This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json) Hash identifier: HXbBwLBiW4TrI7OMbi/FOS0uJD7cmKVnu+DJDzJ0mDQ= Subject key identifier: 90:B7:2A:EE:56:C7:BD:C2:86:E7:ED:1A:B4:38:2F:56:A6:98:A4:86 Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Certificate serial: 019B0E2558E7AA5F1D57A987BF68A9321504 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft Manifest number: 169D Signing time: Thu 11 Dec 2025 16:01:27 +0000 Manifest this update: Thu 11 Dec 2025 16:01:27 +0000 Manifest next update: Fri 12 Dec 2025 16:01:27 +0000 Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=) 2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: nQ7guFAT3cfNBvM1bGWf3ZOraLo5EAQDZaxbiiXWAV8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:25:58:e7:aa:5f:1d:57:a9:87:bf:68:a9:32:15:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Validity Not Before: Dec 11 16:01:27 2025 GMT Not After : Dec 12 16:01:27 2025 GMT Subject: CN=90b72aee56c7bdc286e7ed1ab4382f56a698a486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:db:d3:38:6e:df:0b:78:14:8b:e8:11:a2:90: df:26:eb:04:e0:e3:f2:af:fc:d7:56:65:16:46:e9: 7d:85:1f:ce:ee:24:b8:b9:71:8d:b4:d9:b3:3f:b5: 7e:e9:f5:f0:95:50:e1:93:ae:09:53:8a:75:b9:57: 32:58:ea:d8:3a:69:95:0e:75:87:05:c8:d8:99:96: 76:9b:c5:23:16:60:4a:f4:bb:22:35:93:c7:1f:2f: 43:b8:16:b7:87:d2:1d:bc:77:e9:80:31:c0:1d:51: 85:25:1f:79:0a:12:24:3f:73:dc:01:c0:dc:c7:e1: c7:9d:19:bc:19:4c:dd:32:15:bc:a1:65:93:4a:3e: 4f:bb:71:d6:e5:ed:d9:91:1b:db:29:2f:c3:b2:a7: 1c:11:e8:a8:05:aa:6c:ce:07:b9:c3:ef:20:b6:84: d2:1a:8c:ab:d8:93:3c:d3:02:54:28:6a:6e:dd:60: 55:85:0b:87:03:cb:cc:98:33:68:55:b6:ff:76:91: 85:65:bc:4a:86:04:0f:14:fe:48:33:0a:53:36:cb: ed:f8:d5:2f:82:1e:36:59:b4:c0:df:c9:a1:94:e2: bb:12:46:9a:41:60:be:44:65:c1:a8:56:c7:47:57: f5:51:a1:35:2e:33:c0:13:79:47:6b:18:aa:e4:9d: 1b:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:B7:2A:EE:56:C7:BD:C2:86:E7:ED:1A:B4:38:2F:56:A6:98:A4:86 X509v3 Authority Key Identifier: keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:c7:87:20:2b:a2:e7:53:eb:e2:bd:ea:2f:d7:e1:cf:a7:fb: 39:a2:eb:ff:8a:1d:29:f4:02:ac:91:af:4f:6b:37:98:b4:81: e8:19:6e:42:b6:a1:8c:2d:9f:49:df:a7:a0:07:a1:bc:18:ee: 3a:f5:14:62:db:25:ba:13:a4:93:05:2e:9a:5f:31:51:12:c8: 0b:16:be:aa:00:0d:f0:a7:cc:af:0f:e1:f3:66:d1:3e:c3:56: f6:76:94:8d:60:d7:7f:dc:63:b3:2d:c4:6f:c1:26:bf:d1:7a: e3:0a:94:43:b9:64:d4:0f:f6:7d:9f:a7:12:39:16:7c:19:d2: 22:05:f2:24:24:ea:d3:10:44:9d:0b:09:d4:9b:57:35:d1:35: d1:63:6a:54:20:cf:33:89:39:78:1e:d3:f9:19:47:67:77:7a: 1f:1c:a8:30:02:a3:45:9f:de:a1:93:ad:fa:96:7a:37:8c:02: f1:ed:a3:4c:1f:04:1e:a1:21:2b:b8:3c:29:1e:33:b2:28:e6: 29:74:5e:7e:65:b7:e7:8d:d0:42:5c:6d:e0:68:96:3c:c8:78: 2e:ad:44:17:e1:7a:87:6f:8b:b1:b6:2d:bb:a8:4b:36:66:ab: bc:8e:4f:44:12:b8:b2:a2:7b:b1:45:1f:05:99:67:87:7c:ea: ba:3c:00:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJVjnql8dV6mHv2ipMhUEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl NzVkODcwHhcNMjUxMjExMTYwMTI3WhcNMjUxMjEyMTYwMTI3WjAzMTEwLwYDVQQD Eyg5MGI3MmFlZTU2YzdiZGMyODZlN2VkMWFiNDM4MmY1NmE2OThhNDg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNvTOG7fC3gUi+gRopDfJusE4OPy r/zXVmUWRul9hR/O7iS4uXGNtNmzP7V+6fXwlVDhk64JU4p1uVcyWOrYOmmVDnWH BcjYmZZ2m8UjFmBK9LsiNZPHHy9DuBa3h9IdvHfpgDHAHVGFJR95ChIkP3PcAcDc x+HHnRm8GUzdMhW8oWWTSj5Pu3HW5e3ZkRvbKS/DsqccEeioBapszge5w+8gtoTS Goyr2JM80wJUKGpu3WBVhQuHA8vMmDNoVbb/dpGFZbxKhgQPFP5IMwpTNsvt+NUv gh42WbTA38mhlOK7EkaaQWC+RGXBqFbHR1f1UaE1LjPAE3lHaxiq5J0bwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJC3Ku5Wx73ChuftGrQ4L1ammKSGMB8GA1UdIwQY MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJMeHICui 51Pr4r3qL9fhz6f7OaLr/4odKfQCrJGvT2s3mLSB6BluQrahjC2fSd+noAehvBju OvUUYtsluhOkkwUuml8xURLICxa+qgAN8KfMrw/h82bRPsNW9naUjWDXf9xjsy3E b8Emv9F64wqUQ7lk1A/2fZ+nEjkWfBnSIgXyJCTq0xBEnQsJ1JtXNdE10WNqVCDP M4k5eB7T+RlHZ3d6HxyoMAKjRZ/eoZOt+pZ6N4wC8e2jTB8EHqEhK7g8KR4zsijm KXRefmW3543QQlxt4GiWPMh4Lq1EF+F6h2+LsbYtu6hLNmarvI5PRBK4sqJ7sUUf BZlnh3zqujwALw== -----END CERTIFICATE-----Generated at Thu Dec 11 23:00:52 2025 by rpki-client