This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json) Hash identifier: 058u/WHh/2IGP9CLTkT62sHSwWj6MU4QKOrGsNNwGZc= Subject key identifier: F5:21:45:20:3D:3D:70:25:F2:BC:90:1E:74:E9:BD:E2:80:43:F6:CB Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Certificate serial: 019B1F18870F593014E2861D5127EB03F5AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft Manifest number: 170C Signing time: Sun 14 Dec 2025 23:00:59 +0000 Manifest this update: Sun 14 Dec 2025 23:00:59 +0000 Manifest next update: Mon 15 Dec 2025 23:00:59 +0000 Files and hashes: 1: Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa (hash: gPTOZ/QwaGNzYqcGskaYm0Q9CUgsB/kmTCxE6lNVoV8=) 2: GkWtiMh4Kekgq83feCXLfv_pub8.roa (hash: UboiG7GPy5Vm4OyfuuuEVh7hhcZoHsmQQgbXPLJ/4ug=) 3: ScP8kW7fVZKKIlJqtoPhrGG1uQo.roa (hash: kBK8cN2i6ByxK8RJnTQxES9FzgvOd8FoOcnJVY/e4Bc=) 4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: dycphh5943Xk56HIlHPaWduLLxNpiR+Oz5RzsEUAuK4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:18:87:0f:59:30:14:e2:86:1d:51:27:eb:03:f5:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Validity Not Before: Dec 14 23:00:59 2025 GMT Not After : Dec 15 23:00:59 2025 GMT Subject: CN=f52145203d3d7025f2bc901e74e9bde28043f6cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2f:0f:f7:64:53:81:cf:80:5e:9d:8e:77:5d: 1e:47:99:f0:92:8f:43:f3:d7:ef:2e:ff:44:ee:41: 14:5b:7d:87:8b:ea:2a:45:26:f6:a0:e5:95:4b:3d: f3:89:c8:d2:29:a7:f0:b1:e7:1d:03:12:31:f0:09: e8:71:e1:20:e3:0c:7a:ac:f2:79:13:41:53:81:e5: 44:b5:be:b4:f4:7c:6d:73:f7:a0:9e:5d:99:14:f5: e2:b7:0a:40:6b:a6:8b:80:ad:f2:76:85:73:15:37: 14:d1:15:0d:8d:15:53:14:50:43:46:13:f6:65:4e: 39:b0:6e:ab:c5:1a:77:3e:82:47:c3:ca:48:7e:d2: d9:3c:5c:05:55:06:40:5e:14:ea:d3:78:65:18:0d: fd:17:41:90:62:cb:7f:b3:cf:38:47:be:3f:74:a0: ac:2a:32:d6:23:e6:6d:44:78:ce:89:66:6c:ac:16: 86:84:76:0e:bd:46:e2:d1:b5:9e:a6:5d:4f:01:d4: 5f:83:4d:d8:00:b4:61:c8:39:42:73:5a:73:c1:ad: 0d:41:fc:63:b4:70:e0:8f:c3:18:89:49:6e:0e:7a: ce:85:e8:e9:85:0c:e4:97:46:3b:d1:3f:db:e3:fe: c2:e7:f7:eb:4b:1f:01:34:56:8b:c3:e1:30:1e:06: 38:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:21:45:20:3D:3D:70:25:F2:BC:90:1E:74:E9:BD:E2:80:43:F6:CB X509v3 Authority Key Identifier: keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:46:b0:16:0e:7d:a2:e3:d3:9b:1d:56:86:49:9a:a5:a7:9c: d7:8f:d9:32:19:b8:52:e1:e0:44:c3:dd:d3:34:5f:95:61:f8: 48:99:82:37:f5:60:ab:ba:bb:16:89:e7:16:f6:9c:15:cd:21: f4:91:23:46:43:27:6b:41:a2:e8:bb:11:8b:04:6c:ef:6d:da: 64:9c:a0:68:d8:3f:58:76:b0:dc:bf:72:97:32:e0:0f:b1:76: 54:1f:74:1e:15:dd:df:7b:4a:83:6c:c9:14:74:f6:a5:ed:c3: 94:e7:27:c7:74:13:78:9f:39:1e:9a:2e:ec:d6:9e:8b:66:9b: 8e:72:80:5a:4f:aa:37:a3:e5:69:65:96:df:37:39:fa:b9:1d: 18:82:16:74:56:71:b3:df:52:99:5c:dc:a3:3a:34:96:3f:a7: 84:b8:17:6a:85:a5:12:4c:fe:82:f8:80:0b:ad:4a:28:57:20: 12:55:61:24:3b:e4:7f:7f:40:82:41:8a:1e:68:5d:ec:a2:f7: 47:2e:31:f4:66:e3:ac:e5:cc:15:2a:d1:df:62:d0:f8:51:48: 52:bb:b4:08:92:23:aa:dc:20:5d:ec:f6:84:06:31:b9:1a:a5: 19:ff:20:f1:8c:ec:ff:2a:79:99:2f:08:05:94:b7:29:07:a6: b8:2c:15:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfGIcPWTAU4oYdUSfrA/WuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi N2ExMDEwHhcNMjUxMjE0MjMwMDU5WhcNMjUxMjE1MjMwMDU5WjAzMTEwLwYDVQQD EyhmNTIxNDUyMDNkM2Q3MDI1ZjJiYzkwMWU3NGU5YmRlMjgwNDNmNmNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi8P92RTgc+AXp2Od10eR5nwko9D 89fvLv9E7kEUW32Hi+oqRSb2oOWVSz3zicjSKafwsecdAxIx8AnoceEg4wx6rPJ5 E0FTgeVEtb609Hxtc/egnl2ZFPXitwpAa6aLgK3ydoVzFTcU0RUNjRVTFFBDRhP2 ZU45sG6rxRp3PoJHw8pIftLZPFwFVQZAXhTq03hlGA39F0GQYst/s884R74/dKCs KjLWI+ZtRHjOiWZsrBaGhHYOvUbi0bWepl1PAdRfg03YALRhyDlCc1pzwa0NQfxj tHDgj8MYiUluDnrOhejphQzkl0Y70T/b4/7C5/frSx8BNFaLw+EwHgY4wwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPUhRSA9PXAl8ryQHnTpveKAQ/bLMB8GA1UdIwQY MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUawFg59 ouPTmx1Whkmapaec14/ZMhm4UuHgRMPd0zRflWH4SJmCN/Vgq7q7FonnFvacFc0h 9JEjRkMna0Gi6LsRiwRs723aZJygaNg/WHaw3L9ylzLgD7F2VB90HhXd33tKg2zJ FHT2pe3DlOcnx3QTeJ85Hpou7Naei2abjnKAWk+qN6PlaWWW3zc5+rkdGIIWdFZx s99SmVzcozo0lj+nhLgXaoWlEkz+gviAC61KKFcgElVhJDvkf39AgkGKHmhd7KL3 Ry4x9GbjrOXMFSrR32LQ+FFIUru0CJIjqtwgXez2hAYxuRqlGf8g8Yzs/yp5mS8I BZS3KQemuCwV6g== -----END CERTIFICATE-----Generated at Mon Dec 15 04:54:01 2025 by rpki-client