This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: QXdtlj1cDZs4g/4CSRZD1HRVHYN8ID44wEisvktlaVg= Subject key identifier: 81:15:21:BC:7D:5F:DF:0C:7A:1F:CF:89:94:44:8F:46:43:6A:CF:3A Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B48146ACC701F319DD898A4F0C373BB67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1721 Signing time: Mon 22 Dec 2025 22:00:56 +0000 Manifest this update: Mon 22 Dec 2025 22:00:56 +0000 Manifest next update: Tue 23 Dec 2025 22:00:56 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: 59Ju2Xu8c3ZVTXdUsj0t95cLxQaNeeVNf8wQDDjk1kc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:6a:cc:70:1f:31:9d:d8:98:a4:f0:c3:73:bb:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 22 22:00:56 2025 GMT Not After : Dec 23 22:00:56 2025 GMT Subject: CN=811521bc7d5fdf0c7a1fcf8994448f46436acf3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:bb:62:83:a9:e4:fb:f0:31:d4:6f:88:55:70: 91:07:48:4c:57:f3:4c:e4:9e:b8:4c:9a:90:4b:0f: 79:2f:99:8f:eb:a9:40:35:05:36:53:92:a0:cb:44: 44:52:99:63:83:a2:27:75:e1:91:11:df:9f:7a:6a: 8e:04:ca:4e:73:c7:d6:a6:bf:6c:09:fe:e5:62:3b: e4:e7:dd:9b:20:34:f2:4c:5b:d6:ca:b2:8c:44:99: c2:df:24:4d:05:56:3a:a7:7f:1b:7f:47:35:37:12: 45:82:4f:50:38:eb:e3:2e:9d:1d:68:5e:e9:f8:c4: 3c:b2:bf:04:cf:29:fe:0b:7d:4e:eb:2d:07:20:19: 44:d8:45:de:69:97:60:1c:c9:d8:2f:98:2e:f3:65: 3a:b5:d9:fc:cb:de:83:6c:2a:9f:1c:26:52:63:7e: 45:5c:e6:70:03:90:bc:3d:b4:ea:31:bc:91:21:f1: be:37:79:51:f0:9b:28:cc:11:ed:ea:51:02:7b:06: ba:0e:74:6f:0d:31:86:88:ad:31:08:9b:0d:7d:a4: 98:1f:0d:0d:1f:ad:4c:e3:67:1b:2f:d2:33:b8:ce: 4b:70:1b:a7:30:44:1f:eb:0d:7b:3f:fa:31:14:46: 37:75:80:8e:98:07:28:ea:b8:aa:62:f7:e6:90:85: aa:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:15:21:BC:7D:5F:DF:0C:7A:1F:CF:89:94:44:8F:46:43:6A:CF:3A X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:7c:dd:8a:d5:cf:26:62:23:52:59:25:8b:76:a8:8b:1e:a2: 11:42:88:db:f5:2d:15:15:31:74:3a:68:5e:15:8b:d3:a8:d0: a5:03:03:30:c9:a1:4c:12:dd:b5:e3:4e:37:e3:ee:47:fd:d8: cc:8e:a3:dc:25:70:85:52:cf:cd:7d:28:f4:40:f5:71:1c:9b: 53:f9:e6:3d:cb:ec:c9:66:de:85:1b:b5:8d:4f:04:91:92:ff: 00:69:79:f7:49:84:7d:bb:e1:07:d2:5a:2a:92:22:d2:10:1f: eb:44:58:2d:6e:08:a6:71:df:e1:a8:1b:d0:15:a3:8c:83:99: f5:8c:81:ef:e1:70:e0:65:15:f8:9a:96:fb:91:b0:c9:f3:be: 47:39:07:e7:5c:22:37:0e:25:77:bf:b4:a5:74:f9:51:58:8c: 34:f0:e9:34:36:4a:10:8d:74:12:05:5f:05:8e:1f:34:40:37: b0:e0:c0:07:d4:5f:fe:0c:bc:6e:62:9b:44:7b:3a:d5:fd:ed: 6d:a8:13:1c:89:fa:fa:4e:81:ab:86:d5:25:6e:ed:6f:44:c1: 54:0a:26:e6:84:0b:39:b0:83:33:09:f9:d9:bd:47:77:90:3b: c5:2c:d7:91:c8:95:f4:7d:54:a9:04:e8:a8:12:05:79:0b:8c: e8:7f:75:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFGrMcB8xndiYpPDDc7tnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjIyMjIwMDU2WhcNMjUxMjIzMjIwMDU2WjAzMTEwLwYDVQQD Eyg4MTE1MjFiYzdkNWZkZjBjN2ExZmNmODk5NDQ0OGY0NjQzNmFjZjNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ltig6nk+/Ax1G+IVXCRB0hMV/NM 5J64TJqQSw95L5mP66lANQU2U5Kgy0REUpljg6IndeGREd+femqOBMpOc8fWpr9s Cf7lYjvk592bIDTyTFvWyrKMRJnC3yRNBVY6p38bf0c1NxJFgk9QOOvjLp0daF7p +MQ8sr8Ezyn+C31O6y0HIBlE2EXeaZdgHMnYL5gu82U6tdn8y96DbCqfHCZSY35F XOZwA5C8PbTqMbyRIfG+N3lR8JsozBHt6lECewa6DnRvDTGGiK0xCJsNfaSYHw0N H61M42cbL9IzuM5LcBunMEQf6w17P/oxFEY3dYCOmAco6riqYvfmkIWqcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIEVIbx9X98Meh/PiZREj0ZDas86MB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOHzditXP JmIjUlkli3aoix6iEUKI2/UtFRUxdDpoXhWL06jQpQMDMMmhTBLdteNON+PuR/3Y zI6j3CVwhVLPzX0o9ED1cRybU/nmPcvsyWbehRu1jU8EkZL/AGl590mEfbvhB9Ja KpIi0hAf60RYLW4IpnHf4agb0BWjjIOZ9YyB7+Fw4GUV+JqW+5GwyfO+RzkH51wi Nw4ld7+0pXT5UViMNPDpNDZKEI10EgVfBY4fNEA3sODAB9Rf/gy8bmKbRHs61f3t bagTHIn6+k6Bq4bVJW7tb0TBVAom5oQLObCDMwn52b1Hd5A7xSzXkciV9H1UqQTo qBIFeQuM6H911A== -----END CERTIFICATE-----Generated at Tue Dec 23 06:39:24 2025 by rpki-client