This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: 4xaz8bfaRQIFYTmyT7k6fl8b0RUM2HfZoV0sDVGy37E= Subject key identifier: 8E:B5:9A:4D:48:FD:4D:A8:1B:DE:15:72:A3:84:DA:B0:9B:2F:0B:4F Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AA011B296E4DB80FEF9992712E4D17535 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16CA Signing time: Thu 20 Nov 2025 07:01:45 +0000 Manifest this update: Thu 20 Nov 2025 07:01:45 +0000 Manifest next update: Fri 21 Nov 2025 07:01:45 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: exTWKzwe1bKk6wFbXykBImFM0zUr0XJ6XFFelnuKbe8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 21 Nov 2025 07:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a0:11:b2:96:e4:db:80:fe:f9:99:27:12:e4:d1:75:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Nov 20 07:01:45 2025 GMT Not After : Nov 21 07:01:45 2025 GMT Subject: CN=8eb59a4d48fd4da81bde1572a384dab09b2f0b4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:db:2e:0a:51:c9:49:b2:04:ff:f4:b9:b2:c8: 11:76:72:37:01:88:fc:8b:a4:47:61:d0:71:48:a3: 83:ae:e9:a5:33:f1:4a:83:dd:44:7b:e3:ff:d4:56: 4b:72:05:d3:8f:2c:b8:93:58:60:83:cb:6c:ea:cb: 50:a3:82:aa:e7:c1:f7:9f:b7:42:00:e5:91:42:ee: 26:f3:a9:a1:f8:80:88:7f:4f:f8:39:64:e2:1a:1b: 30:04:e7:ca:c8:8f:43:fc:77:e9:a4:3b:4a:6b:f1: 5c:e0:fb:57:d8:31:69:4f:a1:5e:84:4a:5f:34:07: 8a:e2:af:db:aa:2a:91:ad:19:40:1f:e1:1b:cd:69: 4d:b3:6e:3a:f6:2f:9c:bf:38:f1:82:78:7b:68:e1: 75:75:74:ae:90:7c:72:c9:e9:27:ce:63:f3:2a:f7: a2:3a:b9:12:d3:ee:66:16:5c:a6:e6:63:72:f9:6b: 36:df:2f:18:5d:0f:66:a9:dd:7b:3c:3b:82:0b:37: 70:84:ba:70:10:0d:ec:4a:2b:e1:49:f1:fd:ca:f8: 64:55:14:81:98:1e:1e:bd:65:a2:8f:00:ce:5c:df: c3:34:c7:4e:9f:63:49:64:fb:d4:8a:ca:10:1a:d8: 97:ef:01:04:ce:c7:be:ed:db:10:44:59:fa:7b:0f: 78:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:B5:9A:4D:48:FD:4D:A8:1B:DE:15:72:A3:84:DA:B0:9B:2F:0B:4F X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:98:5d:fd:dc:84:86:ed:18:4f:c4:af:22:ab:d1:e4:58:8b: cb:bf:81:56:86:ff:4f:29:29:4b:e5:08:81:6f:aa:6e:86:eb: c7:d4:b2:12:81:ad:3e:77:d2:f0:3b:da:7f:c5:20:d8:a6:22: e4:75:58:b9:42:65:d0:7a:b5:83:72:49:a9:15:ea:78:8c:a2: 5e:21:d0:5d:bc:b7:7c:7c:b7:2e:c9:bf:44:aa:e1:ca:56:e0: 55:bd:3c:5c:47:01:f7:f4:ea:92:d6:4d:56:2e:a4:fe:80:e4: 87:7c:00:a7:7b:6c:67:ed:64:f9:ee:68:14:fa:6e:1a:0f:96: 6f:07:dd:d1:02:26:69:7e:8a:52:09:b2:af:b5:68:d7:84:f6: 81:34:b4:18:58:20:7e:4c:71:8a:80:7e:a4:6f:91:5a:65:6c: fa:dd:f6:5a:ef:41:08:49:77:c6:cf:b6:97:71:cc:58:9d:02: b3:09:a2:b1:a6:9e:df:fa:b5:7d:54:22:b8:c1:a2:17:e5:f1: 31:38:fc:98:87:b8:46:e4:c9:65:d6:1c:93:6e:5a:e5:1e:20: 4a:fc:2c:76:a5:39:0e:d5:d8:1b:bc:9f:5e:37:1f:a1:14:59: 40:32:9e:f1:2d:87:88:60:d0:83:f8:6a:c6:8f:16:cd:61:91: 0b:ce:dc:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqgEbKW5NuA/vmZJxLk0XU1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMTIwMDcwMTQ1WhcNMjUxMTIxMDcwMTQ1WjAzMTEwLwYDVQQD Eyg4ZWI1OWE0ZDQ4ZmQ0ZGE4MWJkZTE1NzJhMzg0ZGFiMDliMmYwYjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNsuClHJSbIE//S5ssgRdnI3AYj8 i6RHYdBxSKODrumlM/FKg91Ee+P/1FZLcgXTjyy4k1hgg8ts6stQo4Kq58H3n7dC AOWRQu4m86mh+ICIf0/4OWTiGhswBOfKyI9D/HfppDtKa/Fc4PtX2DFpT6FehEpf NAeK4q/bqiqRrRlAH+EbzWlNs2469i+cvzjxgnh7aOF1dXSukHxyyeknzmPzKvei OrkS0+5mFlym5mNy+Ws23y8YXQ9mqd17PDuCCzdwhLpwEA3sSivhSfH9yvhkVRSB mB4evWWijwDOXN/DNMdOn2NJZPvUisoQGtiX7wEEzse+7dsQRFn6ew94GwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI61mk1I/U2oG94VcqOE2rCbLwtPMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACphd/dyE hu0YT8SvIqvR5FiLy7+BVob/TykpS+UIgW+qbobrx9SyEoGtPnfS8Dvaf8Ug2KYi 5HVYuUJl0Hq1g3JJqRXqeIyiXiHQXby3fHy3Lsm/RKrhylbgVb08XEcB9/TqktZN Vi6k/oDkh3wAp3tsZ+1k+e5oFPpuGg+Wbwfd0QImaX6KUgmyr7Vo14T2gTS0GFgg fkxxioB+pG+RWmVs+t32Wu9BCEl3xs+2l3HMWJ0Cswmisaae3/q1fVQiuMGiF+Xx MTj8mIe4RuTJZdYck25a5R4gSvwsdqU5DtXYG7yfXjcfoRRZQDKe8S2HiGDQg/hq xo8WzWGRC87ciw== -----END CERTIFICATE-----Generated at Thu Nov 20 13:44:15 2025 by rpki-client