This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: tcmc1ICSGTLqhbVjJJuHbGfe2e0tpLlx7dQiAttP7Vw= Subject key identifier: 1D:CF:BC:F5:49:A1:30:0F:14:EB:44:AB:83:AD:2A:10:5A:62:BA:0D Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B1BAA6D766BB9B8E50D72B520BC0CF4A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 170A Signing time: Sun 14 Dec 2025 07:01:52 +0000 Manifest this update: Sun 14 Dec 2025 07:01:52 +0000 Manifest next update: Mon 15 Dec 2025 07:01:52 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: qkggIvY1giVw2Npz7+GABz6NIwAL108OZaQXY7X7mZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:aa:6d:76:6b:b9:b8:e5:0d:72:b5:20:bc:0c:f4:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 14 07:01:52 2025 GMT Not After : Dec 15 07:01:52 2025 GMT Subject: CN=1dcfbcf549a1300f14eb44ab83ad2a105a62ba0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:38:2f:41:f3:bc:b0:67:01:06:61:d6:46:78: 01:d7:b8:2e:dd:f0:ff:6d:9a:a5:46:49:33:ec:bc: 64:f8:dd:c3:59:05:12:80:70:f7:b1:83:bf:b3:3e: 57:6a:49:ca:66:0f:67:73:d0:35:4b:db:7a:f1:49: 08:47:82:a9:0f:cd:8c:3e:d3:52:e9:4e:96:7f:69: a9:77:36:71:6b:16:d4:3c:f1:65:ae:10:2c:7c:62: 58:45:22:fc:da:c4:08:c5:0b:e9:d7:29:9e:d7:f8: 61:1d:df:76:86:1f:f7:82:bf:38:2e:ba:73:34:ff: a5:18:95:29:28:81:b0:1a:fe:0a:68:4b:d8:84:31: 17:d4:92:cf:a4:2a:af:3b:fc:03:16:b6:b3:e4:cd: 19:36:d3:4d:b3:bb:35:22:05:2a:f2:d6:ba:a3:ab: 31:f6:29:cf:97:f3:d6:6e:99:62:8c:97:c4:b2:f5: 26:fc:47:72:9d:33:56:02:d9:9f:78:67:0c:08:51: a4:fb:f0:a3:d2:ac:52:ad:e1:03:76:55:73:c3:f1: 76:eb:19:91:69:d3:da:4a:24:db:ca:cd:5c:81:ed: 73:2e:3e:3b:4e:ea:8f:b3:8d:fe:07:7d:d5:02:47: cc:42:22:0c:0a:da:a3:73:af:2a:6a:8b:1d:c1:d6: d8:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:CF:BC:F5:49:A1:30:0F:14:EB:44:AB:83:AD:2A:10:5A:62:BA:0D X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:f2:df:39:2a:9b:ab:7f:41:83:33:55:a1:da:7c:60:d3:63: 60:54:7a:05:70:c4:90:bb:30:2a:4b:0d:a5:e6:13:91:94:95: c3:d0:f5:ad:6b:fa:91:43:22:da:99:51:62:28:0d:ad:5b:ec: 77:cf:89:fe:32:a5:b4:fe:8a:3e:b3:fa:9c:2a:f4:5a:70:2d: 40:8a:80:4c:f3:ce:cc:56:0e:c0:07:18:84:bd:14:4c:14:15: 85:e7:09:c1:20:fc:40:6a:a8:9c:e0:5d:5e:85:16:55:75:f8: 9b:99:18:1f:11:75:fe:19:9b:bc:1a:2f:a3:f5:2c:b3:51:34: 83:9c:a7:30:00:c1:b8:4b:ac:1a:ba:ae:34:55:e5:44:f6:b8: 26:50:59:c6:de:26:67:23:e2:00:c4:b8:70:95:00:94:ab:96: ea:83:fd:6e:5b:cb:10:39:cd:8c:87:17:bf:a0:ca:98:ca:d7: 8b:fd:06:fa:41:c5:3f:14:55:a2:4c:b8:81:eb:fb:ad:d7:1f: 03:fd:1b:98:6e:cb:9f:76:45:8c:8a:9c:82:53:a7:5c:c4:3c: c4:cf:68:8f:8a:59:c4:c9:7b:37:c3:ad:97:14:10:4a:26:b4: df:6d:e0:ea:d3:2f:e7:d5:b9:99:60:a8:7b:3f:99:39:71:13: 58:61:6b:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqm12a7m45Q1ytSC8DPSjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjE0MDcwMTUyWhcNMjUxMjE1MDcwMTUyWjAzMTEwLwYDVQQD EygxZGNmYmNmNTQ5YTEzMDBmMTRlYjQ0YWI4M2FkMmExMDVhNjJiYTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDgvQfO8sGcBBmHWRngB17gu3fD/ bZqlRkkz7Lxk+N3DWQUSgHD3sYO/sz5XaknKZg9nc9A1S9t68UkIR4KpD82MPtNS 6U6Wf2mpdzZxaxbUPPFlrhAsfGJYRSL82sQIxQvp1yme1/hhHd92hh/3gr84Lrpz NP+lGJUpKIGwGv4KaEvYhDEX1JLPpCqvO/wDFraz5M0ZNtNNs7s1IgUq8ta6o6sx 9inPl/PWbplijJfEsvUm/EdynTNWAtmfeGcMCFGk+/Cj0qxSreEDdlVzw/F26xmR adPaSiTbys1cge1zLj47TuqPs43+B33VAkfMQiIMCtqjc68qaosdwdbY0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3PvPVJoTAPFOtEq4OtKhBaYroNMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvLfOSqb q39BgzNVodp8YNNjYFR6BXDEkLswKksNpeYTkZSVw9D1rWv6kUMi2plRYigNrVvs d8+J/jKltP6KPrP6nCr0WnAtQIqATPPOzFYOwAcYhL0UTBQVhecJwSD8QGqonOBd XoUWVXX4m5kYHxF1/hmbvBovo/Uss1E0g5ynMADBuEusGrquNFXlRPa4JlBZxt4m ZyPiAMS4cJUAlKuW6oP9blvLEDnNjIcXv6DKmMrXi/0G+kHFPxRVoky4gev7rdcf A/0bmG7Ln3ZFjIqcglOnXMQ8xM9oj4pZxMl7N8OtlxQQSia0323g6tMv59W5mWCo ez+ZOXETWGFrHA== -----END CERTIFICATE-----Generated at Sun Dec 14 15:25:00 2025 by rpki-client