This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft File: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft (raw, json) Hash identifier: l8iWiHukB0zDyS4Av+l4tDtugnUw5WXj3/f2tvBH8LM= Subject key identifier: 1E:55:F6:63:56:22:EF:32:7F:EC:F9:93:2E:3F:6E:42:D9:03:72:F1 Authority key identifier: 5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79 Certificate issuer: /CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579 Certificate serial: 019B19BCBCD1CB1927B3CFCCB265C1ED947A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft Manifest number: 1772 Signing time: Sat 13 Dec 2025 22:02:37 +0000 Manifest this update: Sat 13 Dec 2025 22:02:37 +0000 Manifest next update: Sun 14 Dec 2025 22:02:37 +0000 Files and hashes: 1: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl (hash: 65vrpdR+nMEYEnh5Gy6ujYNV1BWTQV3CPRnUAf2uWcI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bc:bc:d1:cb:19:27:b3:cf:cc:b2:65:c1:ed:94:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579 Validity Not Before: Dec 13 22:02:37 2025 GMT Not After : Dec 14 22:02:37 2025 GMT Subject: CN=1e55f6635622ef327fecf9932e3f6e42d90372f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:f4:16:c3:16:e0:94:02:a3:bf:a6:50:2a:2c: 28:c2:99:ad:c5:7b:fc:dd:d1:11:20:b8:99:74:9c: 3f:9f:0d:63:3c:af:10:68:7c:6d:d6:db:b1:00:37: 36:7f:5e:f1:bf:09:53:3f:16:4b:84:32:d0:c2:cf: fb:c8:02:b2:2a:31:63:5c:22:25:e3:ef:19:5e:ae: 1a:87:bb:02:53:f3:37:ef:f3:30:3e:ae:fc:87:98: c2:d6:24:a7:8d:bf:83:1e:bb:1b:07:c4:88:2c:75: 24:f5:a5:f4:1b:91:a5:b9:6d:ba:52:29:00:60:4e: 56:55:5a:28:ea:be:66:6c:54:0e:57:a3:a1:dd:8c: b5:45:25:07:80:4d:79:42:61:82:ea:8b:59:16:d8: 68:6d:0d:dd:78:76:9c:4a:12:25:7d:e5:ab:77:8b: 6e:0b:1c:9c:b5:16:ea:e8:8e:ab:d7:41:55:b7:9c: c5:da:85:ca:45:d3:a8:ff:be:69:1d:07:14:0e:88: fb:97:07:61:c2:eb:05:a2:14:ee:0d:ee:6b:85:8a: 4f:22:ad:5f:f3:c9:da:d1:6f:e4:89:c8:c8:43:08: 80:a1:85:4e:6e:5c:60:29:94:e0:8a:00:72:a5:87: d7:33:91:2f:0c:ec:09:3c:59:58:6b:4d:72:37:43: 17:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:55:F6:63:56:22:EF:32:7F:EC:F9:93:2E:3F:6E:42:D9:03:72:F1 X509v3 Authority Key Identifier: keyid:5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:84:8f:4b:86:73:4a:7d:41:2c:31:0d:e8:88:7c:86:50:2b: ea:2b:99:86:a3:74:c2:7a:d8:7a:8c:26:8f:8b:fc:e5:cb:2d: 85:c3:ed:97:7b:9b:9d:48:de:95:66:1c:95:c5:41:67:3f:cc: 91:5d:1f:d5:83:5e:9f:8c:3f:f8:af:da:5d:d8:e0:b0:ca:3c: 01:7c:64:70:9a:7b:51:ee:08:5b:63:ea:72:b7:ee:02:c1:f0: 5e:37:b3:0d:14:ba:e0:20:af:5e:87:e6:d5:80:08:91:9d:ff: 45:91:be:68:17:14:36:74:39:45:82:9a:25:26:f8:ec:18:55: 52:ea:84:67:2f:ce:fe:16:de:49:37:42:40:47:22:55:ed:3a: ca:7c:c3:57:a7:61:74:4a:cc:d0:ab:fe:8a:a7:0e:a0:11:c4: 7d:c4:61:79:8b:31:62:20:3e:df:4a:f7:b1:d6:04:07:19:23: d3:ee:e5:3a:ee:bb:a7:68:45:de:f1:55:f4:64:79:a4:97:5d: 1d:3c:31:54:a9:5b:c6:67:c4:4e:28:65:43:f6:3a:68:21:59: d8:77:32:e1:83:75:58:22:3b:d5:77:03:13:59:51:65:9f:d6: e3:b0:bf:e4:ad:fe:d4:ff:75:31:c5:ee:42:8f:75:f6:a8:2e: a5:24:da:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZvLzRyxkns8/MsmXB7ZR6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZmFhZmI2MWEwYzc0YTA0OWQ5NmJjZGU1OWNiOTQyY2M4 ZDU1NzkwHhcNMjUxMjEzMjIwMjM3WhcNMjUxMjE0MjIwMjM3WjAzMTEwLwYDVQQD EygxZTU1ZjY2MzU2MjJlZjMyN2ZlY2Y5OTMyZTNmNmU0MmQ5MDM3MmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPQWwxbglAKjv6ZQKiwowpmtxXv8 3dERILiZdJw/nw1jPK8QaHxt1tuxADc2f17xvwlTPxZLhDLQws/7yAKyKjFjXCIl 4+8ZXq4ah7sCU/M37/MwPq78h5jC1iSnjb+DHrsbB8SILHUk9aX0G5GluW26UikA YE5WVVoo6r5mbFQOV6Oh3Yy1RSUHgE15QmGC6otZFthobQ3deHacShIlfeWrd4tu CxyctRbq6I6r10FVt5zF2oXKRdOo/75pHQcUDoj7lwdhwusFohTuDe5rhYpPIq1f 88na0W/kicjIQwiAoYVOblxgKZTgigBypYfXM5EvDOwJPFlYa01yN0MX+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB5V9mNWIu8yf+z5ky4/bkLZA3LxMB8GA1UdIwQY MBaAFF36r7YaDHSgSdlrzeWcuULMjVV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGIt ZjJkOWYwZTdhNjk3LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGItZjJkOWYwZTdhNjk3 LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeYSPS4Zz Sn1BLDEN6Ih8hlAr6iuZhqN0wnrYeowmj4v85csthcPtl3ubnUjelWYclcVBZz/M kV0f1YNen4w/+K/aXdjgsMo8AXxkcJp7Ue4IW2PqcrfuAsHwXjezDRS64CCvXofm 1YAIkZ3/RZG+aBcUNnQ5RYKaJSb47BhVUuqEZy/O/hbeSTdCQEciVe06ynzDV6dh dErM0Kv+iqcOoBHEfcRheYsxYiA+30r3sdYEBxkj0+7lOu67p2hF3vFV9GR5pJdd HTwxVKlbxmfETihlQ/Y6aCFZ2Hcy4YN1WCI71XcDE1lRZZ/W47C/5K3+1P91McXu Qo919qgupSTaYA== -----END CERTIFICATE-----Generated at Sun Dec 14 01:57:59 2025 by rpki-client