This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.mft File: XZxbcz-6cemMB-E7A6fFWrhMyO0.mft (raw, json) Hash identifier: j6S4FUU0DchW8N+Eatu8XSVdx69KDzVKNb+xbvt3xV0= Subject key identifier: B4:70:80:FD:37:0D:D1:20:26:C4:14:8F:E5:D3:C2:06:D1:9F:7F:BF Authority key identifier: 5D:9C:5B:73:3F:BA:71:E9:8C:07:E1:3B:03:A7:C5:5A:B8:4C:C8:ED Certificate issuer: /CN=5d9c5b733fba71e98c07e13b03a7c55ab84cc8ed Certificate serial: 019B104A7EFB6A63C32C598CB46D4EEBD425 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XZxbcz-6cemMB-E7A6fFWrhMyO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.mft Manifest number: 1773 Signing time: Fri 12 Dec 2025 02:01:16 +0000 Manifest this update: Fri 12 Dec 2025 02:01:16 +0000 Manifest next update: Sat 13 Dec 2025 02:01:16 +0000 Files and hashes: 1: XZxbcz-6cemMB-E7A6fFWrhMyO0.crl (hash: 84+TpPEH0sD9+5h5HTJXb4Nd9Zk4RfJTt8DfE+1CfHQ=) 2: tjHH92n144_2kyCpRlp025zS_60.roa (hash: ok5CTqSNJzdSSlXk4Sa58sv7A+s3smyB2E8BTCCRwo4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.crl rsync://rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.mft rsync://rpki.ripe.net/repository/DEFAULT/XZxbcz-6cemMB-E7A6fFWrhMyO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:4a:7e:fb:6a:63:c3:2c:59:8c:b4:6d:4e:eb:d4:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d9c5b733fba71e98c07e13b03a7c55ab84cc8ed Validity Not Before: Dec 12 02:01:16 2025 GMT Not After : Dec 13 02:01:16 2025 GMT Subject: CN=b47080fd370dd12026c4148fe5d3c206d19f7fbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e0:eb:99:8f:3d:30:23:b4:f4:56:1c:71:a7: 90:1c:37:8d:ff:02:0c:f0:9f:ba:67:51:0d:98:fb: 7a:63:d6:d7:ef:da:66:43:6c:38:1f:1f:e4:66:c4: 44:b3:91:8e:dc:05:9f:76:4a:42:70:a1:d8:e3:3c: c2:45:d3:8c:f8:30:39:72:29:fb:80:90:ea:da:ed: 02:23:93:62:e7:92:a0:7a:5a:9f:dc:88:1a:03:05: 0a:6c:a1:0f:66:c5:09:2c:49:ee:6e:63:6b:e4:62: db:ad:47:b3:f4:51:35:29:f8:2f:67:9f:42:a1:9e: 9c:53:51:d7:3c:ac:8a:f2:77:72:00:04:58:c0:16: 15:3f:ce:82:11:3e:12:99:77:9f:92:f6:83:b8:f3: ca:8d:5f:13:a7:97:0b:38:14:fe:af:89:79:21:90: 2c:09:19:d7:6b:9b:c6:e4:fe:37:4a:d4:dd:e4:ff: e1:06:b5:48:b0:45:7c:85:d6:47:29:6d:9c:e6:d8: bd:0c:b9:bb:77:19:30:67:bc:18:27:49:8d:a3:04: 97:12:d8:36:5f:0c:28:bc:88:84:43:f6:b0:1c:9c: fb:c2:76:b5:e8:d0:bf:8b:6d:b6:3c:6e:a7:b7:ce: aa:88:5d:81:c7:dc:e0:c9:5e:82:ac:59:1a:37:29: 1c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:70:80:FD:37:0D:D1:20:26:C4:14:8F:E5:D3:C2:06:D1:9F:7F:BF X509v3 Authority Key Identifier: