This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: eJxiOYIIgqADU92hswaVVYWsb/IDvarCG2YmNIofsBI= Subject key identifier: F9:CF:6E:6B:F6:BA:6A:11:27:B1:4E:6F:DA:B0:25:FA:E7:11:C6:44 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AE3A9120EC8B6BF15452F67801001496F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16ED Signing time: Wed 03 Dec 2025 10:01:39 +0000 Manifest this update: Wed 03 Dec 2025 10:01:39 +0000 Manifest next update: Thu 04 Dec 2025 10:01:39 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: /usMFBjrS1RGTXfJMUqHIDdJUMHamz1Ods3RLLRzb7M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 10:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:a9:12:0e:c8:b6:bf:15:45:2f:67:80:10:01:49:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 3 10:01:39 2025 GMT Not After : Dec 4 10:01:39 2025 GMT Subject: CN=f9cf6e6bf6ba6a1127b14e6fdab025fae711c644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:59:02:f3:63:49:67:c6:d4:7e:9d:6d:23:85: 8b:61:89:b8:d2:b0:ee:4d:34:ba:19:f3:0b:c2:c8: 36:e8:81:ab:c3:8c:b0:35:1e:b5:51:d8:48:73:c0: 45:71:7c:6f:ed:b1:75:6a:e0:f0:56:e2:4d:6f:69: 1e:f7:58:89:43:ac:ac:9e:f3:7d:c0:71:0e:89:b9: 97:20:2d:05:4d:ee:ce:28:74:22:67:85:30:08:a3: df:de:d2:a0:c7:1b:b2:dc:56:bd:85:51:55:d6:40: a1:d0:9c:54:d2:e2:9b:79:33:2a:ed:36:5e:0f:96: ec:23:a1:ca:64:78:1d:30:37:b2:a3:87:59:1d:e3: ab:2a:e7:a5:45:6f:ea:d6:e7:86:bc:e3:df:cb:3c: 59:46:a5:d7:d5:87:25:9f:2d:5a:1b:2f:8f:fd:0f: bf:bd:a5:fd:a3:9e:f7:b4:08:6d:74:19:27:18:b5: 24:40:3f:f1:7e:0b:53:c6:34:33:34:71:91:90:af: e7:49:72:96:61:02:52:7f:8d:70:97:47:df:c3:97: 1d:67:33:9c:f9:f4:5e:22:58:b4:c8:7c:24:68:20: 7f:aa:63:54:ff:a3:ee:2b:e0:71:0b:45:59:d6:39: ed:3f:b4:c5:a9:63:f7:31:0b:7f:3f:0f:69:df:11: 35:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:CF:6E:6B:F6:BA:6A:11:27:B1:4E:6F:DA:B0:25:FA:E7:11:C6:44 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:b1:e2:53:13:69:f8:c2:5d:57:2f:9b:0a:9d:91:93:18:9e: b1:07:11:d2:b2:b9:f9:8f:a6:60:e0:9b:26:db:d2:d7:b4:43: 32:3d:e1:e6:a8:a3:e4:55:a0:75:e2:96:a1:1b:47:f3:62:0a: 35:01:6b:a7:2a:67:29:a1:7f:9f:70:e9:4f:69:8e:f4:92:bf: 4f:7f:7d:8c:11:c1:8a:49:e6:bd:74:1e:df:5f:cb:51:62:c9: 47:dc:7a:b5:5b:70:d1:84:3d:f2:14:d6:47:87:d5:ed:13:0d: bc:06:d1:0f:86:22:71:7e:20:fe:1c:7b:79:95:4d:77:58:41: c2:e5:29:9d:b4:92:5f:54:8e:2b:c5:af:33:47:8a:f5:b9:40: 08:f6:aa:7a:da:ae:bd:e4:e9:c8:45:ad:c5:41:6e:b6:5a:89: c7:5f:44:47:dc:5e:2f:eb:28:d5:2f:77:89:84:77:77:bd:d6: 80:33:27:09:4d:45:e9:8b:0e:16:87:5e:41:69:5a:04:0b:8f: 01:2e:42:f4:35:55:c9:d1:98:f1:eb:74:06:39:9f:29:9b:a1: 4f:b4:6c:d8:8f:23:d3:96:ca:65:4a:b0:38:e0:8d:6c:db:62: 8e:cd:6d:29:94:49:57:9e:13:51:6b:8a:30:21:a7:ad:57:e3: e7:68:b6:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrjqRIOyLa/FUUvZ4AQAUlvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjAzMTAwMTM5WhcNMjUxMjA0MTAwMTM5WjAzMTEwLwYDVQQD EyhmOWNmNmU2YmY2YmE2YTExMjdiMTRlNmZkYWIwMjVmYWU3MTFjNjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlkC82NJZ8bUfp1tI4WLYYm40rDu TTS6GfMLwsg26IGrw4ywNR61UdhIc8BFcXxv7bF1auDwVuJNb2ke91iJQ6ysnvN9 wHEOibmXIC0FTe7OKHQiZ4UwCKPf3tKgxxuy3Fa9hVFV1kCh0JxU0uKbeTMq7TZe D5bsI6HKZHgdMDeyo4dZHeOrKuelRW/q1ueGvOPfyzxZRqXX1Yclny1aGy+P/Q+/ vaX9o573tAhtdBknGLUkQD/xfgtTxjQzNHGRkK/nSXKWYQJSf41wl0ffw5cdZzOc +fReIli0yHwkaCB/qmNU/6PuK+BxC0VZ1jntP7TFqWP3MQt/Pw9p3xE1qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPnPbmv2umoRJ7FOb9qwJfrnEcZEMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLHiUxNp +MJdVy+bCp2RkxiesQcR0rK5+Y+mYOCbJtvS17RDMj3h5qij5FWgdeKWoRtH82IK NQFrpypnKaF/n3DpT2mO9JK/T399jBHBiknmvXQe31/LUWLJR9x6tVtw0YQ98hTW R4fV7RMNvAbRD4YicX4g/hx7eZVNd1hBwuUpnbSSX1SOK8WvM0eK9blACPaqetqu veTpyEWtxUFutlqJx19ER9xeL+so1S93iYR3d73WgDMnCU1F6YsOFodeQWlaBAuP AS5C9DVVydGY8et0BjmfKZuhT7Rs2I8j05bKZUqwOOCNbNtijs1tKZRJV54TUWuK MCGnrVfj52i2jA== -----END CERTIFICATE-----Generated at Wed Dec 3 19:32:44 2025 by rpki-client