This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft File: XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json) Hash identifier: n3PFddaadpm47Zd5cfYyPSo41sxkfacYxstNhkbwoX4= Subject key identifier: 1B:41:23:1F:67:B3:FC:72:07:0A:1D:B6:47:10:86:24:60:13:3A:77 Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95 Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95 Certificate serial: 019B40FFB83BE12B034225782EBD2D15616F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft Manifest number: 178D Signing time: Sun 21 Dec 2025 13:00:59 +0000 Manifest this update: Sun 21 Dec 2025 13:00:59 +0000 Manifest next update: Mon 22 Dec 2025 13:00:59 +0000 Files and hashes: 1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: 70+fTaC5WYaHR31U7JE9lfNRHOXUP0e1U4wpO/WWT1I=) 2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:ff:b8:3b:e1:2b:03:42:25:78:2e:bd:2d:15:61:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5de613682552010298f3a694a00d7c5906060b95 Validity Not Before: Dec 21 13:00:59 2025 GMT Not After : Dec 22 13:00:59 2025 GMT Subject: CN=1b41231f67b3fc72070a1db64710862460133a77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:e0:f7:77:b6:19:3f:b6:00:21:de:ad:9a:8f: 10:3d:7a:5d:92:f8:e9:f3:06:dc:8e:9e:a1:10:4c: b8:fb:d1:68:99:06:80:93:81:93:70:2c:83:cd:7a: 23:ec:75:d9:b2:a3:88:e9:89:78:8d:b1:59:5d:d8: 5e:5d:da:d7:e6:44:4a:63:a0:fa:91:76:2a:7e:e7: 16:98:14:05:6f:99:ce:d7:2f:01:b4:3a:01:98:74: 0b:1e:de:c7:50:51:48:79:f4:9e:d9:84:80:9d:66: 8e:94:a0:09:73:75:39:9d:aa:36:7e:9f:2e:4a:93: a0:c0:43:f5:1d:13:73:28:2d:10:d3:d7:b1:9e:b6: 13:a1:c5:74:77:34:9f:67:bf:d1:4c:da:0a:49:5e: 88:6f:b9:05:17:dd:6f:b9:ba:f2:75:ec:49:9e:1c: 94:31:6d:a0:65:9d:2a:50:13:80:9c:d0:68:2f:5d: ec:3e:c0:69:5c:46:09:96:81:92:c2:99:cd:cd:fd: 9d:00:91:a9:42:7e:2a:f2:d3:13:ca:9e:ad:5c:fa: f0:66:3d:84:a1:d1:10:e7:bb:32:8f:d4:9b:3d:69: cb:63:c9:3b:d2:ff:19:10:10:6d:ef:40:58:c8:bb: df:1b:ea:0b:5a:08:eb:fb:2d:17:22:f6:b1:18:8f: db:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:41:23:1F:67:B3:FC:72:07:0A:1D:B6:47:10:86:24:60:13:3A:77 X509v3 Authority Key Identifier: keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:ce:ed:a9:60:2b:8c:75:fa:d2:a6:25:5a:8b:c4:90:c7:e0: e7:ba:92:ec:0f:b4:08:5f:83:27:f9:31:88:1f:3f:90:70:67: a5:76:a0:ab:aa:05:38:ac:d0:f8:32:d3:ab:3e:dd:48:69:f2: 8c:7c:6d:bd:ea:fc:34:ce:0c:0a:17:b2:54:6d:a9:42:be:52: 1b:eb:b9:9d:ce:a5:4a:42:e5:b6:9e:88:89:7d:e0:ab:ca:30: cd:ba:13:bf:80:8b:4c:e7:89:68:5e:62:18:02:02:8e:50:0b: 75:47:0b:21:3d:71:05:0b:d8:76:44:e1:ea:f0:81:00:22:03: 0b:35:ee:c1:f9:c7:93:4c:27:25:42:24:bf:4d:2b:ca:bf:22: e7:54:db:e4:8a:72:bb:9e:51:0a:7d:b8:15:7f:af:60:e8:3e: f3:4e:58:2b:04:58:14:11:1f:d0:1c:47:fe:bc:7c:d8:22:a2: b0:42:e8:91:60:29:51:81:fc:39:cb:56:1e:f2:55:8f:30:34: 1e:29:e3:24:32:8a:6c:c7:0e:7c:a8:39:e5:99:7f:e8:a9:7f: 54:29:2a:c2:b9:ef:a2:5f:05:5a:99:23:30:87:2e:e0:50:6e: f0:ad:27:b2:5b:88:1c:e0:04:d2:c7:77:85:37:9e:d8:3f:22: 9c:8b:4e:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtA/7g74SsDQiV4Lr0tFWFvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw NjBiOTUwHhcNMjUxMjIxMTMwMDU5WhcNMjUxMjIyMTMwMDU5WjAzMTEwLwYDVQQD EygxYjQxMjMxZjY3YjNmYzcyMDcwYTFkYjY0NzEwODYyNDYwMTMzYTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eD3d7YZP7YAId6tmo8QPXpdkvjp 8wbcjp6hEEy4+9FomQaAk4GTcCyDzXoj7HXZsqOI6Yl4jbFZXdheXdrX5kRKY6D6 kXYqfucWmBQFb5nO1y8BtDoBmHQLHt7HUFFIefSe2YSAnWaOlKAJc3U5nao2fp8u SpOgwEP1HRNzKC0Q09exnrYTocV0dzSfZ7/RTNoKSV6Ib7kFF91vubrydexJnhyU MW2gZZ0qUBOAnNBoL13sPsBpXEYJloGSwpnNzf2dAJGpQn4q8tMTyp6tXPrwZj2E odEQ57syj9SbPWnLY8k70v8ZEBBt70BYyLvfG+oLWgjr+y0XIvaxGI/bhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBtBIx9ns/xyBwodtkcQhiRgEzp3MB8GA1UdIwQY MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3 LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArc7tqWAr jHX60qYlWovEkMfg57qS7A+0CF+DJ/kxiB8/kHBnpXagq6oFOKzQ+DLTqz7dSGny jHxtver8NM4MCheyVG2pQr5SG+u5nc6lSkLltp6IiX3gq8owzboTv4CLTOeJaF5i GAICjlALdUcLIT1xBQvYdkTh6vCBACIDCzXuwfnHk0wnJUIkv00ryr8i51Tb5Ipy u55RCn24FX+vYOg+805YKwRYFBEf0BxH/rx82CKisELokWApUYH8OctWHvJVjzA0 HinjJDKKbMcOfKg55Zl/6Kl/VCkqwrnvol8FWpkjMIcu4FBu8K0nsluIHOAE0sd3 hTee2D8inItOMA== -----END CERTIFICATE-----Generated at Sun Dec 21 18:07:35 2025 by rpki-client