This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json) Hash identifier: usJZi713580D9zE3trdSYPGmD27deov7Eugvo4FUx1U= Subject key identifier: 68:52:7A:12:82:AB:78:43:4F:00:DF:55:33:DE:2D:4B:AB:65:AD:C0 Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Certificate serial: 019B2098E818CBE8993A06C939FEC7DB3028 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft Manifest number: 1174 Signing time: Mon 15 Dec 2025 06:00:50 +0000 Manifest this update: Mon 15 Dec 2025 06:00:50 +0000 Manifest next update: Tue 16 Dec 2025 06:00:50 +0000 Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: 9/EUzkIl+RUJsOPwqagxJsY2f9PpQ4tiw5KmXxwQ1iA=) 2: yQMt2r0-C951BN6h68fRFJDbCC8.roa (hash: tYqh+1wBm4KwmsyhvHbFDKO/UGyJb2eTnTj9n8iYekw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 06:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:98:e8:18:cb:e8:99:3a:06:c9:39:fe:c7:db:30:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Validity Not Before: Dec 15 06:00:50 2025 GMT Not After : Dec 16 06:00:50 2025 GMT Subject: CN=68527a1282ab78434f00df5533de2d4bab65adc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:77:f2:a3:5f:ba:72:c1:78:ff:d8:b4:79:d7: a0:fc:9d:ec:91:f9:4a:f6:eb:81:c3:22:41:0e:07: dc:b1:2c:f1:1e:b0:9a:88:ef:df:45:f0:e9:ff:52: 3b:17:b2:b7:c8:66:6f:af:15:79:e4:94:a0:e4:20: d0:c3:0e:f7:78:1a:f8:d1:36:b2:31:a7:71:28:b2: ab:79:53:17:62:d6:94:07:40:30:cd:de:a0:74:33: d2:26:ac:af:12:1b:1c:f8:24:0d:14:01:2f:ab:6f: bc:2c:29:fd:ee:bd:c2:71:c3:f2:ba:33:b7:0d:19: 5b:96:7f:0e:28:ed:2e:da:d1:00:e7:7c:d6:04:c2: 7f:cd:53:33:a1:f7:af:68:88:37:6d:66:cb:7c:cb: 47:1c:a1:c5:74:78:1d:00:e4:44:2f:8b:f5:14:43: 9a:23:9d:fe:9d:5f:6a:ac:2e:d4:dd:f3:c3:5f:3c: 9b:26:ad:dc:a8:87:4a:7a:82:76:2a:14:6c:72:8d: d9:6d:f7:d0:f0:50:02:eb:54:62:ef:63:12:ac:ce: 6f:aa:57:c8:21:72:7b:46:c0:85:b5:26:90:6b:77: d2:50:02:54:7c:e5:09:d9:fc:90:74:bd:a4:55:65: f3:e9:c6:9d:d2:a1:3c:28:89:5f:bd:5b:af:04:f0: 2f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:52:7A:12:82:AB:78:43:4F:00:DF:55:33:DE:2D:4B:AB:65:AD:C0 X509v3 Authority Key Identifier: keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:72:d1:63:c4:d3:2b:9f:70:d5:f1:ca:80:33:76:5e:7d:b6: 42:bd:3e:a1:b4:f4:66:23:6f:8d:f1:40:7e:33:ed:31:a8:72: d6:04:10:57:4a:a9:4d:f6:18:a0:d0:c4:70:3c:82:64:43:39: a5:9e:cd:99:4e:76:71:60:f3:3f:ad:a6:c8:9e:41:6e:15:21: a0:2c:03:db:cb:4d:ba:89:91:86:10:bb:47:ac:6d:36:18:76: 93:e6:44:6b:64:e6:9c:7b:59:bf:85:8e:27:8e:e7:69:70:9b: 5d:d6:f4:08:bd:7a:4a:ad:ad:88:c9:c5:c9:5e:34:b2:4d:57: 8a:ee:d9:be:ed:8a:67:0d:c4:a6:69:ea:7b:01:25:40:ed:85: 4d:9b:8f:95:14:cc:78:c5:a5:49:1c:d3:40:01:2c:98:d4:ab: 44:2a:4c:91:4c:5f:e1:72:68:91:bd:57:66:7c:ec:ee:bc:f2: d6:10:24:24:f9:76:a8:b0:81:3c:5e:36:f0:40:12:f8:31:b4: 0c:52:74:40:c2:17:5f:4c:bc:41:a4:d1:10:cf:83:f6:1b:89: 79:91:6a:52:ab:9d:5a:63:c9:7e:4e:c9:2f:19:f1:3d:a7:67: d8:98:b7:77:45:a4:43:6c:a1:8f:00:4e:7a:62:90:b3:1e:98: 96:de:91:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgmOgYy+iZOgbJOf7H2zAoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw ZDNkYWIwHhcNMjUxMjE1MDYwMDUwWhcNMjUxMjE2MDYwMDUwWjAzMTEwLwYDVQQD Eyg2ODUyN2ExMjgyYWI3ODQzNGYwMGRmNTUzM2RlMmQ0YmFiNjVhZGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3fyo1+6csF4/9i0edeg/J3skflK 9uuBwyJBDgfcsSzxHrCaiO/fRfDp/1I7F7K3yGZvrxV55JSg5CDQww73eBr40Tay MadxKLKreVMXYtaUB0Awzd6gdDPSJqyvEhsc+CQNFAEvq2+8LCn97r3CccPyujO3 DRlbln8OKO0u2tEA53zWBMJ/zVMzofevaIg3bWbLfMtHHKHFdHgdAOREL4v1FEOa I53+nV9qrC7U3fPDXzybJq3cqIdKeoJ2KhRsco3ZbffQ8FAC61Ri72MSrM5vqlfI IXJ7RsCFtSaQa3fSUAJUfOUJ2fyQdL2kVWXz6cad0qE8KIlfvVuvBPAvdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGhSehKCq3hDTwDfVTPeLUurZa3AMB8GA1UdIwQY MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4 LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAinLRY8TT K59w1fHKgDN2Xn22Qr0+obT0ZiNvjfFAfjPtMahy1gQQV0qpTfYYoNDEcDyCZEM5 pZ7NmU52cWDzP62myJ5BbhUhoCwD28tNuomRhhC7R6xtNhh2k+ZEa2TmnHtZv4WO J47naXCbXdb0CL16Sq2tiMnFyV40sk1Xiu7Zvu2KZw3EpmnqewElQO2FTZuPlRTM eMWlSRzTQAEsmNSrRCpMkUxf4XJokb1XZnzs7rzy1hAkJPl2qLCBPF428EAS+DG0 DFJ0QMIXX0y8QaTREM+D9huJeZFqUqudWmPJfk7JLxnxPadn2Ji3d0WkQ2yhjwBO emKQsx6Ylt6RSQ== -----END CERTIFICATE-----Generated at Mon Dec 15 12:01:42 2025 by rpki-client