This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: keTN8LNVXlmCVYxMpnziszAXboNlScS2MMO902mKh14= Subject key identifier: 6E:37:C8:AA:00:60:14:4E:11:6C:31:AC:64:26:5E:4B:4A:D8:69:F1 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B4438AFB4B5B564BD0CABFEBB5839829A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 171F Signing time: Mon 22 Dec 2025 04:02:04 +0000 Manifest this update: Mon 22 Dec 2025 04:02:04 +0000 Manifest next update: Tue 23 Dec 2025 04:02:04 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: JEKYGbOSa/TMfCYoVyqA1O7pnRtQqcD0qXewWGsQP00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:af:b4:b5:b5:64:bd:0c:ab:fe:bb:58:39:82:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 22 04:02:04 2025 GMT Not After : Dec 23 04:02:04 2025 GMT Subject: CN=6e37c8aa0060144e116c31ac64265e4b4ad869f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d7:d9:5b:77:a7:2f:a6:d2:36:4c:63:04:86: ab:30:cb:3c:8c:b7:94:6c:85:6b:5e:5b:30:ce:62: 9f:1b:01:cb:0d:ab:b3:6a:ac:99:1e:60:78:0a:80: 16:00:e0:b5:fb:2b:e1:d0:14:73:1c:8d:06:71:76: 04:e7:20:7a:4f:14:40:04:3b:53:8d:b5:03:a2:4b: 65:a9:c3:ce:38:b3:27:2d:a2:1e:c9:8d:1f:c8:68: 61:73:cc:ab:37:a8:db:f9:1b:6c:53:0c:5b:ba:2a: 57:22:9c:72:4a:87:64:aa:49:2f:d8:e3:c8:64:b3: ae:c3:72:03:44:59:e3:90:97:f9:8b:5a:30:31:20: e0:d1:70:28:26:a4:2f:f5:f0:19:c7:29:d0:67:5f: 3e:da:4d:90:54:aa:6d:86:7b:21:61:41:33:41:fa: 0f:6e:a9:39:bf:19:46:8f:23:fe:56:57:af:81:7c: 04:3d:54:ef:f9:7f:d4:3c:86:f4:6d:c1:a8:57:33: 8a:ef:17:af:6f:3a:55:ac:03:dd:70:24:85:fc:43: 40:0f:54:9e:8f:4c:b9:9a:6b:23:aa:2f:5c:c7:4b: 9a:fd:b9:ef:de:8c:75:68:5c:88:53:8b:cc:93:34: b0:24:ce:da:ae:bd:ab:d4:57:2b:89:89:d8:f9:d0: f6:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:37:C8:AA:00:60:14:4E:11:6C:31:AC:64:26:5E:4B:4A:D8:69:F1 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:02:d0:37:b8:87:58:ec:79:5e:a6:66:12:e8:65:a0:b4:b2: 81:a3:37:c9:e8:b2:6b:6d:ab:5a:b8:99:b8:72:c6:f2:06:24: 8b:ac:4d:4c:00:ce:3f:de:ec:38:df:93:78:3f:2e:2b:5a:ce: 3e:99:31:99:17:f1:a6:a4:16:1c:32:1b:8c:74:ff:d1:49:dd: 78:bc:c7:fa:42:a7:05:2c:cf:ed:55:d9:ca:cb:2e:14:28:2e: 74:ef:17:38:0c:06:ac:10:dd:f0:ea:df:80:11:c7:fd:5e:f6: c3:75:3e:ca:12:fc:4a:a6:a4:65:3c:c2:b3:be:52:60:ab:df: 37:92:da:da:10:08:a4:33:e2:42:a9:f7:a2:de:91:ec:75:8f: d9:9e:81:22:5c:4a:37:d0:45:74:75:f7:98:f8:23:ee:d7:62: 77:81:3f:b5:eb:1b:7e:c4:2a:b3:2a:70:88:cd:29:bd:d6:bb: 6b:e5:1f:39:2e:ef:d2:95:54:b9:79:4d:9a:25:e0:bf:2d:d1: e7:e0:48:a3:d1:a2:d9:77:cf:d8:e4:fb:20:3f:76:36:91:f9: b7:d9:6b:b4:64:93:6a:69:60:f7:85:b0:a6:fd:da:e7:82:ab: 16:db:5c:9c:ba:15:c0:a9:24:e7:46:83:2e:ba:ea:ed:96:a8: 23:96:cd:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOK+0tbVkvQyr/rtYOYKaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjIyMDQwMjA0WhcNMjUxMjIzMDQwMjA0WjAzMTEwLwYDVQQD Eyg2ZTM3YzhhYTAwNjAxNDRlMTE2YzMxYWM2NDI2NWU0YjRhZDg2OWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodfZW3enL6bSNkxjBIarMMs8jLeU bIVrXlswzmKfGwHLDauzaqyZHmB4CoAWAOC1+yvh0BRzHI0GcXYE5yB6TxRABDtT jbUDoktlqcPOOLMnLaIeyY0fyGhhc8yrN6jb+RtsUwxbuipXIpxySodkqkkv2OPI ZLOuw3IDRFnjkJf5i1owMSDg0XAoJqQv9fAZxynQZ18+2k2QVKpthnshYUEzQfoP bqk5vxlGjyP+VlevgXwEPVTv+X/UPIb0bcGoVzOK7xevbzpVrAPdcCSF/ENAD1Se j0y5mmsjqi9cx0ua/bnv3ox1aFyIU4vMkzSwJM7arr2r1FcriYnY+dD2OQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG43yKoAYBROEWwxrGQmXktK2GnxMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkALQN7iH WOx5XqZmEuhloLSygaM3yeiya22rWriZuHLG8gYki6xNTADOP97sON+TeD8uK1rO PpkxmRfxpqQWHDIbjHT/0UndeLzH+kKnBSzP7VXZyssuFCgudO8XOAwGrBDd8Orf gBHH/V72w3U+yhL8SqakZTzCs75SYKvfN5La2hAIpDPiQqn3ot6R7HWP2Z6BIlxK N9BFdHX3mPgj7tdid4E/tesbfsQqsypwiM0pvda7a+UfOS7v0pVUuXlNmiXgvy3R 5+BIo9Gi2XfP2OT7ID92NpH5t9lrtGSTamlg94Wwpv3a54KrFttcnLoVwKkk50aD Lrrq7ZaoI5bN8g== -----END CERTIFICATE-----Generated at Mon Dec 22 06:38:25 2025 by rpki-client