This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft File: XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json) Hash identifier: LpAlNmBEjnoe3V1raNLTdNosPojW9vbFc7EUrOYP+7M= Subject key identifier: 06:E7:35:64:20:05:A1:85:3A:92:C5:6B:CD:F0:54:CB:6F:FF:0C:2F Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E Certificate issuer: /CN=5dba263214a1170551980ee91719f8d88c626b5e Certificate serial: 019B5A5148033CAF533F2A961488708DB242 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft Manifest number: 1302 Signing time: Fri 26 Dec 2025 11:00:34 +0000 Manifest this update: Fri 26 Dec 2025 11:00:34 +0000 Manifest next update: Sat 27 Dec 2025 11:00:34 +0000 Files and hashes: 1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: r83/RmmNgu2RTdB0qlxeIP8FJr/i3s7qTssrEENkRrQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:48:03:3c:af:53:3f:2a:96:14:88:70:8d:b2:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e Validity Not Before: Dec 26 11:00:34 2025 GMT Not After : Dec 27 11:00:34 2025 GMT Subject: CN=06e735642005a1853a92c56bcdf054cb6fff0c2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:93:00:61:9a:a1:8e:0e:ff:21:3c:ab:7c:92: 8c:ba:61:4f:38:c1:59:1c:3c:28:35:b2:ad:ec:18: fd:4d:e0:53:34:24:48:f7:88:a7:4f:77:9f:31:cb: df:03:2b:7e:fe:ae:00:68:d8:1a:db:9f:4f:d5:61: 8e:a6:4b:f8:62:2b:c5:38:6f:0b:7d:83:f0:33:08: ce:aa:c9:e8:7b:07:f0:a7:26:89:57:11:cd:a9:09: 3b:7d:7c:90:bc:04:de:9e:1d:f0:5c:5c:08:6e:ca: 15:cc:da:d2:80:d9:11:50:a4:29:a9:ee:f5:2f:9e: 7d:86:7a:6f:16:4f:fc:07:33:bb:9f:ee:6f:ab:fe: fc:47:2b:58:39:a2:fc:b1:ab:06:f8:24:11:f7:11: 9a:d5:cc:70:d8:93:64:99:f5:ae:4a:bf:bc:b7:7e: dd:d6:b3:2f:38:15:cb:bc:44:6f:72:76:8c:0d:97: b5:38:32:2a:cb:61:c4:b2:f0:14:5d:70:af:16:87: fe:dc:6a:14:09:c9:66:1f:e8:e8:24:45:1a:46:5a: d4:3f:de:de:11:ff:9d:1d:ff:60:d4:68:86:f6:66: c1:91:cc:8d:19:c1:93:51:b2:b8:2e:89:5f:a8:79: be:31:31:ce:44:0d:63:33:d7:24:c6:d5:6b:c9:09: a1:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:E7:35:64:20:05:A1:85:3A:92:C5:6B:CD:F0:54:CB:6F:FF:0C:2F X509v3 Authority Key Identifier: keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:f1:78:36:5d:8e:3e:bf:a8:cc:a3:2c:cc:d2:6b:73:95:1a: 6f:3f:27:1a:14:13:9a:b7:a1:d3:4a:0d:67:b4:40:6c:76:8f: b0:d4:42:74:24:7b:0c:61:8d:17:26:64:1d:65:af:5a:cf:10: fd:04:a6:f4:14:43:ec:ff:fe:82:34:3e:9f:f0:36:7f:e5:ac: 5c:b8:84:d6:87:66:ae:c7:5d:15:32:a7:1c:5c:f7:ed:68:8c: 90:e1:e2:16:21:e6:d8:b9:c0:e8:1f:e3:57:90:d4:ac:30:a3: 04:7a:63:94:3b:af:17:d3:1d:94:6d:c7:d6:a7:69:e7:9e:c2: 53:b6:8a:e9:20:45:13:28:fb:43:a9:54:e4:06:33:db:99:14: 58:0b:2d:99:9f:ab:2c:6a:66:f1:49:43:b8:b2:fe:d9:75:83: e5:71:a4:fd:b9:8c:ec:0f:26:aa:5f:e0:fb:e7:6a:de:72:a4: 62:c5:30:37:82:80:cd:13:bd:ee:48:cc:40:55:7c:85:b7:72: 28:c3:be:e4:f6:24:2e:0c:ac:09:fb:6a:02:a2:5b:24:f3:02: 9c:42:94:0c:b6:da:18:54:fe:73:e1:c8:cc:3a:c7:2b:54:b1: 92:d5:6f:39:25:20:70:30:2f:84:b3:9f:e3:bc:b5:0e:f6:1a: 76:f3:33:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUUgDPK9TPyqWFIhwjbJCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2 MjZiNWUwHhcNMjUxMjI2MTEwMDM0WhcNMjUxMjI3MTEwMDM0WjAzMTEwLwYDVQQD EygwNmU3MzU2NDIwMDVhMTg1M2E5MmM1NmJjZGYwNTRjYjZmZmYwYzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZMAYZqhjg7/ITyrfJKMumFPOMFZ HDwoNbKt7Bj9TeBTNCRI94inT3efMcvfAyt+/q4AaNga259P1WGOpkv4YivFOG8L fYPwMwjOqsnoewfwpyaJVxHNqQk7fXyQvATenh3wXFwIbsoVzNrSgNkRUKQpqe71 L559hnpvFk/8BzO7n+5vq/78RytYOaL8sasG+CQR9xGa1cxw2JNkmfWuSr+8t37d 1rMvOBXLvERvcnaMDZe1ODIqy2HEsvAUXXCvFof+3GoUCclmH+joJEUaRlrUP97e Ef+dHf9g1GiG9mbBkcyNGcGTUbK4LolfqHm+MTHORA1jM9ckxtVryQmhiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAbnNWQgBaGFOpLFa83wVMtv/wwvMB8GA1UdIwQY MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/F4Nl2O Pr+ozKMszNJrc5Uabz8nGhQTmreh00oNZ7RAbHaPsNRCdCR7DGGNFyZkHWWvWs8Q /QSm9BRD7P/+gjQ+n/A2f+WsXLiE1odmrsddFTKnHFz37WiMkOHiFiHm2LnA6B/j V5DUrDCjBHpjlDuvF9MdlG3H1qdp557CU7aK6SBFEyj7Q6lU5AYz25kUWAstmZ+r LGpm8UlDuLL+2XWD5XGk/bmM7A8mql/g++dq3nKkYsUwN4KAzRO97kjMQFV8hbdy KMO+5PYkLgysCftqAqJbJPMCnEKUDLbaGFT+c+HIzDrHK1SxktVvOSUgcDAvhLOf 47y1DvYadvMzAQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:22 2025 by rpki-client