This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json) Hash identifier: TS3W2IhbjDqPQJY11g9ONzl7V9Ye3zRZfH95dRq7dlM= Subject key identifier: 83:43:AF:03:FF:31:51:12:77:E8:F1:75:88:75:CD:5B:66:40:B8:25 Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d Certificate serial: 019B35A039B6FCA1BE1983D68F5C630B9945 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft Manifest number: 1716 Signing time: Fri 19 Dec 2025 08:00:51 +0000 Manifest this update: Fri 19 Dec 2025 08:00:51 +0000 Manifest next update: Sat 20 Dec 2025 08:00:51 +0000 Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=) 2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: 0ZUiTww+9clpzYqE3qY6XydK7Nc0jAEtYg3lUVbI5Iw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a0:39:b6:fc:a1:be:19:83:d6:8f:5c:63:0b:99:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d Validity Not Before: Dec 19 08:00:51 2025 GMT Not After : Dec 20 08:00:51 2025 GMT Subject: CN=8343af03ff31511277e8f1758875cd5b6640b825 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:59:00:ea:9c:9c:03:8c:6e:14:d3:c3:dd:d9: 69:39:76:26:44:3c:4d:7e:48:32:11:67:cf:3a:30: 3b:49:fc:f9:47:02:c4:a2:68:a5:36:7b:8a:95:48: fc:4f:dd:8e:31:10:20:9f:85:6b:8c:39:53:da:34: 54:bd:03:ab:d0:7a:94:7a:5f:0a:34:d9:37:a2:20: 67:12:ec:a2:ad:61:42:b0:fa:fa:43:c0:c2:04:5f: ee:99:d6:76:ab:7a:a9:00:23:94:0e:08:a1:3f:33: 53:99:9a:22:47:13:30:b0:48:30:b4:fc:22:fe:5a: a4:cd:92:d9:bc:d5:04:53:84:5f:a4:11:2d:9a:5e: 59:e6:d3:45:cf:6b:e9:0d:22:d7:49:2a:17:fe:23: ca:9a:f7:00:22:fe:34:ed:d6:e4:ac:16:cb:9c:d1: 55:f0:76:db:d9:6f:7e:be:63:95:0f:4a:26:f0:b7: 42:42:fc:76:5d:6c:95:33:1a:a2:63:23:ba:67:85: b0:07:e6:c2:d6:81:54:10:b2:c0:92:c4:a4:27:85: 32:36:ca:03:70:64:d3:10:15:6b:2e:cc:6b:10:8b: ba:29:29:57:a1:a3:0d:61:49:b1:a1:01:c0:65:c3: 24:d2:6a:bc:34:d0:61:00:15:3c:0b:08:75:3a:0a: b0:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:43:AF:03:FF:31:51:12:77:E8:F1:75:88:75:CD:5B:66:40:B8:25 X509v3 Authority Key Identifier: keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:b3:88:f0:13:87:a4:d8:84:d2:3e:8f:d2:36:13:46:23:33: c1:02:c0:23:ef:a4:57:72:81:2d:10:84:c0:0b:1f:70:d9:b3: e2:7e:4b:86:f7:96:be:91:25:e1:89:fe:e4:ca:4d:79:de:85: 76:37:59:33:d5:0c:5f:b7:20:6e:9b:66:55:71:44:38:c3:39: c7:5e:7d:66:26:d3:66:89:4a:3b:6f:2c:0b:c4:96:da:fb:69: 96:52:8e:c0:22:95:d9:e5:5e:98:84:d7:f1:35:5c:d0:83:2f: 78:ae:23:84:e3:eb:12:7f:35:14:a3:1c:41:eb:41:74:24:ac: af:9e:aa:09:e2:8c:6e:ca:51:c7:2c:43:4f:59:0c:d7:da:2c: 68:a9:32:6a:09:42:e9:66:5e:b5:92:21:0a:ff:c6:4f:99:34: 39:aa:5d:71:84:ec:c6:15:fa:e6:71:6c:40:86:bf:c7:09:4f: 40:2d:35:46:df:45:f7:03:60:8f:dc:1e:66:da:d8:68:c3:01: 3b:f6:d1:e1:3d:50:c7:84:0e:c6:41:b6:1a:7d:37:04:9f:0f: a9:d1:fc:92:e7:04:ae:20:0b:1f:ba:35:b2:96:28:d9:06:23: a2:51:cb:d7:aa:89:90:79:c4:52:0b:b8:cc:f6:ed:75:8a:9e: 7b:59:a0:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oDm2/KG+GYPWj1xjC5lFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw MzA5NGQwHhcNMjUxMjE5MDgwMDUxWhcNMjUxMjIwMDgwMDUxWjAzMTEwLwYDVQQD Eyg4MzQzYWYwM2ZmMzE1MTEyNzdlOGYxNzU4ODc1Y2Q1YjY2NDBiODI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFkA6pycA4xuFNPD3dlpOXYmRDxN fkgyEWfPOjA7Sfz5RwLEomilNnuKlUj8T92OMRAgn4VrjDlT2jRUvQOr0HqUel8K NNk3oiBnEuyirWFCsPr6Q8DCBF/umdZ2q3qpACOUDgihPzNTmZoiRxMwsEgwtPwi /lqkzZLZvNUEU4RfpBEtml5Z5tNFz2vpDSLXSSoX/iPKmvcAIv407dbkrBbLnNFV 8Hbb2W9+vmOVD0om8LdCQvx2XWyVMxqiYyO6Z4WwB+bC1oFUELLAksSkJ4UyNsoD cGTTEBVrLsxrEIu6KSlXoaMNYUmxoQHAZcMk0mq8NNBhABU8Cwh1OgqwKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFINDrwP/MVESd+jxdYh1zVtmQLglMB8GA1UdIwQY MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2 LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMrOI8BOH pNiE0j6P0jYTRiMzwQLAI++kV3KBLRCEwAsfcNmz4n5LhveWvpEl4Yn+5MpNed6F djdZM9UMX7cgbptmVXFEOMM5x159ZibTZolKO28sC8SW2vtpllKOwCKV2eVemITX 8TVc0IMveK4jhOPrEn81FKMcQetBdCSsr56qCeKMbspRxyxDT1kM19osaKkyaglC 6WZetZIhCv/GT5k0OapdcYTsxhX65nFsQIa/xwlPQC01Rt9F9wNgj9weZtrYaMMB O/bR4T1Qx4QOxkG2Gn03BJ8PqdH8kucEriALH7o1spYo2QYjolHL16qJkHnEUgu4 zPbtdYqee1mgTw== -----END CERTIFICATE-----Generated at Fri Dec 19 10:37:31 2025 by rpki-client