This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft File: kXWIXPl40u9mE3YhRTC57WjFtFg.mft (raw, json) Hash identifier: TJID70CeuvnVLtqS6fOFae8bc9BZUQvleHq+sDMlTvo= Subject key identifier: BB:4E:46:0A:57:FD:5F:E5:BF:68:E3:87:CE:DD:A5:71:A7:0D:A8:CA Authority key identifier: 91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58 Certificate issuer: /CN=9175885cf978d2ef661376214530b9ed68c5b458 Certificate serial: 019B5977004A3A094FFC3D5DF469112BFCD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft Manifest number: 0AB4 Signing time: Fri 26 Dec 2025 07:02:09 +0000 Manifest this update: Fri 26 Dec 2025 07:02:09 +0000 Manifest next update: Sat 27 Dec 2025 07:02:09 +0000 Files and hashes: 1: kXWIXPl40u9mE3YhRTC57WjFtFg.crl (hash: jjBUCorSKXnJyj2h/T1ylQfn47nUd2AriTa1mRN5BAw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:00:4a:3a:09:4f:fc:3d:5d:f4:69:11:2b:fc:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9175885cf978d2ef661376214530b9ed68c5b458 Validity Not Before: Dec 26 07:02:09 2025 GMT Not After : Dec 27 07:02:09 2025 GMT Subject: CN=bb4e460a57fd5fe5bf68e387cedda571a70da8ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d9:c1:70:2c:98:d1:67:08:be:f3:03:31:5d: fb:a4:4b:f4:c9:90:1f:2d:84:34:5a:1f:39:df:81: e7:9e:a2:ae:c9:38:9b:ef:d8:25:b1:97:bf:d7:ec: e5:e4:25:e8:9b:ec:b5:7d:a4:90:c8:b5:cd:17:96: 1e:74:fb:e8:76:35:dd:df:af:f3:1b:b7:51:f5:c3: 77:8c:c8:ba:de:6c:fe:71:4c:fc:60:da:a4:14:f3: b8:52:d0:44:d9:c5:cd:52:3d:28:78:28:e6:ec:1b: 54:1d:43:53:88:af:c5:75:1c:64:6d:7a:c2:57:63: f8:04:a8:80:c2:10:a6:f3:62:62:fb:11:7c:1a:d2: 09:c7:ad:d3:9c:3f:4c:4e:8d:d1:9c:6f:15:8f:80: e1:11:8f:36:2e:76:ea:87:61:d5:ef:b1:06:d7:5f: 01:9e:95:8f:94:f3:ce:6a:2f:e9:02:a5:0c:8e:c7: 9c:46:7e:6e:21:cd:d1:39:9d:75:10:87:84:1e:bf: 8f:1f:4a:a1:14:f2:75:70:1a:1b:8f:a6:53:37:a1: 4e:d3:19:64:10:d1:28:a6:13:e1:de:9e:74:05:b0: 96:77:7e:91:4d:30:38:dd:ff:32:ff:e6:28:00:c2: 0c:61:c0:7e:a9:b0:94:e4:69:2b:71:f1:ec:5b:c5: cf:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:4E:46:0A:57:FD:5F:E5:BF:68:E3:87:CE:DD:A5:71:A7:0D:A8:CA X509v3 Authority Key Identifier: keyid:91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:e1:ad:57:bc:13:e6:29:8e:41:fb:98:e3:26:bd:5c:cc:46: 5b:02:ac:9e:3b:42:b8:a3:c0:0a:5b:ff:f8:38:88:ef:fc:b4: b8:ac:97:2c:9c:1e:fd:fd:3a:5e:db:ed:01:8d:b7:6d:cb:57: 8d:65:9c:f0:51:e4:4a:f4:e0:a0:4c:f3:0d:b6:96:f2:a9:c1: f8:32:e2:43:ce:89:c2:ad:59:e2:12:4a:65:a8:53:97:09:ee: 1c:83:c6:94:13:17:93:2f:14:8d:27:f6:75:52:07:99:19:d2: 5f:08:29:bc:ec:6e:8d:ec:fc:95:0b:0c:c8:51:78:74:59:83: fb:18:8c:84:ff:61:ba:56:de:8e:34:39:09:3e:bf:0d:07:22: a3:05:5f:db:85:fa:65:d1:d9:d5:e0:a3:39:57:c5:28:56:42: 92:0a:a5:45:1c:ef:af:b4:88:13:40:f6:99:d6:87:b1:b0:f4: 48:38:53:a9:e5:f4:96:62:f4:7b:6d:f2:53:1b:47:94:fc:29: d8:ab:fb:f9:ea:ce:1f:86:7f:f0:07:14:ab:9a:59:ad:3e:5a: dd:35:08:4c:7b:e0:2c:f2:a5:be:93:2e:c4:c5:b4:7d:56:ff: ba:21:6a:e3:14:b5:53:01:a0:bb:56:ca:99:49:3c:50:09:0b: d7:d3:1e:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdwBKOglP/D1d9GkRK/zZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNzU4ODVjZjk3OGQyZWY2NjEzNzYyMTQ1MzBiOWVkNjhj NWI0NTgwHhcNMjUxMjI2MDcwMjA5WhcNMjUxMjI3MDcwMjA5WjAzMTEwLwYDVQQD EyhiYjRlNDYwYTU3ZmQ1ZmU1YmY2OGUzODdjZWRkYTU3MWE3MGRhOGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNnBcCyY0WcIvvMDMV37pEv0yZAf LYQ0Wh8534HnnqKuyTib79glsZe/1+zl5CXom+y1faSQyLXNF5YedPvodjXd36/z G7dR9cN3jMi63mz+cUz8YNqkFPO4UtBE2cXNUj0oeCjm7BtUHUNTiK/FdRxkbXrC V2P4BKiAwhCm82Ji+xF8GtIJx63TnD9MTo3RnG8Vj4DhEY82Lnbqh2HV77EG118B npWPlPPOai/pAqUMjsecRn5uIc3ROZ11EIeEHr+PH0qhFPJ1cBobj6ZTN6FO0xlk ENEophPh3p50BbCWd36RTTA43f8y/+YoAMIMYcB+qbCU5GkrcfHsW8XPFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtORgpX/V/lv2jjh87dpXGnDajKMB8GA1UdIwQY MBaAFJF1iFz5eNLvZhN2IUUwue1oxbRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQt MWI5NTgxOWNmYzljLzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQtMWI5NTgxOWNmYzlj LzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeGtV7wT 5imOQfuY4ya9XMxGWwKsnjtCuKPAClv/+DiI7/y0uKyXLJwe/f06XtvtAY23bctX jWWc8FHkSvTgoEzzDbaW8qnB+DLiQ86Jwq1Z4hJKZahTlwnuHIPGlBMXky8UjSf2 dVIHmRnSXwgpvOxujez8lQsMyFF4dFmD+xiMhP9hulbejjQ5CT6/DQciowVf24X6 ZdHZ1eCjOVfFKFZCkgqlRRzvr7SIE0D2mdaHsbD0SDhTqeX0lmL0e23yUxtHlPwp 2Kv7+erOH4Z/8AcUq5pZrT5a3TUITHvgLPKlvpMuxMW0fVb/uiFq4xS1UwGgu1bK mUk8UAkL19MeGg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:06 2025 by rpki-client