keyid:5D:9C:5B:73:3F:BA:71:E9:8C:07:E1:3B:03:A7:C5:5A:B8:4C:C8:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZxbcz-6cemMB-E7A6fFWrhMyO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a2d4cb-923a-4e04-8d85-ad9d5db0f099/1/XZxbcz-6cemMB-E7A6fFWrhMyO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:48:65:93:4b:38:f2:a5:c0:c9:00:68:ff:2f:f5:8d:8d:a2: cb:43:c4:ec:31:bf:79:7f:d7:06:6f:dd:6c:95:ab:ae:1e:54: 0b:0a:ac:28:56:d8:67:d8:8f:cc:ae:72:e4:05:8b:c2:e4:2a: 3a:c6:d0:e9:0f:91:75:f4:c3:18:a0:ae:02:dc:16:3b:ac:47: 54:e9:b5:0b:c3:a1:9b:df:97:1d:9d:67:8b:85:82:4f:60:55: 44:7d:42:a1:5c:68:2d:2f:b0:5d:8f:00:b7:fa:f1:1a:3d:c2: db:98:d2:92:ce:8f:d6:0e:2f:2c:4e:e6:49:d4:b4:40:4b:6c: d0:4e:8c:8a:65:3a:41:dc:a0:ea:24:1f:bf:56:da:fa:dc:66: f6:d8:cc:da:9a:aa:ff:6b:e1:3e:b8:25:98:11:a7:51:6e:98: 34:30:e5:58:e0:75:8b:09:c6:b9:c7:0b:94:2d:00:b0:a0:5a: 31:2e:45:96:fd:cd:35:60:59:4e:8f:b1:50:e5:88:76:ec:1e: 00:6d:fa:2c:72:96:68:34:98:e0:88:17:62:4b:2b:8f:21:47: d9:5d:e0:49:31:59:e1:c4:db:7f:a8:1a:5b:4b:0a:ab:a0:9b: 84:11:12:72:06:cc:ab:dd:25:de:cf:96:76:57:f1:75:8e:2e: 91:6d:33:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQSn77amPDLFmMtG1O69QlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkOWM1YjczM2ZiYTcxZTk4YzA3ZTEzYjAzYTdjNTVhYjg0 Y2M4ZWQwHhcNMjUxMjEyMDIwMTE2WhcNMjUxMjEzMDIwMTE2WjAzMTEwLwYDVQQD EyhiNDcwODBmZDM3MGRkMTIwMjZjNDE0OGZlNWQzYzIwNmQxOWY3ZmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuDrmY89MCO09FYccaeQHDeN/wIM 8J+6Z1ENmPt6Y9bX79pmQ2w4Hx/kZsREs5GO3AWfdkpCcKHY4zzCRdOM+DA5cin7 gJDq2u0CI5Ni55Kgelqf3IgaAwUKbKEPZsUJLEnubmNr5GLbrUez9FE1KfgvZ59C oZ6cU1HXPKyK8ndyAARYwBYVP86CET4SmXefkvaDuPPKjV8Tp5cLOBT+r4l5IZAs CRnXa5vG5P43StTd5P/hBrVIsEV8hdZHKW2c5ti9DLm7dxkwZ7wYJ0mNowSXEtg2 XwwovIiEQ/awHJz7wna16NC/i222PG6nt86qiF2Bx9zgyV6CrFkaNykccQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLRwgP03DdEgJsQUj+XTwgbRn3+/MB8GA1UdIwQY MBaAFF2cW3M/unHpjAfhOwOnxVq4TMjtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFp4YmN6LTZjZW1NQi1FN0E2ZkZXcmhNeU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMmQ0Y2ItOTIzYS00ZTA0LThkODUt YWQ5ZDVkYjBmMDk5LzEvWFp4YmN6LTZjZW1NQi1FN0E2ZkZXcmhNeU8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9hMmQ0Y2ItOTIzYS00ZTA0LThkODUtYWQ5ZDVkYjBmMDk5 LzEvWFp4YmN6LTZjZW1NQi1FN0E2ZkZXcmhNeU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi0hlk0s4 8qXAyQBo/y/1jY2iy0PE7DG/eX/XBm/dbJWrrh5UCwqsKFbYZ9iPzK5y5AWLwuQq OsbQ6Q+RdfTDGKCuAtwWO6xHVOm1C8Ohm9+XHZ1ni4WCT2BVRH1CoVxoLS+wXY8A t/rxGj3C25jSks6P1g4vLE7mSdS0QEts0E6MimU6Qdyg6iQfv1ba+txm9tjM2pqq /2vhPrglmBGnUW6YNDDlWOB1iwnGuccLlC0AsKBaMS5Flv3NNWBZTo+xUOWIduwe AG36LHKWaDSY4IgXYksrjyFH2V3gSTFZ4cTbf6gaW0sKq6CbhBEScgbMq90l3s+W dlfxdY4ukW0z8A== -----END CERTIFICATE-----Generated at Fri Dec 12 04:00:46 2025 by rpki-client