This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft File: XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft (raw, json) Hash identifier: 6W9K5vtA7a0PwA4cBua9jNh1kd4ml15pOEUICl0+Szk= Subject key identifier: 81:15:34:8A:11:9A:52:D8:8D:81:C1:A9:06:FC:8A:FF:7B:CF:B5:E7 Authority key identifier: 5F:2A:13:3E:C2:FE:60:67:B5:64:96:E8:19:D5:BF:B4:E4:47:1F:94 Certificate issuer: /CN=5f2a133ec2fe6067b56496e819d5bfb4e4471f94 Certificate serial: 019B5ABFB6968A559CB5367E48A91E9FB0AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft Manifest number: 09A8 Signing time: Fri 26 Dec 2025 13:01:12 +0000 Manifest this update: Fri 26 Dec 2025 13:01:12 +0000 Manifest next update: Sat 27 Dec 2025 13:01:12 +0000 Files and hashes: 1: XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl (hash: mKqc7AKoxk8IPX8kg8yPRr4wCG4w6BNZGO4UAruclKM=) 2: zw3OOzLu7F0rCvVUhFlHNjK6_48.roa (hash: EC4+NtSiW4UmHKtwZdLsHrR4X7fUOJDCpzkjNoARw5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:b6:96:8a:55:9c:b5:36:7e:48:a9:1e:9f:b0:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f2a133ec2fe6067b56496e819d5bfb4e4471f94 Validity Not Before: Dec 26 13:01:12 2025 GMT Not After : Dec 27 13:01:12 2025 GMT Subject: CN=8115348a119a52d88d81c1a906fc8aff7bcfb5e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:de:da:3d:38:8e:34:42:33:54:92:fd:da:11: 54:2b:67:d1:09:b3:8c:bc:12:dd:35:43:b5:f9:88: 8f:6a:94:22:89:0b:9c:e5:97:a0:49:f6:84:dc:7f: 1a:7d:f3:1a:04:ee:4d:1c:9a:c1:98:48:0f:7f:ba: 23:e2:26:e7:5a:9b:e5:68:ab:82:aa:6a:18:f0:1d: 45:d0:a1:2a:dc:2f:fb:cf:fa:f0:21:53:40:09:56: 88:c3:32:0b:f0:9a:50:5a:55:54:f0:24:e6:47:5a: b5:98:be:61:59:7f:6e:36:77:49:c0:75:60:70:d3: 8a:72:ef:72:0c:25:bb:d3:79:10:d2:26:07:39:45: cf:80:b8:1b:9a:93:95:6b:82:96:db:de:e0:1b:cc: 80:38:5f:62:1e:41:b6:0b:3a:9f:3d:52:40:9a:14: 45:fd:b0:c4:26:f5:80:c7:82:1c:ea:48:52:ba:44: 5c:7c:35:20:28:55:f7:37:e5:71:40:10:59:a4:a6: 4d:71:9f:bf:60:29:5d:2a:07:5f:8b:b6:c2:31:7e: d2:7f:7b:3a:77:dc:1a:a0:d3:86:d9:90:09:c2:ea: 26:52:52:ad:4a:eb:06:d8:cb:3f:b2:f3:ba:61:55: 9f:ff:c6:01:e8:63:12:d5:ef:b0:4f:e4:f2:62:c1: 1d:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:15:34:8A:11:9A:52:D8:8D:81:C1:A9:06:FC:8A:FF:7B:CF:B5:E7 X509v3 Authority Key Identifier: keyid:5F:2A:13:3E:C2:FE:60:67:B5:64:96:E8:19:D5:BF:B4:E4:47:1F:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XyoTPsL-YGe1ZJboGdW_tORHH5Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/161d2f-ec87-4718-9364-fa2c15371726/1/XyoTPsL-YGe1ZJboGdW_tORHH5Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:f3:6b:04:24:3f:7a:84:7e:86:85:2e:e8:79:9e:0d:46:1d: 