This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft File: Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json) Hash identifier: qOamJq53HaDThPRlPzirxJhj0DPNKywSFMBsjyQIN2M= Subject key identifier: 0A:CA:93:35:B5:48:87:6F:FD:7A:6D:E5:9C:A9:FB:81:BA:26:66:EA Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B Certificate issuer: /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b Certificate serial: 019B1FF4A09EEBBA9E120640599E581EAAC9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft Manifest number: 0DCF Signing time: Mon 15 Dec 2025 03:01:23 +0000 Manifest this update: Mon 15 Dec 2025 03:01:23 +0000 Manifest next update: Tue 16 Dec 2025 03:01:23 +0000 Files and hashes: 1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: dYuXfArcVZqCyYgLYpyWAiQVEGJV3Agq67mMeaPRvuo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 03:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:a0:9e:eb:ba:9e:12:06:40:59:9e:58:1e:aa:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b Validity Not Before: Dec 15 03:01:23 2025 GMT Not After : Dec 16 03:01:23 2025 GMT Subject: CN=0aca9335b548876ffd7a6de59ca9fb81ba2666ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:99:5b:42:95:0e:3c:5b:d9:1a:b4:db:70:cd: 31:6e:de:bd:b5:03:13:5f:c0:18:47:4f:15:5e:39: c5:72:57:a2:42:f1:f3:10:16:ce:58:b2:44:3a:98: 86:90:b1:9f:75:90:10:2d:a8:93:b0:8e:d9:50:3b: a1:e1:3f:c2:cd:2b:b9:d0:54:04:6d:95:7a:b0:3e: 1c:01:94:96:22:50:7b:a8:23:a2:75:22:4d:2f:b0: 5d:53:46:9b:9f:a1:e4:a7:43:5c:53:07:25:0e:9d: f3:76:66:19:e9:6b:30:fd:b8:13:89:d5:da:bd:41: ef:ad:09:f6:c9:c2:dd:eb:8e:bb:1c:ba:20:bc:2d: 0b:d4:fa:e6:88:08:10:19:e4:72:87:94:7f:69:45: 7c:bf:24:eb:b9:a5:93:52:b5:c9:ac:ae:de:3b:e8: c0:68:11:69:19:2a:35:5d:1a:00:b3:10:f8:ef:36: 76:9f:ae:ab:db:df:57:cf:dc:8b:de:30:91:0d:b8: 05:98:3e:b1:76:af:d0:92:ce:7b:11:f2:f6:f6:ad: 40:56:03:93:1f:0c:ca:f2:59:7b:35:5b:8d:32:8c: 8a:76:12:93:a2:96:43:37:0a:0e:35:5a:69:8c:4e: 76:c5:18:8a:a2:7b:8e:61:9b:56:9c:b3:20:54:5d: 0b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:CA:93:35:B5:48:87:6F:FD:7A:6D:E5:9C:A9:FB:81:BA:26:66:EA X509v3 Authority Key Identifier: keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:2f:b7:98:d8:63:af:60:6f:82:a4:3e:9a:78:6a:08:36:5e: 13:b8:9f:f0:ff:e0:00:1b:8b:17:e2:21:f6:1d:2e:41:f4:ea: 27:ba:3f:fe:00:c2:c2:97:df:52:7c:1d:f9:fe:76:87:48:62: fa:72:46:11:86:fd:2e:2d:6a:7d:e4:d2:25:2a:25:9a:4d:aa: 15:5d:42:fe:9f:8d:2c:e0:df:10:f7:51:68:74:d9:69:30:b0: 90:80:99:f6:0a:93:c7:b8:6f:20:e0:3c:a8:66:ad:93:f7:1d: bc:96:1f:73:0d:b9:97:c3:6a:6d:4c:03:c7:ce:88:0b:87:b9: 1b:48:17:f9:2d:b8:ab:0e:f8:c0:50:10:de:10:ff:3c:18:5c: 2c:24:03:75:66:81:a8:fa:bb:95:13:25:f1:69:34:b2:41:a7: 06:69:01:ef:66:74:55:f6:2e:51:f5:f9:fd:97:d4:e1:06:1b: 10:c7:e6:0c:31:70:b4:7e:6c:d8:d9:1f:9e:32:c4:fe:cc:3a: 9b:a4:5b:53:06:6e:1c:31:b4:ef:70:40:5e:d2:29:70:d2:44: a2:31:41:85:2c:0e:db:27:1c:f5:06:02:02:18:1e:ab:8b:c0: c6:37:64:54:84:67:93:3e:f2:4e:82:b5:18:eb:e4:5b:50:e2: f2:93:78:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9KCe67qeEgZAWZ5YHqrJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5 Yjc4M2IwHhcNMjUxMjE1MDMwMTIzWhcNMjUxMjE2MDMwMTIzWjAzMTEwLwYDVQQD EygwYWNhOTMzNWI1NDg4NzZmZmQ3YTZkZTU5Y2E5ZmI4MWJhMjY2NmVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5lbQpUOPFvZGrTbcM0xbt69tQMT X8AYR08VXjnFcleiQvHzEBbOWLJEOpiGkLGfdZAQLaiTsI7ZUDuh4T/CzSu50FQE bZV6sD4cAZSWIlB7qCOidSJNL7BdU0abn6Hkp0NcUwclDp3zdmYZ6Wsw/bgTidXa vUHvrQn2ycLd6467HLogvC0L1PrmiAgQGeRyh5R/aUV8vyTruaWTUrXJrK7eO+jA aBFpGSo1XRoAsxD47zZ2n66r299Xz9yL3jCRDbgFmD6xdq/Qks57EfL29q1AVgOT HwzK8ll7NVuNMoyKdhKTopZDNwoONVppjE52xRiKonuOYZtWnLMgVF0LTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFArKkzW1SIdv/Xpt5Zyp+4G6JmbqMB8GA1UdIwQY MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGi+3mNhj r2BvgqQ+mnhqCDZeE7if8P/gABuLF+Ih9h0uQfTqJ7o//gDCwpffUnwd+f52h0hi +nJGEYb9Li1qfeTSJSolmk2qFV1C/p+NLODfEPdRaHTZaTCwkICZ9gqTx7hvIOA8 qGatk/cdvJYfcw25l8NqbUwDx86IC4e5G0gX+S24qw74wFAQ3hD/PBhcLCQDdWaB qPq7lRMl8Wk0skGnBmkB72Z0VfYuUfX5/ZfU4QYbEMfmDDFwtH5s2NkfnjLE/sw6 m6RbUwZuHDG073BAXtIpcNJEojFBhSwO2ycc9QYCAhgeq4vAxjdkVIRnkz7yToK1 GOvkW1Di8pN41w== -----END CERTIFICATE-----Generated at Mon Dec 15 12:09:31 2025 by rpki-client