2:48:3d:58:3d:b6:2d:2e:76:82:76:9e:d8:ae: b8:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B9:81:FC:C6:44:44:83:F3:F6:F2:61:E4:3D:F1:1F:23:67:E1:0F X509v3 Authority Key Identifier: keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:98:5f:08:76:5e:be:a5:98:16:6a:2c:e9:58:eb:d0:67:a0: 8d:4d:3b:d4:9d:f5:1b:0a:95:03:f4:6c:6c:26:ad:44:38:5f: 74:d2:85:38:12:05:b2:05:50:63:76:87:30:2e:1c:61:b3:01: 58:6d:8e:e9:9e:bf:58:d1:b0:cf:26:49:1e:b3:69:9b:61:aa: de:b5:d4:bc:f5:99:a3:00:01:5c:0b:97:08:f7:2c:34:78:d5: 46:30:ff:91:9e:be:b7:48:66:6e:0d:0f:c9:76:e2:64:06:af: e9:9a:34:d6:b1:66:32:6c:73:24:10:d5:64:37:92:b7:99:79: 02:e8:53:78:1c:cb:66:64:0c:2a:97:bd:90:27:26:f6:4e:58: 06:8c:a8:4f:ab:19:fd:2f:d9:a5:a5:f9:2b:a2:02:8b:39:16: ad:58:67:bc:df:cb:39:b3:1d:13:8a:ab:e2:db:67:bc:e1:a6: ea:84:06:93:a4:db:47:2c:27:cd:95:53:d8:11:ed:98:4f:5b: 8b:e4:94:07:f6:d6:c8:8c:2e:f4:e5:45:c1:3e:da:b9:49:1e: 73:b9:4a:58:4f:db:f8:b6:7b:6a:0b:f5:dc:77:50:54:81:8b: dc:01:6b:8d:fb:f9:e4:ea:c9:0c:3e:94:98:b0:b5:dc:66:07: 21:5d:3b:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xghol0PgGu9J4uopte2oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4 YjY3NzYwHhcNMjUxMjE5MDQwMjMyWhcNMjUxMjIwMDQwMjMyWjAzMTEwLwYDVQQD Eyg3YWI5ODFmY2M2NDQ0NDgzZjNmNmYyNjFlNDNkZjExZjIzNjdlMTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNFGBR3QKarpsEVBeUxQuasKNnlM RfPXY7+37RJWL+IoAA1Mc7ojahzm3pgN3EjfhOdDaCtMvXXlmjSVa7AT8J+jKd4h gRcOZaEz6RdLIgwa1FWiqQhPqn85LmCqM+CKiGWBj5UJKlPOTFG7XnxfLWXynFa9 GdxBuU9Wb0LW+EeGOksfkXfORu/mAJ13GrIcoRlxxYGnyFLoGD22V4mKyPBsEB68 LWr1Gl4eFuzyhmQlq9vIXNqHdf9O7SFexz71XlVk32SVrxq9Mr4xVmnRIW8g2S9T OBm9EhuIBHjpZMXVSCJ4fEYt9F5NWSPoSyQjwkg9WD22LS52gnae2K64LwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHq5gfzGRESD8/byYeQ98R8jZ+EPMB8GA1UdIwQY MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZhfCHZe vqWYFmos6Vjr0GegjU071J31GwqVA/RsbCatRDhfdNKFOBIFsgVQY3aHMC4cYbMB WG2O6Z6/WNGwzyZJHrNpm2Gq3rXUvPWZowABXAuXCPcsNHjVRjD/kZ6+t0hmbg0P yXbiZAav6Zo01rFmMmxzJBDVZDeSt5l5AuhTeBzLZmQMKpe9kCcm9k5YBoyoT6sZ /S/ZpaX5K6ICizkWrVhnvN/LObMdE4qr4ttnvOGm6oQGk6TbRywnzZVT2BHtmE9b i+SUB/bWyIwu9OVFwT7auUkec7lKWE/b+LZ7agv13HdQVIGL3AFrjfv55OrJDD6U mLC13GYHIV07VA== -----END CERTIFICATE-----Generated at Fri Dec 19 10:40:17 2025 by rpki-client