This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json) Hash identifier: nnyneoBP3OruIM3BdvtM1Wc4yOTRLvA4gDHgieqGvLA= Subject key identifier: 20:05:F3:03:69:55:F0:ED:18:E6:39:8E:87:2E:2F:A6:6E:42:8C:72 Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4 Certificate serial: 019B5975ECA8B6B6A49A5484A128E527311D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft Manifest number: 12A6 Signing time: Fri 26 Dec 2025 07:00:59 +0000 Manifest this update: Fri 26 Dec 2025 07:00:59 +0000 Manifest next update: Sat 27 Dec 2025 07:00:59 +0000 Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=) 2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: LfOPnKlq7MbGJn0NVZeZeIfL7I+WejQEZx1pyApykNY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:ec:a8:b6:b6:a4:9a:54:84:a1:28:e5:27:31:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4 Validity Not Before: Dec 26 07:00:59 2025 GMT Not After : Dec 27 07:00:59 2025 GMT Subject: CN=2005f3036955f0ed18e6398e872e2fa66e428c72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:0e:08:7c:d3:1a:aa:eb:4b:b7:53:04:b9:0b: f7:31:a4:85:f7:33:b8:d1:b0:44:99:66:10:9b:fb: 30:e4:ff:bc:be:61:48:7d:e8:41:0b:b8:74:7a:01: 44:2b:c2:ef:ca:fe:a5:33:68:4d:28:09:f5:24:de: b6:32:85:b0:38:3e:88:5f:5c:94:bb:5e:55:24:d2: 25:af:d4:1e:dc:f6:4f:eb:ce:b4:f7:54:e9:76:a2: ec:1f:4d:b1:52:85:29:e9:3d:25:e7:c1:0a:72:42: 65:b5:20:11:77:0d:c1:88:5f:eb:b1:0a:1f:b5:55: b1:5b:9b:7f:13:0f:63:76:a8:84:72:77:ff:05:99: 1f:65:d8:94:43:ef:e3:db:e8:62:ac:35:18:6d:6d: 77:b9:91:8c:67:d2:87:96:ca:62:ab:fc:21:a3:8f: cb:89:0c:d7:3f:26:27:46:14:59:81:d0:fe:9d:09: 79:80:8a:30:4a:b4:92:51:fe:01:ad:0b:01:8a:ae: ec:95:18:99:50:c4:4b:1c:3e:30:80:5b:73:fe:ec: 2b:8f:8c:8f:e7:5f:f8:53:9f:c9:66:98:a0:29:d5: 3e:8f:cb:65:43:86:e5:4a:fb:ac:ef:d5:31:35:ee: 78:55:5a:a6:71:21:45:8b:91:d4:ac:4f:80:7f:c0: 50:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:05:F3:03:69:55:F0:ED:18:E6:39:8E:87:2E:2F:A6:6E:42:8C:72 X509v3 Authority Key Identifier: keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:78:d1:76:98:8e:af:6f:12:6c:6f:13:87:0e:c3:79:7e:31: dc:73:d3:d2:d9:9d:a3:f3:6f:c6:33:cb:52:1b:de:ab:a1:dd: 9d:3f:99:7d:85:57:0d:9d:7f:09:e6:1b:61:2c:99:27:99:ff: 8b:39:e1:91:26:f3:87:5e:3f:15:44:1b:2c:e0:30:85:58:a3: d5:85:09:95:07:be:ed:b8:2c:e1:6c:33:2d:05:69:3a:9d:72: 2b:6f:a3:41:f4:57:b6:81:67:24:d3:e0:02:34:43:b6:03:c9: 37:39:dd:7f:61:4c:40:fc:c6:81:74:55:b0:1e:ff:c9:6c:fc: 4c:27:40:67:a7:fb:ff:0e:63:42:7c:4b:6f:cf:cd:95:03:52: 96:b5:ed:f7:a9:88:3c:b6:fc:7d:59:02:bc:c5:54:53:09:1b: 75:5a:b8:31:ef:a1:d8:88:5e:b1:04:f3:67:2d:bd:56:08:65: 58:b1:17:1c:3c:cf:61:ff:8c:e3:f1:86:c6:b4:0c:00:d1:17: 06:76:a4:78:02:49:d8:8c:0c:24:8b:50:51:fd:82:76:cb:90: a4:76:05:c7:da:e4:3b:0f:3b:24:78:f7:32:67:46:b0:90:8d: 21:fc:3a:c7:e8:8e:64:76:f9:d6:41:ea:8c:4f:6d:5f:7b:90: cd:5b:f3:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdeyotrakmlSEoSjlJzEdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz ZTIwZTQwHhcNMjUxMjI2MDcwMDU5WhcNMjUxMjI3MDcwMDU5WjAzMTEwLwYDVQQD EygyMDA1ZjMwMzY5NTVmMGVkMThlNjM5OGU4NzJlMmZhNjZlNDI4YzcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw4IfNMaqutLt1MEuQv3MaSF9zO4 0bBEmWYQm/sw5P+8vmFIfehBC7h0egFEK8Lvyv6lM2hNKAn1JN62MoWwOD6IX1yU u15VJNIlr9Qe3PZP686091TpdqLsH02xUoUp6T0l58EKckJltSARdw3BiF/rsQof tVWxW5t/Ew9jdqiEcnf/BZkfZdiUQ+/j2+hirDUYbW13uZGMZ9KHlspiq/who4/L iQzXPyYnRhRZgdD+nQl5gIowSrSSUf4BrQsBiq7slRiZUMRLHD4wgFtz/uwrj4yP 51/4U5/JZpigKdU+j8tlQ4blSvus79UxNe54VVqmcSFFi5HUrE+Af8BQ5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCAF8wNpVfDtGOY5jocuL6ZuQoxyMB8GA1UdIwQY MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3jRdpiO r28SbG8Thw7DeX4x3HPT0tmdo/NvxjPLUhveq6HdnT+ZfYVXDZ1/CeYbYSyZJ5n/ iznhkSbzh14/FUQbLOAwhVij1YUJlQe+7bgs4WwzLQVpOp1yK2+jQfRXtoFnJNPg AjRDtgPJNzndf2FMQPzGgXRVsB7/yWz8TCdAZ6f7/w5jQnxLb8/NlQNSlrXt96mI PLb8fVkCvMVUUwkbdVq4Me+h2IhesQTzZy29VghlWLEXHDzPYf+M4/GGxrQMANEX BnakeAJJ2IwMJItQUf2CdsuQpHYFx9rkOw87JHj3MmdGsJCNIfw6x+iOZHb51kHq jE9tX3uQzVvzUQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:19 2025 by rpki-client