This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: WITu0iKegzEIwOJAougq4ygYv4rxcPaoidKVEbZPwL8= Subject key identifier: 33:EF:71:4F:FD:80:0A:C9:A9:0A:36:8D:CE:01:03:FA:97:42:42:CE Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AFEB2B9418809100DB8FC1FFBF562EB59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16FB Signing time: Mon 08 Dec 2025 16:01:56 +0000 Manifest this update: Mon 08 Dec 2025 16:01:56 +0000 Manifest next update: Tue 09 Dec 2025 16:01:56 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: DIc9OSw98/PICk1+aZ/K5tAIl9xfcMFu+V8AhWzBDcw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 15:46:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fe:b2:b9:41:88:09:10:0d:b8:fc:1f:fb:f5:62:eb:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 8 16:01:56 2025 GMT Not After : Dec 9 16:01:56 2025 GMT Subject: CN=33ef714ffd800ac9a90a368dce0103fa974242ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:35:5e:7a:af:ef:5f:ff:9f:f1:1b:0d:1b:bf: bf:00:1a:4c:76:1a:7f:d4:2d:fa:4f:b8:bc:4b:37: db:a0:63:2c:8a:fe:dc:17:bc:3b:57:e1:67:61:14: ec:22:34:ea:62:05:b1:18:6e:4c:35:6b:f2:4b:d7: db:81:ea:ac:9e:0c:fa:16:30:99:12:94:6f:b0:23: 8d:3c:8c:ec:b8:4c:f2:26:87:43:6e:89:4e:8c:68: 26:38:63:80:83:d8:3b:3b:92:1b:77:f1:75:4c:cf: e7:51:80:9e:a4:cc:bb:b8:58:7c:b3:54:ce:ef:9c: 71:4a:8c:7f:f1:d4:32:7b:85:dc:1b:9f:13:51:a9: 9e:28:6a:73:31:f6:da:ca:1e:25:9b:9e:40:53:26: f0:80:0a:dd:21:39:70:f0:a3:c0:fa:11:57:22:42: b6:67:4a:33:95:97:9c:44:f8:1a:a1:d0:e3:b5:93: 97:d3:06:69:fd:42:37:b0:ef:dc:76:71:9f:57:ff: a6:73:62:f9:c0:53:da:07:0f:bd:48:64:d9:7b:35: be:94:1a:33:19:d5:f4:23:63:a8:4c:84:d1:b0:49: 7a:9a:ec:5b:fd:3d:fa:28:24:4a:49:52:c2:52:77: 10:dc:db:78:94:21:50:4c:91:7a:8d:bc:fc:06:a1: 6d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:EF:71:4F:FD:80:0A:C9:A9:0A:36:8D:CE:01:03:FA:97:42:42:CE X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:fb:68:72:bc:4a:2a:ce:a0:e3:d8:a0:b9:af:92:a7:5c:c9: ec:77:8c:e6:5a:94:0a:6e:d9:18:24:58:77:6f:e3:80:9e:88: ac:03:43:27:c9:8d:ae:63:88:28:ae:e0:c8:c0:46:2b:48:51: e7:05:13:58:c5:56:84:85:a1:60:7a:87:62:a6:cd:3e:eb:aa: a1:e7:60:2b:9e:92:18:5e:35:aa:aa:91:ae:73:61:02:83:16: 44:18:2a:9d:b6:3e:7a:43:9d:01:e6:1b:9f:24:7f:ac:f5:cc: fe:ac:80:91:23:dd:c2:7b:2a:13:3e:69:e3:f8:08:3f:24:66: 52:6f:56:f4:7a:57:f0:7c:ce:17:cd:d3:a1:4d:85:c6:6b:1f: 8f:c6:52:de:0c:5b:4d:ab:51:05:3e:a4:f0:b3:e7:73:ae:05: e8:dc:bd:3f:cc:22:9c:e8:3a:e9:0b:ec:5d:ea:45:7c:95:f7: df:b1:f2:3b:3c:ec:3d:90:c8:2c:76:87:60:25:83:ac:a1:d6: af:65:da:92:21:e8:90:c7:54:9c:44:0c:35:a7:f2:1a:f2:d0: ec:b3:9f:4e:72:59:99:35:7b:a0:9c:9a:38:0f:53:9a:c9:6f: a1:24:5b:51:b9:3b:e4:54:e0:99:3d:18:bf:c5:e7:22:c8:08: 02:15:6d:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr+srlBiAkQDbj8H/v1YutZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjA4MTYwMTU2WhcNMjUxMjA5MTYwMTU2WjAzMTEwLwYDVQQD EygzM2VmNzE0ZmZkODAwYWM5YTkwYTM2OGRjZTAxMDNmYTk3NDI0MmNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jVeeq/vX/+f8RsNG7+/ABpMdhp/ 1C36T7i8SzfboGMsiv7cF7w7V+FnYRTsIjTqYgWxGG5MNWvyS9fbgeqsngz6FjCZ EpRvsCONPIzsuEzyJodDbolOjGgmOGOAg9g7O5Ibd/F1TM/nUYCepMy7uFh8s1TO 75xxSox/8dQye4XcG58TUameKGpzMfbayh4lm55AUybwgArdITlw8KPA+hFXIkK2 Z0ozlZecRPgaodDjtZOX0wZp/UI3sO/cdnGfV/+mc2L5wFPaBw+9SGTZezW+lBoz GdX0I2OoTITRsEl6muxb/T36KCRKSVLCUncQ3Nt4lCFQTJF6jbz8BqFtVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDPvcU/9gArJqQo2jc4BA/qXQkLOMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPtocrxK Ks6g49igua+Sp1zJ7HeM5lqUCm7ZGCRYd2/jgJ6IrANDJ8mNrmOIKK7gyMBGK0hR 5wUTWMVWhIWhYHqHYqbNPuuqoedgK56SGF41qqqRrnNhAoMWRBgqnbY+ekOdAeYb nyR/rPXM/qyAkSPdwnsqEz5p4/gIPyRmUm9W9HpX8HzOF83ToU2Fxmsfj8ZS3gxb TatRBT6k8LPnc64F6Ny9P8winOg66QvsXepFfJX337HyOzzsPZDILHaHYCWDrKHW r2XakiHokMdUnEQMNafyGvLQ7LOfTnJZmTV7oJyaOA9TmslvoSRbUbk75FTgmT0Y v8XnIsgIAhVtcQ== -----END CERTIFICATE-----Generated at Mon Dec 8 22:06:04 2025 by rpki-client