This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.mft File: XBEKKwrrN_DJMqlr279-82whGXw.mft (raw, json) Hash identifier: FHGx8Gg4IUFZ5cQdt77qniNzDtawMiSkm5gQpVij6nc= Subject key identifier: 46:D0:41:D2:F7:4B:BE:23:D1:B4:FE:BA:FE:FC:6C:78:18:64:A6:EF Authority key identifier: 5C:11:0A:2B:0A:EB:37:F0:C9:32:A9:6B:DB:BF:7E:F3:6C:21:19:7C Certificate issuer: /CN=5c110a2b0aeb37f0c932a96bdbbf7ef36c21197c Certificate serial: 019B481585C0091F815DC51AC3061220E8E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XBEKKwrrN_DJMqlr279-82whGXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.mft Manifest number: 12FA Signing time: Mon 22 Dec 2025 22:02:08 +0000 Manifest this update: Mon 22 Dec 2025 22:02:08 +0000 Manifest next update: Tue 23 Dec 2025 22:02:08 +0000 Files and hashes: 1: XBEKKwrrN_DJMqlr279-82whGXw.crl (hash: E93rctmDLvj/rNZFH6+9UVWaKXEmAzhXPrsRVPrkrak=) 2: kzlWeerWBpLQJUvq-zvqgpRgYGk.roa (hash: nVND6/0jbck+9wjQsXvYtJIdnT8gV1/CUuZluisEp4g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.mft rsync://rpki.ripe.net/repository/DEFAULT/XBEKKwrrN_DJMqlr279-82whGXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:85:c0:09:1f:81:5d:c5:1a:c3:06:12:20:e8:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c110a2b0aeb37f0c932a96bdbbf7ef36c21197c Validity Not Before: Dec 22 22:02:08 2025 GMT Not After : Dec 23 22:02:08 2025 GMT Subject: CN=46d041d2f74bbe23d1b4febafefc6c781864a6ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b4:70:1c:bc:99:77:67:fc:e6:2b:7c:d0:66: 4d:78:95:98:6b:82:8d:d5:24:bb:f2:97:d9:40:4f: 85:83:94:49:08:92:27:d5:65:34:7f:96:70:eb:67: f2:79:8a:96:ff:56:7e:89:63:09:b2:06:82:52:6a: ed:95:06:d2:b1:e9:26:4d:f0:be:48:7e:8c:a0:9a: b4:ee:b9:4d:72:2b:fb:c3:0e:2d:a3:e9:ec:9e:db: b8:d1:2c:de:4b:e5:46:cd:c1:95:c8:62:93:54:94: b2:d8:d9:d6:ab:2c:08:8d:c5:99:77:0f:4c:b9:8e: 46:01:1e:69:82:95:88:d6:9f:f0:13:38:25:55:88: e7:25:14:e7:9b:7b:f4:e7:99:87:31:ce:72:5d:32: 18:eb:4d:50:41:21:75:4b:58:09:52:8b:3b:7a:7e: 07:52:ef:8f:15:32:48:68:34:e0:85:44:27:3a:91: b0:2e:dd:47:34:5b:2e:28:6f:33:38:5b:d1:39:b0: 3b:00:ed:15:43:18:08:f7:02:c9:74:59:b5:bc:c4: 1b:d3:e6:88:91:5a:84:09:c5:3e:b2:b4:72:76:e7: 37:50:9c:91:3a:43:28:07:44:93:4f:f0:4c:c9:c8: 24:77:4c:27:c6:87:2e:e2:77:be:9b:1e:12:df:88: 3c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:D0:41:D2:F7:4B:BE:23:D1:B4:FE:BA:FE:FC:6C:78:18:64:A6:EF X509v3 Authority Key Identifier: keyid:5C:11:0A:2B:0A:EB:37:F0:C9:32:A9:6B:DB:BF:7E:F3:6C:21:19:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XBEKKwrrN_DJMqlr279-82whGXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e4c435-e6cd-4da0-9e32-a44224fac3ff/1/XBEKKwrrN_DJMqlr279-82whGXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:43:a5:c6:78:28:dd:9b:a2:83:47:f7:2e:6f:71:40:5f:cf: 1b:66:37:ce:a6:5c:fc:ea:e1:de:2b:68:32:e3:46:58:c4:ba: 19:2f:55:5e:a0:72:46:00:be:9d:70:5d:8b:26:06:7f:66:8c: b5:61:41:93:84:cf:6e:42:aa:70:89:ba:02:78:42:7b:b3:76: 5d:72:f9:ef:05:8c:10:32:97:d5:cc:55:35:bf:52:6d:26:a1: 6b:6c:7c:30:b6:97:7c:5f:e9:05:8e:1a:39:c5:c8:90:14:e5: 44:c3:fe:e7:70:26:c7:7f:c4:54:e5:4f:6e:60:6d:23:70:e8: c9:5a:d8:e1:57:e7:57:69:31:af:c9:50:42:b5:5d:f6:9f:86: 15:73:57:80:72:9c:b1:be:ad:e7:84:93:f2:9d:f9:31:68:15: c1:1e:6d:a0:5c:b6:50:74:9a:e3:e9:ca:b5:96:a7:02:69:ec: 14:5a:fd:99:9b:3b:d6:48:8e:7a:ba:15:b4:95:d4:fa:a8:11: 85:5b:ca:25:d4:6d:75:91:d0:13:46:11:d3:0a:19:40:3a:4b: ae:76:91:d3:08:94:2b:0c:60:78:8d:27:6e:7a:2d:1d:78:0f: f9:3c:23:96:85:06:a0:93:e8:8d:82:74:f7:2a:9a:b7:13:e0: 3a:2b:e6:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFYXACR+BXcUawwYSIOjmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjMTEwYTJiMGFlYjM3ZjBjOTMyYTk2YmRiYmY3ZWYzNmMy MTE5N2MwHhcNMjUxMjIyMjIwMjA4WhcNMjUxMjIzMjIwMjA4WjAzMTEwLwYDVQQD Eyg0NmQwNDFkMmY3NGJiZTIzZDFiNGZlYmFmZWZjNmM3ODE4NjRhNmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLRwHLyZd2f85it80GZNeJWYa4KN 1SS78pfZQE+Fg5RJCJIn1WU0f5Zw62fyeYqW/1Z+iWMJsgaCUmrtlQbSsekmTfC+ SH6MoJq07rlNciv7ww4to+nsntu40SzeS+VGzcGVyGKTVJSy2NnWqywIjcWZdw9M uY5GAR5pgpWI1p/wEzglVYjnJRTnm3v055mHMc5yXTIY601QQSF1S1gJUos7en4H Uu+PFTJIaDTghUQnOpGwLt1HNFsuKG8zOFvRObA7AO0VQxgI9wLJdFm1vMQb0+aI kVqECcU+srRyduc3UJyROkMoB0STT/BMycgkd0wnxocu4ne+mx4S34g8FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbQQdL3S74j0bT+uv78bHgYZKbvMB8GA1UdIwQY MBaAFFwRCisK6zfwyTKpa9u/fvNsIRl8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEJFS0t3cnJOX0RKTXFscjI3OS04MndoR1h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lNGM0MzUtZTZjZC00ZGEwLTllMzIt YTQ0MjI0ZmFjM2ZmLzEvWEJFS0t3cnJOX0RKTXFscjI3OS04MndoR1h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9lNGM0MzUtZTZjZC00ZGEwLTllMzItYTQ0MjI0ZmFjM2Zm LzEvWEJFS0t3cnJOX0RKTXFscjI3OS04MndoR1h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa0Olxngo 3Zuig0f3Lm9xQF/PG2Y3zqZc/Orh3itoMuNGWMS6GS9VXqByRgC+nXBdiyYGf2aM tWFBk4TPbkKqcIm6AnhCe7N2XXL57wWMEDKX1cxVNb9SbSaha2x8MLaXfF/pBY4a OcXIkBTlRMP+53Amx3/EVOVPbmBtI3DoyVrY4VfnV2kxr8lQQrVd9p+GFXNXgHKc sb6t54ST8p35MWgVwR5toFy2UHSa4+nKtZanAmnsFFr9mZs71kiOeroVtJXU+qgR hVvKJdRtdZHQE0YR0woZQDpLrnaR0wiUKwxgeI0nbnotHXgP+TwjloUGoJPojYJ0 9yqatxPgOivmZQ== -----END CERTIFICATE-----Generated at Tue Dec 23 03:14:46 2025 by rpki-client