This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.mft File: XYJmcuaPPaXbUO2ButuNM73M0ro.mft (raw, json) Hash identifier: +xK6ZuTF5Lx3+oXlbvexfWFuxiT2b89Uezc085e25m8= Subject key identifier: 98:F6:7B:1B:44:79:2C:C0:58:F4:2F:F6:04:61:0E:03:31:63:9D:09 Authority key identifier: 5D:82:66:72:E6:8F:3D:A5:DB:50:ED:81:BA:DB:8D:33:BD:CC:D2:BA Certificate issuer: /CN=5d826672e68f3da5db50ed81badb8d33bdccd2ba Certificate serial: 019B13148164B8A0AAAE4D62AB7D1B964904 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.mft Manifest number: 13AE Signing time: Fri 12 Dec 2025 15:01:09 +0000 Manifest this update: Fri 12 Dec 2025 15:01:09 +0000 Manifest next update: Sat 13 Dec 2025 15:01:09 +0000 Files and hashes: 1: XYJmcuaPPaXbUO2ButuNM73M0ro.crl (hash: EQ/hjYlobAaUwlIPhNrq8GDaQWfY05Gi8dTRexQgUh0=) 2: uOaT4j9EVJiz8EIOTgjvWTshz84.roa (hash: 6VQK7lQU8B+WO6nBknTZwm7r/sjint5WViRnRUFwHxU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.crl rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.mft rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:13:14:81:64:b8:a0:aa:ae:4d:62:ab:7d:1b:96:49:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d826672e68f3da5db50ed81badb8d33bdccd2ba Validity Not Before: Dec 12 15:01:09 2025 GMT Not After : Dec 13 15:01:09 2025 GMT Subject: CN=98f67b1b44792cc058f42ff604610e0331639d09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:0d:0c:9e:3e:fa:0b:f0:9f:aa:3f:eb:33:d6: 87:bc:89:c7:4a:fc:08:fb:67:21:cf:e7:d7:19:3c: e7:ff:a6:b7:b4:07:44:7d:36:a9:a4:32:7e:15:ed: e3:91:c6:89:cb:78:ca:37:69:01:b1:4f:2b:7f:53: 98:36:3a:93:13:dd:9a:2b:ef:ef:6c:97:1f:bd:de: 72:2d:1d:1f:16:6c:aa:e8:f9:bd:5b:67:55:83:45: 12:5f:39:40:bc:aa:22:01:75:08:55:f3:61:16:f2: d4:70:68:0d:10:ea:d0:0d:0e:30:4c:27:69:09:c2: a0:0a:f3:a5:67:47:62:cc:f2:e8:11:81:6e:31:df: 5e:60:3f:b2:60:89:9e:68:5f:63:aa:cb:7b:17:d2: 43:2e:ca:f3:23:ed:f2:c2:ee:93:46:9d:d8:25:ab: 70:8c:55:45:a0:63:92:3a:c1:dc:2d:67:f4:e2:3a: a5:e2:0f:b3:57:fb:c3:d5:8e:29:3a:42:f1:99:33: 06:a3:de:06:7b:8e:b8:9f:82:9c:e0:60:4e:45:4e: f9:43:ad:22:27:65:ae:17:a1:63:f9:ad:a3:58:92: 68:ba:20:28:1e:e1:35:a0:45:b7:e5:b7:a6:66:1a: 65:39:1a:91:ed:d5:e2:db:3d:f1:78:f6:dd:b7:80: 84:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:F6:7B:1B:44:79:2C:C0:58:F4:2F:F6:04:61:0E:03:31:63:9D:09 X509v3 Authority Key Identifier: keyid:5D:82:66:72:E6:8F:3D:A5:DB:50:ED:81:BA:DB:8D:33:BD:CC:D2:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:7e:a5:f6:94:2d:39:54:81:13:44:23:69:fb:b6:08:14:61: 