This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft File: Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json) Hash identifier: ABgMmGO+HrWUOpqYoYvHNu7/9SdHdM6tQ4TXdtZV2D4= Subject key identifier: C3:32:D6:C7:92:34:E8:7A:F9:30:21:9F:A3:3F:41:DC:96:72:CF:D9 Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B Certificate issuer: /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Certificate serial: 019B38A2F000CDCCA1580299787020F1D772 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft Manifest number: 021F Signing time: Fri 19 Dec 2025 22:02:40 +0000 Manifest this update: Fri 19 Dec 2025 22:02:40 +0000 Manifest next update: Sat 20 Dec 2025 22:02:40 +0000 Files and hashes: 1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: v0IVPC+bi6dU8gjmbZrffeHz8O8SWr+nqVWRu+uj+Ec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:f0:00:cd:cc:a1:58:02:99:78:70:20:f1:d7:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Validity Not Before: Dec 19 22:02:40 2025 GMT Not After : Dec 20 22:02:40 2025 GMT Subject: CN=c332d6c79234e87af930219fa33f41dc9672cfd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:bf:49:2e:1d:15:3d:6d:6b:00:b3:a4:59:01: bb:27:b5:0e:f7:10:d7:df:b8:a7:0b:b7:83:9f:25: 9f:a3:ac:87:63:15:99:2d:a9:cc:57:72:1a:15:75: f3:10:fc:6a:dc:11:c7:9b:40:6f:9d:c2:88:c3:6e: d0:6d:b0:55:26:66:a7:db:6c:41:65:e3:68:09:66: 12:41:93:69:04:d2:55:c4:5e:3f:47:a6:20:37:55: 69:dd:3f:bc:13:27:45:b9:8e:51:f3:ee:4c:cb:15: 07:81:9c:fa:66:74:8a:fd:8c:41:c1:2c:a9:2d:00: 1b:d1:6a:b6:17:b8:4d:7e:f9:89:34:58:75:5a:fb: 23:d0:29:2c:84:2e:68:85:9a:d9:a7:cd:8b:34:6f: b9:05:db:69:e2:e7:4d:0b:1a:54:36:24:c4:4e:65: 53:ce:81:76:f5:4d:0c:a8:d4:35:28:8d:cd:d5:5a: 94:76:15:6f:fd:82:54:c7:2a:70:83:94:c8:ca:67: cc:77:b5:b2:2d:bc:9a:f9:87:e2:34:c0:de:90:a3: 5f:a4:34:b7:77:a5:e5:93:9e:99:77:09:6d:2a:2f: 3e:31:da:e8:6c:0f:65:af:6a:f4:55:39:f2:ad:03: 1c:35:e0:1d:8e:a6:76:17:36:81:69:be:0e:2a:96: 6f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:32:D6:C7:92:34:E8:7A:F9:30:21:9F:A3:3F:41:DC:96:72:CF:D9 X509v3 Authority Key Identifier: keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:74:6d:54:fc:a5:de:8f:66:03:08:32:83:0b:7a:20:98:ea: 19:5d:b8:87:6f:77:8c:3b:86:55:cc:3c:86:ed:61:96:5f:e1: 07:e9:24:a2:38:b0:d6:da:56:83:b9:80:50:c4:ca:24:0c:46: a8:b2:f2:0f:a3:5f:f3:87:69:60:62:a7:c2:34:d8:8a:ac:01: 79:b7:8d:4d:40:e4:a2:a0:0f:0f:5f:a1:31:42:1c:1b:b8:5b: 3f:96:6f:8f:d4:c0:90:1d:ba:03:78:53:c5:42:06:70:79:54: 81:3d:c4:65:88:a6:f4:2c:9f:61:90:db:44:4a:81:9b:45:f4: f6:0a:51:1c:e1:79:b9:ab:f2:8a:a2:b4:66:fb:3e:53:4c:1c: d0:65:77:ce:92:49:9b:c2:f5:12:8b:22:05:49:d6:88:4f:a7: 7a:3e:2c:b7:24:82:7c:50:f1:35:20:56:2c:8d:2c:d5:3a:ae: 12:d0:3d:2f:1a:6f:79:de:73:4f:e0:aa:4c:65:39:8b:73:f1: eb:ac:64:96:57:52:cc:a3:f8:76:52:30:81:4e:c4:9d:38:25: e7:89:25:5e:1e:0a:4d:07:c6:f2:c3:f8:ca:00:27:63:4b:c3: e2:f6:74:c4:3d:a0:d0:29:0b:8e:f0:58:fe:fc:ca:5b:0d:2a: fb:da:ad:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4ovAAzcyhWAKZeHAg8ddyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl YzNiNWIwHhcNMjUxMjE5MjIwMjQwWhcNMjUxMjIwMjIwMjQwWjAzMTEwLwYDVQQD EyhjMzMyZDZjNzkyMzRlODdhZjkzMDIxOWZhMzNmNDFkYzk2NzJjZmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA879JLh0VPW1rALOkWQG7J7UO9xDX 37inC7eDnyWfo6yHYxWZLanMV3IaFXXzEPxq3BHHm0BvncKIw27QbbBVJman22xB ZeNoCWYSQZNpBNJVxF4/R6YgN1Vp3T+8EydFuY5R8+5MyxUHgZz6ZnSK/YxBwSyp LQAb0Wq2F7hNfvmJNFh1Wvsj0CkshC5ohZrZp82LNG+5Bdtp4udNCxpUNiTETmVT zoF29U0MqNQ1KI3N1VqUdhVv/YJUxypwg5TIymfMd7WyLbya+YfiNMDekKNfpDS3 d6Xlk56ZdwltKi8+MdrobA9lr2r0VTnyrQMcNeAdjqZ2FzaBab4OKpZvSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMMy1seSNOh6+TAhn6M/QdyWcs/ZMB8GA1UdIwQY MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHRtVPyl 3o9mAwgygwt6IJjqGV24h293jDuGVcw8hu1hll/hB+kkojiw1tpWg7mAUMTKJAxG qLLyD6Nf84dpYGKnwjTYiqwBebeNTUDkoqAPD1+hMUIcG7hbP5Zvj9TAkB26A3hT xUIGcHlUgT3EZYim9CyfYZDbREqBm0X09gpRHOF5uavyiqK0Zvs+U0wc0GV3zpJJ m8L1EosiBUnWiE+nej4stySCfFDxNSBWLI0s1TquEtA9Lxpved5zT+CqTGU5i3Px 66xklldSzKP4dlIwgU7EnTgl54klXh4KTQfG8sP4ygAnY0vD4vZ0xD2g0CkLjvBY /vzKWw0q+9qt9g== -----END CERTIFICATE-----Generated at Sat Dec 20 07:40:07 2025 by rpki-client