4a:68:18:45:44:53:52:4b:8b:23:15:c6:9e:98:2f:6a:6e:9a: 37:a3:7a:94:2d:1e:5f:4b:26:0f:7b:c5:83:9c:a4:68:ec:bd: cf:21:13:3a:f0:c9:a0:f5:18:19:29:73:0f:f4:73:c9:be:52: 37:35:2e:cd:b6:85:ab:57:aa:55:3e:fd:fe:6e:6c:04:c7:8e: 15:dc:ea:90:be:35:54:fe:16:33:cb:a3:1f:d4:11:af:19:70: 70:fb:44:d7:dc:47:02:a6:5c:ce:86:62:37:29:fe:73:20:e2: ae:b5:23:cb:0f:85:51:e6:65:88:21:28:69:a1:8e:0d:f3:33: 71:af:1c:dc:eb:f7:7a:d1:07:ea:ea:30:6c:c5:bd:e3:5a:79: 92:91:be:e1:cc:02:e5:b6:6b:cb:af:cf:da:a7:b7:05:56:da: 21:46:d5:5b:30:22:98:fa:9c:62:02:dd:81:9c:5a:55:46:49: 2f:e8:30:fd:f4:b5:39:34:e5:2a:bb:00:00:4d:46:41:36:a4: 19:ab:ca:d4:39:53:de:48:40:b7:ce:10:f8:d5:33:62:93:3c: 32:3e:b2:0d:80:6e:33:90:5e:ca:12:4d:41:0f:62:ae:b0:06: 5a:2a:24:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav7aWilWctTZ+SKken7CsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMmExMzNlYzJmZTYwNjdiNTY0OTZlODE5ZDViZmI0ZTQ0 NzFmOTQwHhcNMjUxMjI2MTMwMTEyWhcNMjUxMjI3MTMwMTEyWjAzMTEwLwYDVQQD Eyg4MTE1MzQ4YTExOWE1MmQ4OGQ4MWMxYTkwNmZjOGFmZjdiY2ZiNWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA597aPTiONEIzVJL92hFUK2fRCbOM vBLdNUO1+YiPapQiiQuc5ZegSfaE3H8affMaBO5NHJrBmEgPf7oj4ibnWpvlaKuC qmoY8B1F0KEq3C/7z/rwIVNACVaIwzIL8JpQWlVU8CTmR1q1mL5hWX9uNndJwHVg cNOKcu9yDCW703kQ0iYHOUXPgLgbmpOVa4KW297gG8yAOF9iHkG2CzqfPVJAmhRF /bDEJvWAx4Ic6khSukRcfDUgKFX3N+VxQBBZpKZNcZ+/YCldKgdfi7bCMX7Sf3s6 d9waoNOG2ZAJwuomUlKtSusG2Ms/svO6YVWf/8YB6GMS1e+wT+TyYsEdNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIEVNIoRmlLYjYHBqQb8iv97z7XnMB8GA1UdIwQY MBaAFF8qEz7C/mBntWSW6BnVv7TkRx+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNjFkMmYtZWM4Ny00NzE4LTkzNjQt ZmEyYzE1MzcxNzI2LzEvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8xNjFkMmYtZWM4Ny00NzE4LTkzNjQtZmEyYzE1MzcxNzI2 LzEvWHlvVFBzTC1ZR2UxWkpib0dkV190T1JISDVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvNrBCQ/ eoR+hoUu6HmeDUYdSmgYRURTUkuLIxXGnpgvam6aN6N6lC0eX0smD3vFg5ykaOy9 zyETOvDJoPUYGSlzD/Rzyb5SNzUuzbaFq1eqVT79/m5sBMeOFdzqkL41VP4WM8uj H9QRrxlwcPtE19xHAqZczoZiNyn+cyDirrUjyw+FUeZliCEoaaGODfMzca8c3Ov3 etEH6uowbMW941p5kpG+4cwC5bZry6/P2qe3BVbaIUbVWzAimPqcYgLdgZxaVUZJ L+gw/fS1OTTlKrsAAE1GQTakGavK1DlT3khAt84Q+NUzYpM8Mj6yDYBuM5BeyhJN QQ9irrAGWiokbA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:08:52 2025 by rpki-client