57:d9:0a:ec:c8:65:86:d4:f5:af:cf:3c:fe:a9:61:4e:68:82: 71:73:07:d7:f6:81:da:82:6c:30:83:ce:3b:d3:54:a1:8e:dd: 34:ba:c0:b8:fc:df:91:95:c9:8b:e2:10:7e:96:02:26:9a:f6: 0d:e9:3a:61:b7:53:f7:fa:ca:5e:a7:b7:fa:33:e9:aa:dc:08: e1:93:d0:20:dd:6c:b3:c2:98:09:62:71:f6:ae:d5:5f:bd:8e: 5e:46:2f:0a:32:08:80:ee:8d:e8:42:5f:00:2e:9e:84:e4:1d: 28:84:51:39:37:62:0d:12:91:c5:0d:6d:f1:1d:ae:ed:50:a1: 7a:21:6e:24:7f:5c:31:a6:4e:06:db:62:70:34:81:87:2b:ed: 22:40:2e:78:f2:bd:04:64:17:1e:a1:e8:c2:1b:1b:51:92:8f: 96:81:e5:76:77:97:17:b8:4a:70:8e:0b:29:58:df:b3:a8:e0: 39:1e:e2:f7:3f:7d:d5:cd:02:68:6c:ab:09:b8:3e:7e:cb:40: d9:13:f8:73:a5:ef:80:67:53:31:ed:0e:4b:14:3f:46:1c:f5: 1b:8d:fb:6d:33:65:51:7b:e7:db:2b:41:dd:85:4c:b3:e9:de: 93:bf:6a:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsTFIFkuKCqrk1iq30blkkEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODI2NjcyZTY4ZjNkYTVkYjUwZWQ4MWJhZGI4ZDMzYmRj Y2QyYmEwHhcNMjUxMjEyMTUwMTA5WhcNMjUxMjEzMTUwMTA5WjAzMTEwLwYDVQQD Eyg5OGY2N2IxYjQ0NzkyY2MwNThmNDJmZjYwNDYxMGUwMzMxNjM5ZDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1A0Mnj76C/Cfqj/rM9aHvInHSvwI +2chz+fXGTzn/6a3tAdEfTappDJ+Fe3jkcaJy3jKN2kBsU8rf1OYNjqTE92aK+/v bJcfvd5yLR0fFmyq6Pm9W2dVg0USXzlAvKoiAXUIVfNhFvLUcGgNEOrQDQ4wTCdp CcKgCvOlZ0dizPLoEYFuMd9eYD+yYImeaF9jqst7F9JDLsrzI+3ywu6TRp3YJatw jFVFoGOSOsHcLWf04jql4g+zV/vD1Y4pOkLxmTMGo94Ge464n4Kc4GBORU75Q60i J2WuF6Fj+a2jWJJouiAoHuE1oEW35bemZhplORqR7dXi2z3xePbdt4CEhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJj2extEeSzAWPQv9gRhDgMxY50JMB8GA1UdIwQY MBaAFF2CZnLmjz2l21DtgbrbjTO9zNK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlKbWN1YVBQYVhiVU8yQnV0dU5NNzNNMHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNzlkMTMtOWVhMi00ZWVkLThkZDIt Y2VkYWI0NjNlZTViLzEvWFlKbWN1YVBQYVhiVU8yQnV0dU5NNzNNMHJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9jNzlkMTMtOWVhMi00ZWVkLThkZDItY2VkYWI0NjNlZTVi LzEvWFlKbWN1YVBQYVhiVU8yQnV0dU5NNzNNMHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgn6l9pQt OVSBE0Qjafu2CBRhV9kK7MhlhtT1r888/qlhTmiCcXMH1/aB2oJsMIPOO9NUoY7d NLrAuPzfkZXJi+IQfpYCJpr2Dek6YbdT9/rKXqe3+jPpqtwI4ZPQIN1ss8KYCWJx 9q7VX72OXkYvCjIIgO6N6EJfAC6ehOQdKIRROTdiDRKRxQ1t8R2u7VCheiFuJH9c MaZOBtticDSBhyvtIkAuePK9BGQXHqHowhsbUZKPloHldneXF7hKcI4LKVjfs6jg OR7i9z991c0CaGyrCbg+fstA2RP4c6XvgGdTMe0OSxQ/Rhz1G437bTNlUXvn2ytB 3YVMs+nek79qLA== -----END CERTIFICATE-----Generated at Fri Dec 12 19:52:11 2025 by rpki-client