This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft File: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json) Hash identifier: 9rzHlONhkBC93XPz261c3AHQUDhmYQc4RFcF9RbKx88= Subject key identifier: 12:F1:11:DA:6A:31:D5:C2:14:DE:44:DB:A0:9B:E3:D5:78:ED:9F:B0 Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 Certificate issuer: /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Certificate serial: 019B59E445BE613D12EDEB61202B75FE1970 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft Manifest number: 1508 Signing time: Fri 26 Dec 2025 09:01:30 +0000 Manifest this update: Fri 26 Dec 2025 09:01:30 +0000 Manifest next update: Sat 27 Dec 2025 09:01:30 +0000 Files and hashes: 1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: +iwgl49nsOt2Yj2rQ79QUzn/uL7FxlGlWLw8M5X8o/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:45:be:61:3d:12:ed:eb:61:20:2b:75:fe:19:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Validity Not Before: Dec 26 09:01:30 2025 GMT Not After : Dec 27 09:01:30 2025 GMT Subject: CN=12f111da6a31d5c214de44dba09be3d578ed9fb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b3:a8:4c:08:5a:6d:99:00:52:01:dc:7a:b3: bf:08:d9:4d:3f:94:cd:0b:80:9e:39:86:c1:af:e7: 4d:a1:c5:ba:41:24:92:aa:47:0b:3c:7f:e1:17:e6: ce:2f:b4:6d:04:ab:ed:5c:2a:3f:26:59:bb:af:c8: b7:58:26:00:2a:e7:d8:5f:b5:81:1a:5f:60:06:e6: 0e:89:43:67:8f:f3:16:cd:35:1a:d4:b1:7c:20:91: b9:1b:2e:a8:8e:3b:be:45:02:01:ee:f3:a3:33:ca: 24:fd:61:6e:93:4f:9a:87:1a:da:32:6b:cb:cf:ee: a8:d7:ae:c4:b0:c9:12:15:62:19:df:f4:6d:c9:87: 8f:4b:8a:b7:b7:4a:8b:3a:17:e8:9e:a2:b8:09:ba: ef:bc:07:42:37:57:fc:0d:4d:06:06:9d:28:8e:d8: 3f:c1:d0:f0:13:20:95:38:66:64:98:26:95:18:33: af:16:d4:0a:b3:e4:d7:1b:bb:d3:f4:ce:52:ea:d3: 2a:8e:2b:d5:0e:44:83:85:a7:d5:7f:8f:32:e6:74: ae:3e:a2:60:9c:57:3b:ac:81:5d:9a:07:c7:d8:fa: f1:1f:ff:0a:ef:6a:c6:d9:c7:82:a9:0f:32:73:6b: 79:cb:91:20:19:f6:0b:d8:a9:f4:e7:ea:48:ff:c6: 59:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:F1:11:DA:6A:31:D5:C2:14:DE:44:DB:A0:9B:E3:D5:78:ED:9F:B0 X509v3 Authority Key Identifier: keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:7e:c6:3f:ef:a2:46:ae:d4:1f:e2:6c:27:30:87:2d:a8:99: c5:4c:3f:3b:13:e3:ff:20:dd:4a:c1:bc:5b:78:87:67:2e:58: f4:5c:b8:f6:06:05:fc:28:ee:b2:b3:fb:3a:0d:2f:84:a8:a7: b2:08:0f:ed:34:4e:1d:74:97:bd:5a:ae:c3:bd:ff:df:48:39: df:28:8b:0b:a6:1b:96:2d:a4:5b:f6:7f:07:c9:0a:89:64:16: ea:d3:3e:dc:f4:b4:71:cb:2d:ee:58:e0:c6:c6:39:e3:08:61: 1e:18:c8:47:b9:4b:e1:07:5e:2f:38:41:fb:01:2d:33:65:5f: c9:5d:2d:fc:98:f6:0e:b4:c7:9a:be:18:5c:3a:51:45:14:d8: d2:b4:b0:45:69:98:4a:d3:d3:b5:b4:b0:d8:c3:12:1e:db:cb: e6:1d:63:4c:35:00:f3:99:1b:c0:ca:6a:b4:00:b0:38:48:2a: 01:54:a4:93:bc:aa:85:c7:fb:3e:b2:14:2d:b3:89:bc:40:a2: c1:61:ad:09:7a:a3:b4:9f:13:8e:67:e8:11:90:e7:43:95:35: b5:db:9d:7e:74:f4:07:cf:bd:37:38:fd:3a:1b:1d:95:06:a3: cc:85:43:00:b3:43:12:4f:33:5b:01:72:19:14:f1:d1:b1:c0: 21:15:90:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5EW+YT0S7ethICt1/hlwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0 MGNiODIwHhcNMjUxMjI2MDkwMTMwWhcNMjUxMjI3MDkwMTMwWjAzMTEwLwYDVQQD EygxMmYxMTFkYTZhMzFkNWMyMTRkZTQ0ZGJhMDliZTNkNTc4ZWQ5ZmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLOoTAhabZkAUgHcerO/CNlNP5TN C4CeOYbBr+dNocW6QSSSqkcLPH/hF+bOL7RtBKvtXCo/Jlm7r8i3WCYAKufYX7WB Gl9gBuYOiUNnj/MWzTUa1LF8IJG5Gy6ojju+RQIB7vOjM8ok/WFuk0+ahxraMmvL z+6o167EsMkSFWIZ3/RtyYePS4q3t0qLOhfonqK4CbrvvAdCN1f8DU0GBp0ojtg/ wdDwEyCVOGZkmCaVGDOvFtQKs+TXG7vT9M5S6tMqjivVDkSDhafVf48y5nSuPqJg nFc7rIFdmgfH2PrxH/8K72rG2ceCqQ8yc2t5y5EgGfYL2Kn05+pI/8ZZQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBLxEdpqMdXCFN5E26Cb49V47Z+wMB8GA1UdIwQY MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0 LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPn7GP++i Rq7UH+JsJzCHLaiZxUw/OxPj/yDdSsG8W3iHZy5Y9Fy49gYF/CjusrP7Og0vhKin sggP7TROHXSXvVquw73/30g53yiLC6Ybli2kW/Z/B8kKiWQW6tM+3PS0ccst7ljg xsY54whhHhjIR7lL4QdeLzhB+wEtM2VfyV0t/Jj2DrTHmr4YXDpRRRTY0rSwRWmY StPTtbSw2MMSHtvL5h1jTDUA85kbwMpqtACwOEgqAVSkk7yqhcf7PrIULbOJvECi wWGtCXqjtJ8TjmfoEZDnQ5U1tdudfnT0B8+9Nzj9OhsdlQajzIVDALNDEk8zWwFy GRTx0bHAIRWQuw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:07 2025 by rpki-client