This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft File: xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json) Hash identifier: BiodogKZ7HJHUDPcdwGWTRJgtRVfH6jz1j0a5Pp03MQ= Subject key identifier: 0C:14:A3:B6:EB:C3:8D:42:73:B3:CD:F9:CE:EA:56:19:94:FB:5D:7A Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A Certificate issuer: /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a Certificate serial: 019B48160F9F764939F3D64908BB0540489A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft Manifest number: 0EEC Signing time: Mon 22 Dec 2025 22:02:43 +0000 Manifest this update: Mon 22 Dec 2025 22:02:43 +0000 Manifest next update: Tue 23 Dec 2025 22:02:43 +0000 Files and hashes: 1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: zdOeJorbxpSkyv6DNUZySc2JKs/IcgyA23UVSjSTBwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:16:0f:9f:76:49:39:f3:d6:49:08:bb:05:40:48:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a Validity Not Before: Dec 22 22:02:43 2025 GMT Not After : Dec 23 22:02:43 2025 GMT Subject: CN=0c14a3b6ebc38d4273b3cdf9ceea561994fb5d7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:1d:e4:17:3b:42:59:d3:6b:8b:ed:e7:5f:56: d0:04:5e:93:e8:8e:58:41:42:91:07:a5:a7:60:e0: 6a:c5:95:a0:e4:7c:4f:d8:dc:87:bb:0e:bc:29:75: de:25:81:80:bb:b8:e2:a5:6c:ad:c2:78:a8:62:d5: 0e:0e:47:1e:0d:09:05:7b:c3:8e:38:47:4d:7d:1d: 5a:08:d1:2a:16:f5:6a:5b:b7:37:c0:2e:5e:8c:ef: 9c:17:8f:e4:50:8e:0f:d8:6e:bc:00:25:51:c6:82: 07:c7:76:ce:f5:6a:48:f5:fc:1e:cc:4e:97:c5:29: 63:c2:7b:eb:06:60:bf:a2:b9:04:e5:79:05:5c:e5: 38:4d:42:2d:90:82:2a:bd:b1:22:16:14:b7:eb:66: d6:83:70:7b:51:6a:3d:56:0d:03:b0:cb:e6:8c:91: c1:e1:b3:8a:de:c2:63:57:44:c8:da:99:e1:10:e7: 83:1d:b9:e0:70:35:b7:d4:06:c0:47:6a:69:ed:e6: 46:02:5d:4e:70:af:9c:cd:d3:3d:15:e6:73:cf:db: 03:c9:40:2b:b4:2e:39:96:e5:c0:47:56:d3:a7:56: 9d:47:b7:7a:bf:1b:bc:64:d7:ed:10:8f:e8:15:24: 6a:e5:d6:e1:69:91:2e:17:90:07:ac:b2:f4:09:7b: d6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:14:A3:B6:EB:C3:8D:42:73:B3:CD:F9:CE:EA:56:19:94:FB:5D:7A X509v3 Authority Key Identifier: keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:b2:e7:79:aa:ca:21:80:e7:f0:29:32:14:ae:a0:65:ae:ee: 57:9e:01:9e:1c:91:2d:02:65:bf:30:8f:b1:10:3c:4f:58:04: ee:be:e1:d9:1b:4a:d4:9d:1e:d5:42:d1:e9:df:c1:2f:07:46: 5e:4e:e2:f7:14:26:19:c8:83:0a:c6:f6:3a:0c:6b:89:95:7e: 03:0c:50:c7:82:87:d2:d6:b9:d4:b1:29:4e:e9:b1:c8:ff:50: f5:0e:0e:5e:32:57:15:cd:d8:60:a2:24:17:7f:90:1f:52:eb: 54:fd:f0:f6:22:ed:53:0e:96:11:f4:be:2e:ec:7f:53:9c:7f: f3:d5:ce:97:e4:2f:12:f7:10:46:8e:9e:ed:1b:60:4b:ca:d5: 98:73:77:b7:5f:0b:0e:12:51:77:ce:ca:db:ae:17:22:5c:2a: 3e:46:01:59:13:ef:ef:95:26:07:bb:b7:35:3f:c2:6c:f7:72: 90:ba:0a:5c:38:79:26:6d:3f:dc:9f:a7:f8:35:98:68:89:c9: 67:c2:63:87:d7:41:bb:a5:8d:91:1f:cf:7f:27:63:ab:e1:50: 11:3d:0f:f2:e7:17:f1:21:37:f8:31:62:e4:66:5a:ab:f1:fd: fc:3d:f1:7a:f8:2a:70:e0:99:ed:c7:08:e8:65:24:06:7d:5a: 8b:f5:47:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFg+fdkk589ZJCLsFQEiaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4 MzFlMWEwHhcNMjUxMjIyMjIwMjQzWhcNMjUxMjIzMjIwMjQzWjAzMTEwLwYDVQQD EygwYzE0YTNiNmViYzM4ZDQyNzNiM2NkZjljZWVhNTYxOTk0ZmI1ZDdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h3kFztCWdNri+3nX1bQBF6T6I5Y QUKRB6WnYOBqxZWg5HxP2NyHuw68KXXeJYGAu7jipWytwnioYtUODkceDQkFe8OO OEdNfR1aCNEqFvVqW7c3wC5ejO+cF4/kUI4P2G68ACVRxoIHx3bO9WpI9fwezE6X xSljwnvrBmC/orkE5XkFXOU4TUItkIIqvbEiFhS362bWg3B7UWo9Vg0DsMvmjJHB 4bOK3sJjV0TI2pnhEOeDHbngcDW31AbAR2pp7eZGAl1OcK+czdM9FeZzz9sDyUAr tC45luXAR1bTp1adR7d6vxu8ZNftEI/oFSRq5dbhaZEuF5AHrLL0CXvWvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAwUo7brw41Cc7PN+c7qVhmU+116MB8GA1UdIwQY MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLLnearK IYDn8CkyFK6gZa7uV54BnhyRLQJlvzCPsRA8T1gE7r7h2RtK1J0e1ULR6d/BLwdG Xk7i9xQmGciDCsb2OgxriZV+AwxQx4KH0ta51LEpTumxyP9Q9Q4OXjJXFc3YYKIk F3+QH1LrVP3w9iLtUw6WEfS+Lux/U5x/89XOl+QvEvcQRo6e7RtgS8rVmHN3t18L DhJRd87K264XIlwqPkYBWRPv75UmB7u3NT/CbPdykLoKXDh5Jm0/3J+n+DWYaInJ Z8Jjh9dBu6WNkR/Pfydjq+FQET0P8ucX8SE3+DFi5GZaq/H9/D3xevgqcOCZ7ccI 6GUkBn1ai/VHwA== -----END CERTIFICATE-----Generated at Tue Dec 23 06:09:32 2025 by rpki-client