This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: baj/twx9H8Rc9w2tZHNNbd1r7hblnIXHIjF2rEPtHNw= Subject key identifier: 4D:1C:12:FA:F0:03:BC:3C:C8:B3:88:EA:BC:BC:1A:E8:FE:01:88:35 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AF8E6640C9AF6CE98304BD2A0041FFFEA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16F8 Signing time: Sun 07 Dec 2025 13:00:39 +0000 Manifest this update: Sun 07 Dec 2025 13:00:39 +0000 Manifest next update: Mon 08 Dec 2025 13:00:39 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: PbK5TxNFnr/ANSrPGPGkjjoNmdRQFH7ILxUCIg5J8gI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 13:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f8:e6:64:0c:9a:f6:ce:98:30:4b:d2:a0:04:1f:ff:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 7 13:00:39 2025 GMT Not After : Dec 8 13:00:39 2025 GMT Subject: CN=4d1c12faf003bc3cc8b388eabcbc1ae8fe018835 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:91:13:59:f5:9e:c3:e3:67:ae:b4:5c:2e:2f: 14:e5:8f:e7:5d:a6:b3:78:f0:76:cb:94:da:32:b2: b9:1c:7c:0a:a6:3c:23:90:be:5d:eb:cd:f3:1d:84: 48:b4:a6:85:49:37:f0:87:e2:37:37:00:45:a0:2f: 16:4d:f0:0b:e1:e8:9e:93:cf:2a:7e:b7:3e:08:bb: 27:e9:02:17:e5:80:7a:0e:70:ac:f8:47:c5:8a:f6: 11:fc:78:64:7a:fc:c0:44:ff:5c:4c:75:dc:38:4c: 65:30:43:1d:48:db:6f:5a:f5:43:06:7a:e9:40:8c: 87:95:f9:fa:19:24:14:5c:ee:14:d6:22:9d:46:9a: 75:53:8b:a3:06:f1:47:96:42:55:ba:8b:02:6b:aa: 1a:1c:99:f4:f9:b2:bb:c6:a9:91:28:b6:7c:b8:61: 5d:62:a9:0f:73:97:60:9c:55:03:3b:79:56:04:fe: 63:b4:5a:12:a3:ca:b8:58:97:92:df:4c:63:bc:c0: 32:3a:1f:f4:02:bf:9f:65:f4:0c:50:0d:f8:68:f4: 8a:84:1d:c6:1c:94:cb:34:77:63:39:be:ad:7b:2c: e4:8d:0c:69:82:1d:ce:e3:ea:bf:57:71:e8:85:e4: 6e:61:5c:c2:bc:ef:71:79:30:21:2b:32:ac:21:ca: b3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:1C:12:FA:F0:03:BC:3C:C8:B3:88:EA:BC:BC:1A:E8:FE:01:88:35 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:12:14:70:a2:45:c1:42:87:bd:86:36:03:42:d9:7f:f7:38: 0f:7c:c1:0e:67:5b:db:1e:99:2a:a2:95:b1:e6:04:ca:0b:84: 91:5b:13:9f:c9:53:43:05:d1:1e:d0:38:08:79:87:fc:62:ee: 1d:dc:e9:f1:1e:ac:17:e6:fd:e8:2c:aa:0c:da:21:41:2d:7c: 72:5f:29:ff:d7:01:6e:5a:cf:a4:d2:30:6b:ac:f1:94:6b:c0: d9:4e:89:e9:d3:3b:8b:0e:c9:f5:eb:3d:4a:9b:04:11:1f:92: 89:80:f2:b5:ae:f5:64:f4:0b:c4:db:b8:65:9e:ba:03:eb:ef: 7a:43:6a:0b:ba:eb:53:26:e6:16:a9:61:4b:5b:25:b6:55:9a: e1:29:4a:be:62:6f:bb:da:23:ab:c5:0e:af:6a:54:f8:dc:9d: 5a:9b:4e:d9:65:71:44:18:a5:de:72:a1:1e:71:3e:d9:45:ff: bc:f1:52:fb:e4:8b:bb:ce:7b:be:d8:51:7f:be:6a:79:cb:91: 28:55:c9:d6:82:a0:6d:77:d8:57:96:af:bd:4c:55:27:52:14: cf:20:90:02:d7:46:4f:73:a3:4d:cb:52:30:92:89:82:e2:c1: cb:bd:ab:5e:f8:58:e2:ac:ba:5e:b8:3c:a3:03:de:11:a2:8c: 35:0d:09:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr45mQMmvbOmDBL0qAEH//qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjA3MTMwMDM5WhcNMjUxMjA4MTMwMDM5WjAzMTEwLwYDVQQD Eyg0ZDFjMTJmYWYwMDNiYzNjYzhiMzg4ZWFiY2JjMWFlOGZlMDE4ODM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pETWfWew+NnrrRcLi8U5Y/nXaaz ePB2y5TaMrK5HHwKpjwjkL5d683zHYRItKaFSTfwh+I3NwBFoC8WTfAL4eiek88q frc+CLsn6QIX5YB6DnCs+EfFivYR/HhkevzARP9cTHXcOExlMEMdSNtvWvVDBnrp QIyHlfn6GSQUXO4U1iKdRpp1U4ujBvFHlkJVuosCa6oaHJn0+bK7xqmRKLZ8uGFd YqkPc5dgnFUDO3lWBP5jtFoSo8q4WJeS30xjvMAyOh/0Ar+fZfQMUA34aPSKhB3G HJTLNHdjOb6teyzkjQxpgh3O4+q/V3HoheRuYVzCvO9xeTAhKzKsIcqzMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE0cEvrwA7w8yLOI6ry8Guj+AYg1MB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBIUcKJF wUKHvYY2A0LZf/c4D3zBDmdb2x6ZKqKVseYEyguEkVsTn8lTQwXRHtA4CHmH/GLu Hdzp8R6sF+b96CyqDNohQS18cl8p/9cBblrPpNIwa6zxlGvA2U6J6dM7iw7J9es9 SpsEER+SiYDyta71ZPQLxNu4ZZ66A+vvekNqC7rrUybmFqlhS1sltlWa4SlKvmJv u9ojq8UOr2pU+NydWptO2WVxRBil3nKhHnE+2UX/vPFS++SLu857vthRf75qecuR KFXJ1oKgbXfYV5avvUxVJ1IUzyCQAtdGT3OjTctSMJKJguLBy72rXvhY4qy6Xrg8 owPeEaKMNQ0JrA== -----END CERTIFICATE-----Generated at Sun Dec 7 20:13:52 2025 by rpki-client