This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json) Hash identifier: qWEM9+0PFJP3CCTviIh85QCCyedNSUbNNZJrI/YDnso= Subject key identifier: 0D:6D:33:3F:39:0B:33:CF:0E:D2:B0:F2:37:8D:52:0D:F9:28:23:42 Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Certificate serial: 019B59E3FE2890AA87EDDDAE3FA4A04EB9D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft Manifest number: 07A9 Signing time: Fri 26 Dec 2025 09:01:12 +0000 Manifest this update: Fri 26 Dec 2025 09:01:12 +0000 Manifest next update: Sat 27 Dec 2025 09:01:12 +0000 Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: QGjOMuNxXUOOBMxVwgznXAwQwrz9iKCXnA3C4pyRV+k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:fe:28:90:aa:87:ed:dd:ae:3f:a4:a0:4e:b9:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495 Validity Not Before: Dec 26 09:01:12 2025 GMT Not After : Dec 27 09:01:12 2025 GMT Subject: CN=0d6d333f390b33cf0ed2b0f2378d520df9282342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:7d:e2:fd:22:b0:e6:80:f3:a0:86:8d:ce:9d: 19:19:1f:3c:06:07:cb:7c:34:69:ee:c8:cc:e9:33: b5:fd:80:f2:29:7e:b1:41:1b:a7:b8:3b:71:49:f8: 58:63:36:af:cb:94:5c:1a:56:c9:18:64:57:a9:61: 56:0d:b6:c2:3b:39:33:f5:35:89:5b:30:e4:f7:af: f7:df:ab:31:00:e7:fd:01:f4:cf:fb:f1:4a:49:47: 72:af:44:8b:32:27:79:7b:cd:74:54:92:b2:46:6a: f8:35:49:71:3f:3d:11:04:a0:b3:de:56:b6:8b:62: 9a:9f:9f:8a:fe:c9:0e:ce:f1:2b:20:57:14:a0:a8: f1:cd:cc:e0:97:c9:33:85:0a:16:16:48:a1:15:f7: 8e:ad:fa:4a:a1:46:42:81:8d:52:74:17:68:07:c5: fa:57:07:b4:14:21:60:59:ff:b9:94:28:59:08:d2: 49:51:6a:4a:b0:18:9a:c9:bd:9e:a1:34:05:02:79: 79:fc:2b:eb:18:ab:77:fd:ee:af:81:c3:00:97:81: 44:54:9b:59:5b:71:ff:11:73:ee:5c:5b:3c:16:61: 13:10:1c:f8:2e:6d:40:fe:ac:b6:e3:c1:5b:2a:ee: bb:3c:d0:56:72:de:05:28:6c:dd:61:42:94:f3:9b: 6c:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:6D:33:3F:39:0B:33:CF:0E:D2:B0:F2:37:8D:52:0D:F9:28:23:42 X509v3 Authority Key Identifier: keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:33:af:14:c9:8e:1c:45:fb:02:50:19:50:b5:ab:1c:e1:ce: 34:e2:63:da:a6:8d:de:d0:5a:46:0a:cd:a3:93:ff:3d:fa:a2: e6:35:5f:82:8e:a1:a6:bc:d9:ff:1f:54:31:25:2f:8b:12:25: 85:91:37:ff:d0:bb:7e:9a:1c:39:ab:03:d9:4a:52:35:e7:7e: b5:df:55:a6:27:93:f9:61:f3:98:db:70:d3:87:0a:61:73:2b: af:b2:3d:cd:4d:aa:6e:fa:18:fc:74:2a:01:2b:42:7d:4a:e4: e2:9f:79:d7:b0:67:a5:2b:5c:49:b0:bb:66:ca:92:2d:2d:33: c5:57:50:a4:75:02:35:12:1d:51:17:4d:68:a1:b2:20:4e:94: 80:40:d9:0a:a4:e7:94:1d:37:76:30:c0:5c:37:f5:4f:65:8b: 4d:68:56:25:ee:19:06:6a:ad:f8:f6:c4:dd:1f:a3:6e:c6:a5: 5e:c2:15:04:d8:9f:ea:07:97:4a:6b:08:03:a3:55:28:9f:da: 5b:82:f5:81:a3:aa:a0:d1:91:f9:73:ea:20:f1:fd:ac:d6:37: 57:05:1d:74:b4:cb:86:0c:29:ec:40:38:d6:bc:ca:2f:a3:f8: fc:64:27:2c:9e:92:40:3f:01:b9:07:31:57:c3:58:56:fa:4e: 23:5e:49:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ4/4okKqH7d2uP6SgTrnXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2 ZDA0OTUwHhcNMjUxMjI2MDkwMTEyWhcNMjUxMjI3MDkwMTEyWjAzMTEwLwYDVQQD EygwZDZkMzMzZjM5MGIzM2NmMGVkMmIwZjIzNzhkNTIwZGY5MjgyMzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH3i/SKw5oDzoIaNzp0ZGR88BgfL fDRp7sjM6TO1/YDyKX6xQRunuDtxSfhYYzavy5RcGlbJGGRXqWFWDbbCOzkz9TWJ WzDk96/336sxAOf9AfTP+/FKSUdyr0SLMid5e810VJKyRmr4NUlxPz0RBKCz3la2 i2Kan5+K/skOzvErIFcUoKjxzczgl8kzhQoWFkihFfeOrfpKoUZCgY1SdBdoB8X6 Vwe0FCFgWf+5lChZCNJJUWpKsBiayb2eoTQFAnl5/CvrGKt3/e6vgcMAl4FEVJtZ W3H/EXPuXFs8FmETEBz4Lm1A/qy248FbKu67PNBWct4FKGzdYUKU85tsjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1tMz85CzPPDtKw8jeNUg35KCNCMB8GA1UdIwQY MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXzOvFMmO HEX7AlAZULWrHOHONOJj2qaN3tBaRgrNo5P/Pfqi5jVfgo6hprzZ/x9UMSUvixIl hZE3/9C7fpocOasD2UpSNed+td9VpieT+WHzmNtw04cKYXMrr7I9zU2qbvoY/HQq AStCfUrk4p9517BnpStcSbC7ZsqSLS0zxVdQpHUCNRIdURdNaKGyIE6UgEDZCqTn lB03djDAXDf1T2WLTWhWJe4ZBmqt+PbE3R+jbsalXsIVBNif6geXSmsIA6NVKJ/a W4L1gaOqoNGR+XPqIPH9rNY3VwUddLTLhgwp7EA41rzKL6P4/GQnLJ6SQD8BuQcx V8NYVvpOI15Jkw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:15 2025 by rpki-client