This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft File: xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json) Hash identifier: xkFsqDbuHWR2DRGnXbGd9IcI5U2Am6XMWfKPuwrkufE= Subject key identifier: 95:D7:FF:21:18:E5:21:61:16:60:54:11:31:24:04:44:F5:85:36:55 Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81 Certificate issuer: /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981 Certificate serial: 019B4B4C63BFD563E6DD58E42FC836565DF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft Manifest number: 178D Signing time: Tue 23 Dec 2025 13:00:56 +0000 Manifest this update: Tue 23 Dec 2025 13:00:56 +0000 Manifest next update: Wed 24 Dec 2025 13:00:56 +0000 Files and hashes: 1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: o97ITEyVHiRPn9ixH/Z5SL0O2b5CrqCCCAWmYWtg1w0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:4c:63:bf:d5:63:e6:dd:58:e4:2f:c8:36:56:5d:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981 Validity Not Before: Dec 23 13:00:56 2025 GMT Not After : Dec 24 13:00:56 2025 GMT Subject: CN=95d7ff2118e521611660541131240444f5853655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:dd:83:fd:eb:39:72:58:9a:49:e0:c6:81:9a: 41:61:5b:c7:4c:06:31:99:09:e2:dc:e1:70:e4:fe: 04:dd:3c:9d:25:22:36:ab:cb:10:16:7b:7b:c8:e2: b1:ae:5f:6e:89:27:1e:0e:a9:b8:8b:c2:f0:12:07: 50:82:bb:74:7e:ed:c9:31:3c:6b:24:cd:d3:f2:83: c5:d6:57:89:f1:3a:b3:4b:b7:a1:fd:23:3d:14:eb: be:0b:75:a1:84:47:59:e3:05:c1:11:2b:66:07:1e: ba:33:33:68:12:13:d7:f6:de:8d:04:1c:c1:91:dd: 7e:38:43:b9:9d:10:22:f8:04:f9:56:d6:d0:ec:c0: c5:14:fa:37:60:32:3f:64:26:a3:05:67:14:17:1d: c8:e4:3f:f7:00:93:88:f4:64:f0:73:43:5c:e5:22: 22:f1:6d:d8:56:77:27:6c:74:92:55:a7:d9:b8:49: 04:f8:7e:db:cd:d7:90:5b:5c:3e:b2:56:68:67:1d: 99:dd:05:62:46:35:c1:90:c6:88:ce:cf:be:bb:74: 9e:5e:54:79:10:fe:26:fe:83:dc:da:a6:e2:71:e4: 8b:9b:c3:ee:e3:7e:d5:14:72:46:e2:69:68:88:51: da:0f:a4:c9:3f:53:37:e2:03:db:f4:33:50:e0:18: 38:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:D7:FF:21:18:E5:21:61:16:60:54:11:31:24:04:44:F5:85:36:55 X509v3 Authority Key Identifier: keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:fc:93:c5:f3:48:44:5a:40:d3:df:1a:64:0c:9f:19:31:89: fe:80:86:dc:32:a7:76:fd:88:67:bb:d8:fc:4f:0c:ea:b9:bb: 1a:4e:ea:75:89:14:24:07:db:e1:5e:d3:63:b1:6d:43:c2:16: d4:63:a7:bd:61:b4:72:64:39:e8:70:d2:8a:c5:65:0b:cb:f3: c8:49:2b:ac:b2:b5:0a:60:1e:cc:eb:9a:7b:17:43:60:05:3f: 45:ef:02:9c:5d:85:5f:95:f4:88:80:b0:ec:68:40:20:17:60: cb:bd:e0:52:12:99:d4:aa:40:96:33:15:99:f9:d3:04:25:f9: 2e:9a:49:7d:1b:97:5f:6e:cf:fd:07:9a:d6:11:ce:27:c1:50: 5e:c8:bd:de:c0:66:67:50:b7:0f:35:c4:94:52:7a:49:63:db: f4:12:8c:2a:c2:50:19:a6:d4:a9:6f:07:7b:ec:a6:88:81:4a: 45:74:2c:fc:44:b6:4a:31:7f:b7:84:98:f8:56:c3:9c:2f:c2: a3:c0:7f:9e:6c:69:65:96:17:4a:6f:05:b3:ef:01:96:5d:08: 53:12:c5:49:50:d1:38:be:b8:7f:7c:de:19:62:5f:e1:cc:04: 4c:f7:b9:65:74:a5:ff:0a:c1:7c:c7:6a:71:f9:79:45:62:9e: 53:43:43:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLTGO/1WPm3VjkL8g2Vl30MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk Y2M5ODEwHhcNMjUxMjIzMTMwMDU2WhcNMjUxMjI0MTMwMDU2WjAzMTEwLwYDVQQD Eyg5NWQ3ZmYyMTE4ZTUyMTYxMTY2MDU0MTEzMTI0MDQ0NGY1ODUzNjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N2D/es5cliaSeDGgZpBYVvHTAYx mQni3OFw5P4E3TydJSI2q8sQFnt7yOKxrl9uiSceDqm4i8LwEgdQgrt0fu3JMTxr JM3T8oPF1leJ8TqzS7eh/SM9FOu+C3WhhEdZ4wXBEStmBx66MzNoEhPX9t6NBBzB kd1+OEO5nRAi+AT5VtbQ7MDFFPo3YDI/ZCajBWcUFx3I5D/3AJOI9GTwc0Nc5SIi 8W3YVncnbHSSVafZuEkE+H7bzdeQW1w+slZoZx2Z3QViRjXBkMaIzs++u3SeXlR5 EP4m/oPc2qbiceSLm8Pu437VFHJG4mloiFHaD6TJP1M34gPb9DNQ4Bg4dwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJXX/yEY5SFhFmBUETEkBET1hTZVMB8GA1UdIwQY MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfyTxfNI RFpA098aZAyfGTGJ/oCG3DKndv2IZ7vY/E8M6rm7Gk7qdYkUJAfb4V7TY7FtQ8IW 1GOnvWG0cmQ56HDSisVlC8vzyEkrrLK1CmAezOuaexdDYAU/Re8CnF2FX5X0iICw 7GhAIBdgy73gUhKZ1KpAljMVmfnTBCX5LppJfRuXX27P/Qea1hHOJ8FQXsi93sBm Z1C3DzXElFJ6SWPb9BKMKsJQGabUqW8He+ymiIFKRXQs/ES2SjF/t4SY+FbDnC/C o8B/nmxpZZYXSm8Fs+8Bll0IUxLFSVDROL64f3zeGWJf4cwETPe5ZXSl/wrBfMdq cfl5RWKeU0ND9w== -----END CERTIFICATE-----Generated at Tue Dec 23 14:51:26 2025 by rpki-client