Services
Tokens
AMM
NFT
Blockchain
Developers
XRP Ledger
EN
Earn 12% on XRPSponsored💰|Play Slots and win 70,000 XRP❤️Sponsored

How to Run an XRP Ledger Validator

This is a quick practical guide for running rippled in validator mode on the XRP Ledger. Keep the validator dedicated, private, updated, and monitored.

1. Prepare the Server

For production, use a dedicated bare-metal server. The practical baseline is:

  • Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Debian 12, RHEL, or another supported Linux distribution.
  • 8+ x86_64 CPU cores at 3+ GHz.
  • 64 GB RAM for production. 16 GB is only a testing minimum.
  • Fast SSD or NVMe storage with sustained 10,000 IOPS or better.
  • Gigabit network, stable latency, and accurate system time.

Enable NTP before installing rippled so the server clock stays in sync with the network:

timedatectl status
sudo timedatectl set-ntp true

2. Install rippled

Choose your operating system and copy the matching command. Use the stable package repository for production validators.

Ubuntu 24.04 uses Ripple's deb package. Ubuntu 24.04 Noble Numbat is supported on x86_64 and uses the stable deb repository.

  • Highest support and testing level for Ubuntu 24.04 on x86_64.
  • The repository codename is noble.
  • After gpg --show-keys, check that the key belongs to Ripple TechOps Team.
  • The rippled service should start automatically after installation.
sudo apt -y update
sudo apt -y install apt-transport-https ca-certificates wget gnupg

sudo install -m 0755 -d /etc/apt/keyrings
wget -qO- https://repos.ripple.com/repos/api/gpg/key/public | sudo gpg --dearmor -o /etc/apt/keyrings/ripple.gpg
gpg --show-keys /etc/apt/keyrings/ripple.gpg

echo "deb [signed-by=/etc/apt/keyrings/ripple.gpg] https://repos.ripple.com/repos/rippled-deb noble stable" | sudo tee /etc/apt/sources.list.d/ripple.list

sudo apt -y update
sudo apt -y install rippled

Check that the service started:

systemctl status rippled.service
rippled server_info

A fresh server can take several minutes to sync. Wait until server_state becomes full before enabling validation.

3. Set Your Validator Domain

Use your own domain if you have one and want it associated with the validator. You must be able to publish an xrp-ledger.toml file for this domain later.

In the next step, use that domain in ./validator-keys set_domain example.com, and then use the same domain in xrp-ledger.toml.

4. Create Validator Keys and Token

Generate validator keys on a secure machine, not on the validator host. Store validator-keys.json offline and backed up. Never publish it, never keep it on the validator, and generate one token at a time from the current backup.

Create the master validator key file:

cd /opt/ripple/bin
./validator-keys create_keys

Example output:

Validator keys stored in /home/validator-admin/.ripple/validator-keys.json

Set the domain in the validator key file before you configure the server. This updates the manifest and prints both the domain attestation and the validator token that belongs in rippled.cfg.

./validator-keys set_domain example.com

Example output format:

The domain name has been set to: example.com

The domain attestation for validator nHUtNnLVx7odrz5dnfb2xpIgbEeJPbzJWfdicSkGyVw1eE5GpjQr is:

attestation="A59AB577E14A7BEC053752FBFE78C3DED6DCEC81A7C41DF1931BC61742BB4FAEAA0D4F1C1EAE5BC74F6D68A3B26C8A223EA2492A5BD18D51F8AC7F4A97DFBE0C"

You should include it in your xrp-ledger.toml file in the
section for this validator.

You also need to update the rippled.cfg file to add a new
validator token and restart rippled:

Update rippled.cfg file with these values:

# validator public key: nHUtNnLVx7odrz5dnfb2xpIgbEeJPbzJWfdicSkGyVw1eE5GpjQr
[validator_token]
eyJ2YWxpZGF0aW9uX3NlY3J...example...
QzODdjMDYyNTkwNzk3MmY0ZTcx...example...
VUSmEydzBpMjFlcTNNWXl3TFZKWm5GT3I3QzBrdzJBaVR6U0NqSXpkaXRROD0ifQ==

Do not copy the sample token above; copy the token from your own terminal. Copy only the [validator_token] block to the validator server. Keep the # validator public key line somewhere safe; you will need it for TOML and for checking the validator on Bithomp.

If you later need to rotate a token without changing the domain, the command has the same output format:

./validator-keys create_token --keyfile /home/validator-admin/.ripple/validator-keys.json

Store the updated validator-keys.json backup after every command that generates a new token.

5. Configure the Validator

Back up the config, then edit /etc/opt/ripple/rippled.cfg:

sudo cp /etc/opt/ripple/rippled.cfg /etc/opt/ripple/rippled.cfg.backup
sudo nano /etc/opt/ripple/rippled.cfg

Add the token printed by set_domain:

# validator public key: nH...
[validator_token]
PASTE_THE_TOKEN_HERE

For a practical first setup, connect through known public hubs and keep your validator private.

[ips_fixed]
r.ripple.com 51235
sahyadri.isrdc.in 51235
hubs.xrpkuwait.com 51235
hub.xrpl-commons.org 51235

[peer_private]
1

Restrict the config file and restart:

sudo chmod 600 /etc/opt/ripple/rippled.cfg
sudo systemctl restart rippled.service

6. Check That It Is Live

First check locally. The validator public key should match the key created by validator-keys, and server_state should normally settle on proposing.

rippled server_info
rippled peers
rippled validators

Useful live log command:

journalctl -u rippled.service -f

Check on Bithomp

Run server_info and copy the pubkey_validator value from the output:

rippled server_info

Then open https://bithomp.com/validator/YOUR_VALIDATOR_PUBLIC_KEY, or search for it on the Bithomp Validators page. It may take time to appear the first time, because the validator must be seen by the network and indexed by Bithomp.

Open Validators

7. Publish TOML Domain Verification

After the domain is set in the validator keys and the validator token is installed in rippled.cfg, publish the matching xrp-ledger.toml. Serve it over HTTPS at:

https://example.com/.well-known/xrp-ledger.toml

Minimal validator entry. Use your validator public key and attestation from the set_domainoutput.

[METADATA]
modified = 2026-05-20T00:00:00.000Z

[[PRINCIPALS]]
name = "Bithomp"
email = "[email protected]"
x = "bithomp"

[[VALIDATORS]]
public_key = "nHB8QMKGt9VB4Vg71VszjBVQnDW3v3QudM4DwFaJfy96bj4Pv9fA"
attestation = "9537FBEBC7A676E8748F9D18FF5BD48662B6D811033F34C807E58B99B91484D22B26F56FC7E6B9B8D2233DD5F0DCF9462C3B264411964A93F0173D512F19F002"
network = "main"
owner_country = "se"
server_country = "FI"
network_asn = 24940
server_location = "HETZNER-AS, DE"
server_cloud = true
unl = "https://vl.xrplf.org"

Check that the file is reachable and validate it on Bithomp:

curl -fsSL https://example.com/.well-known/xrp-ledger.toml

You can also use the Bithomp TOML checker to inspect the file.

Quick Troubleshooting

  • No peers: check firewall rules, outbound access, and the [ips_fixed] hosts.
  • Not proposing: wait for sync, check system time, check rippled server_info, and read journalctl -u rippled.service.
  • Validator list expired: check outbound HTTPS access and validator list configuration.
  • Public key mismatch: confirm that the token in rippled.cfg was generated from the key file you backed up.