This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: JTcVHrFgtzkv4LhlNnzvX15pTnp3e5HVBbN2zdJ2axI= Subject key identifier: C4:35:4D:51:6B:70:C5:4D:46:87:32:D0:41:AA:4C:CF:E7:1C:EC:19 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AAF8516FE1F7262506C87701EBA4933C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16D2 Signing time: Sun 23 Nov 2025 07:02:06 +0000 Manifest this update: Sun 23 Nov 2025 07:02:06 +0000 Manifest next update: Mon 24 Nov 2025 07:02:06 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: kYdIc7otApjbVvpW3FtbYMns4pHpuXSaeMOth3qQxBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:af:85:16:fe:1f:72:62:50:6c:87:70:1e:ba:49:33:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Nov 23 07:02:06 2025 GMT Not After : Nov 24 07:02:06 2025 GMT Subject: CN=c4354d516b70c54d468732d041aa4ccfe71cec19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ca:1f:7b:8f:7e:3d:4a:88:96:71:27:1f:e7: ae:2f:19:90:fd:04:1b:88:90:4c:a4:74:7f:d4:7f: b3:33:9c:31:19:f3:d3:7b:56:fd:c9:50:50:f4:4a: 4c:2c:17:43:ad:ab:a4:30:62:73:b8:c2:5a:aa:e5: f5:79:46:20:e4:37:93:1f:c3:e3:00:96:bc:e1:7a: bb:ed:30:2c:17:50:53:20:f9:c6:14:90:68:ce:0b: 90:4a:34:c7:62:fe:2c:36:50:66:4d:67:be:ca:3b: f1:e5:96:c8:c9:06:3f:f7:47:fd:1d:f7:d2:7a:29: 9c:ad:d3:d1:6d:c2:b4:92:68:e6:38:01:f1:75:53: 2d:c9:32:23:01:6a:ab:bc:cf:e9:d6:3d:0d:74:81: ad:28:0e:35:dc:8d:62:a1:96:11:8c:53:7f:82:22: 06:61:02:a0:da:38:84:6c:18:ba:3a:30:cf:fb:24: 97:42:3f:72:34:9e:9d:da:bd:fa:31:5d:3d:3f:5a: be:e1:a0:8e:d9:8e:4d:fc:e8:10:ad:eb:8e:28:59: 3d:11:82:3a:85:48:99:05:0e:3f:9b:c9:07:19:c5: 61:9f:0c:5d:7c:78:dd:16:d7:0f:83:d4:56:8c:e1: 59:a2:b3:a1:7e:0a:74:22:57:2c:27:40:b1:d7:81: 97:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:35:4D:51:6B:70:C5:4D:46:87:32:D0:41:AA:4C:CF:E7:1C:EC:19 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:b9:5a:29:23:9b:60:0b:dd:d0:ed:41:6c:1a:bc:2f:29:6b: 3a:af:82:35:f4:31:b8:43:22:ad:fb:b1:76:c0:24:71:5d:27: ee:9a:12:aa:3f:82:16:cd:4d:12:de:34:15:9e:d2:af:56:5c: 17:b1:73:03:63:a8:03:c3:21:9c:a4:79:5f:01:28:15:e2:d6: 78:df:f7:e5:af:74:95:f2:0d:6e:be:ef:7c:4b:cf:cf:11:d0: 0f:31:2f:7a:6d:0b:0f:2c:73:d1:a6:f1:99:e3:5e:29:1f:e1: 96:ed:d7:11:28:19:f0:e1:24:b6:8c:2a:69:3b:9b:c5:2c:2b: d0:f8:84:f2:e1:70:f2:26:79:4e:86:84:18:e2:df:32:2b:4f: 79:14:95:3a:5d:ee:d6:fc:39:03:b4:fb:40:20:42:1f:be:db: 30:e3:2b:ab:af:e2:2e:71:b2:3c:78:6b:4d:b8:5a:33:ad:81: ec:48:a7:f8:78:0a:82:0c:64:ea:0f:79:1e:ba:c0:c3:9e:6b: 0b:6e:fb:5e:79:1f:9e:fb:7a:ec:d8:f1:06:15:82:88:6f:01: 0c:71:85:8f:f5:a4:da:26:69:88:65:24:20:cb:39:2a:8c:fa: 1a:8d:42:ec:44:ee:d9:82:90:5a:ef:79:2c:25:31:a4:30:21: 02:71:6c:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqvhRb+H3JiUGyHcB66STPGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMTIzMDcwMjA2WhcNMjUxMTI0MDcwMjA2WjAzMTEwLwYDVQQD EyhjNDM1NGQ1MTZiNzBjNTRkNDY4NzMyZDA0MWFhNGNjZmU3MWNlYzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsofe49+PUqIlnEnH+euLxmQ/QQb iJBMpHR/1H+zM5wxGfPTe1b9yVBQ9EpMLBdDraukMGJzuMJaquX1eUYg5DeTH8Pj AJa84Xq77TAsF1BTIPnGFJBozguQSjTHYv4sNlBmTWe+yjvx5ZbIyQY/90f9HffS eimcrdPRbcK0kmjmOAHxdVMtyTIjAWqrvM/p1j0NdIGtKA413I1ioZYRjFN/giIG YQKg2jiEbBi6OjDP+ySXQj9yNJ6d2r36MV09P1q+4aCO2Y5N/OgQreuOKFk9EYI6 hUiZBQ4/m8kHGcVhnwxdfHjdFtcPg9RWjOFZorOhfgp0IlcsJ0Cx14GXzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMQ1TVFrcMVNRocy0EGqTM/nHOwZMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAILlaKSOb YAvd0O1BbBq8LylrOq+CNfQxuEMirfuxdsAkcV0n7poSqj+CFs1NEt40FZ7Sr1Zc F7FzA2OoA8MhnKR5XwEoFeLWeN/35a90lfINbr7vfEvPzxHQDzEvem0LDyxz0abx meNeKR/hlu3XESgZ8OEktowqaTubxSwr0PiE8uFw8iZ5ToaEGOLfMitPeRSVOl3u 1vw5A7T7QCBCH77bMOMrq6/iLnGyPHhrTbhaM62B7Ein+HgKggxk6g95HrrAw55r C277Xnkfnvt67NjxBhWCiG8BDHGFj/Wk2iZpiGUkIMs5Koz6Go1C7ETu2YKQWu95 LCUxpDAhAnFsXQ== -----END CERTIFICATE-----Generated at Sun Nov 23 13:54:27 2025 by rpki-client