This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: +9Hlpy8EzrWmWstxdHHwrE9zpEM3AM0efDobcWjp0e4= Subject key identifier: CD:85:C4:FD:42:98:E8:61:91:9A:71:75:2F:E8:16:1C:9C:96:BC:E1 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B2175CDCBC7B849D51C64E4EFA6EACB1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 170D Signing time: Mon 15 Dec 2025 10:02:06 +0000 Manifest this update: Mon 15 Dec 2025 10:02:06 +0000 Manifest next update: Tue 16 Dec 2025 10:02:06 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: NvpOgAWDsK5fcp5ZnuCLXLzanBUcb/SXQSC77ubuY2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:cd:cb:c7:b8:49:d5:1c:64:e4:ef:a6:ea:cb:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 15 10:02:06 2025 GMT Not After : Dec 16 10:02:06 2025 GMT Subject: CN=cd85c4fd4298e861919a71752fe8161c9c96bce1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8f:4b:31:cb:88:bb:d6:eb:e1:e5:2e:07:32: 4c:30:91:38:10:f8:62:49:f5:7e:c7:0f:83:f5:04: cf:79:51:90:78:7f:ee:78:a3:cd:93:ef:4c:64:19: 46:19:7d:60:0c:c0:ea:56:22:bc:d3:68:fa:87:f4: da:ba:62:f0:01:a9:b5:ce:d5:cb:94:c2:80:a2:f9: 76:e6:93:b0:85:ce:64:3e:b2:19:a1:62:44:7c:b3: f8:29:1a:de:73:38:f7:06:90:30:4d:c9:72:b7:f9: 83:6a:21:be:d4:45:bb:c2:41:6d:7c:43:6d:26:b9: 8f:64:91:06:a6:0c:74:06:0c:64:34:78:6b:54:63: f0:97:5f:80:db:9b:78:c6:bc:02:35:d6:a0:a5:33: ca:2e:1a:09:3c:91:74:0f:bf:cd:28:ab:78:d4:7b: ab:ee:01:ad:ce:aa:38:cc:96:d9:10:76:7d:f7:62: ab:df:37:59:f6:41:51:13:5b:a5:0d:68:9d:ad:b9: b1:5e:fc:f7:25:69:77:ee:f9:fe:54:f7:65:23:29: 32:1e:2b:6a:24:57:88:24:98:89:f8:ac:12:de:51: 32:91:c5:07:22:d7:d3:d9:8d:13:91:1f:39:70:3b: e7:a5:04:c6:44:9f:b1:e0:14:a4:94:0b:25:ef:61: 85:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:85:C4:FD:42:98:E8:61:91:9A:71:75:2F:E8:16:1C:9C:96:BC:E1 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:35:78:36:e4:39:cf:d6:34:2c:01:27:bb:61:98:ef:fa:c2: 96:33:3b:31:2d:b5:83:dc:d1:9a:2c:04:41:f6:05:19:87:07: da:5a:6f:90:8b:5d:f1:dd:5b:18:1a:0e:c6:5d:d7:7d:40:2a: de:d9:96:19:0c:18:e5:71:75:2a:a7:a2:ae:ac:6f:a7:26:5d: 04:99:e7:fd:cf:b0:89:82:e1:b2:84:50:dd:99:4f:e5:3e:9d: c3:8b:e1:9a:2e:79:b6:90:16:0e:2f:bb:8f:42:a1:69:48:8a: 08:dd:c4:20:92:b4:a1:b8:6a:b6:c8:91:f4:07:15:a7:da:27: 00:b0:fd:da:01:68:b7:9e:f0:1f:ce:d4:fe:df:70:01:0b:3a: 24:f5:f3:b6:72:fc:9c:f1:f3:48:e0:d4:15:62:ea:c9:d8:63: 0f:1d:e8:2c:26:f8:00:53:6c:38:f5:d3:a1:27:fc:2f:fa:a9: 9d:02:f3:8d:23:15:11:48:65:82:d0:0c:45:d8:14:5e:b0:91: 08:52:8d:67:ba:10:81:cc:7b:7c:19:10:49:3c:f0:6e:6e:18: b8:22:9b:9e:a9:e3:9a:33:b2:f5:23:4e:00:77:b1:b7:dc:85: 32:2e:2d:da:6f:78:20:79:90:36:e0:b4:7a:11:de:29:90:3c: c7:9c:61:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdc3Lx7hJ1Rxk5O+m6sscMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjE1MTAwMjA2WhcNMjUxMjE2MTAwMjA2WjAzMTEwLwYDVQQD EyhjZDg1YzRmZDQyOThlODYxOTE5YTcxNzUyZmU4MTYxYzljOTZiY2UxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo9LMcuIu9br4eUuBzJMMJE4EPhi SfV+xw+D9QTPeVGQeH/ueKPNk+9MZBlGGX1gDMDqViK802j6h/TaumLwAam1ztXL lMKAovl25pOwhc5kPrIZoWJEfLP4KRreczj3BpAwTclyt/mDaiG+1EW7wkFtfENt JrmPZJEGpgx0BgxkNHhrVGPwl1+A25t4xrwCNdagpTPKLhoJPJF0D7/NKKt41Hur 7gGtzqo4zJbZEHZ992Kr3zdZ9kFRE1ulDWidrbmxXvz3JWl37vn+VPdlIykyHitq JFeIJJiJ+KwS3lEykcUHItfT2Y0TkR85cDvnpQTGRJ+x4BSklAsl72GFhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM2FxP1CmOhhkZpxdS/oFhyclrzhMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALzV4NuQ5 z9Y0LAEnu2GY7/rCljM7MS21g9zRmiwEQfYFGYcH2lpvkItd8d1bGBoOxl3XfUAq 3tmWGQwY5XF1KqeirqxvpyZdBJnn/c+wiYLhsoRQ3ZlP5T6dw4vhmi55tpAWDi+7 j0KhaUiKCN3EIJK0obhqtsiR9AcVp9onALD92gFot57wH87U/t9wAQs6JPXztnL8 nPHzSODUFWLqydhjDx3oLCb4AFNsOPXToSf8L/qpnQLzjSMVEUhlgtAMRdgUXrCR CFKNZ7oQgcx7fBkQSTzwbm4YuCKbnqnjmjOy9SNOAHext9yFMi4t2m94IHmQNuC0 ehHeKZA8x5xhYg== -----END CERTIFICATE-----Generated at Mon Dec 15 16:53:32 2025 by rpki-client