This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: 5Jl8bpND3AdXu0UyHsp0ff321BvGkO3WNvixs3ex9Kg= Subject key identifier: 10:6A:5E:DA:AA:C6:3C:91:2C:F1:75:04:1F:D6:79:7C:64:16:8F:5D Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B4DDFA0F750A880C63770BA5B9DCC0573 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1724 Signing time: Wed 24 Dec 2025 01:00:59 +0000 Manifest this update: Wed 24 Dec 2025 01:00:59 +0000 Manifest next update: Thu 25 Dec 2025 01:00:59 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: ofY/yKZA98SvZ9TknZpGiyAmrZ4v1t66ukp+WvQn8EM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 01:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:df:a0:f7:50:a8:80:c6:37:70:ba:5b:9d:cc:05:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 24 01:00:59 2025 GMT Not After : Dec 25 01:00:59 2025 GMT Subject: CN=106a5edaaac63c912cf175041fd6797c64168f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ea:e8:f2:9e:87:49:47:c4:67:1e:1b:78:a9: 9d:b5:22:66:19:be:82:6e:4a:76:81:68:f9:f6:ff: 8b:c1:c7:58:80:3a:b6:d3:0e:c4:18:7d:29:74:90: 88:df:da:78:91:f6:57:d9:e3:01:c1:3a:c4:5d:43: bc:a0:f0:a0:b7:09:92:9a:ad:2d:60:8a:02:8d:2c: 01:b3:17:18:1c:d8:ba:47:e7:11:49:a9:45:f0:50: 5b:26:33:63:c2:86:04:74:03:ce:3f:0e:48:52:a8: ee:6e:9b:ac:6e:86:91:e9:e0:6e:27:61:1b:df:a7: 2d:9e:f3:6a:76:85:87:95:64:15:ad:67:de:e1:95: f9:df:2c:4b:8d:08:ca:c3:94:50:91:bf:1f:78:1f: 34:99:13:0a:f6:9e:42:97:3b:c2:ad:87:19:d3:3e: 7b:cf:1e:89:1e:c3:2c:0c:1f:5f:82:2a:7f:55:dd: 8f:04:c3:21:90:94:e3:bc:7c:0c:43:d3:41:27:ac: 75:fb:88:a0:a7:e9:0d:ec:96:79:5a:80:88:48:32: cb:45:a7:f1:96:c6:92:9c:4c:45:b1:2c:f3:66:59: 58:81:c5:1f:b7:5b:2b:3c:26:0f:57:1c:a7:f5:99: 06:74:cb:a8:f6:e2:e1:f7:ad:bf:c0:67:30:26:86: 6b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:6A:5E:DA:AA:C6:3C:91:2C:F1:75:04:1F:D6:79:7C:64:16:8F:5D X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:d4:fe:18:0d:73:54:4d:2a:50:b8:5b:9c:ff:ae:40:68:0b: bf:94:ce:4c:bc:ca:9a:88:54:70:a1:29:0f:69:87:89:9a:ca: 26:28:d4:e4:23:bb:eb:2b:cc:92:23:61:f8:1b:61:6b:74:30: 97:00:a9:8f:39:44:4f:54:03:dc:4b:cc:b4:aa:df:8f:94:f0: 97:7d:59:1a:bd:57:0d:8c:68:07:be:04:b6:ae:1b:6d:1d:b8: 2a:52:ec:b1:12:cd:c6:0f:15:8c:70:3b:b4:35:30:4d:47:5f: 4d:6d:6d:88:63:91:d9:cf:a3:b0:72:6a:9e:c3:6d:5c:4d:3a: 43:a9:af:a7:e1:b3:a5:9b:d8:b4:d1:13:af:63:95:96:0a:7c: 41:e6:3b:3a:6c:c9:bd:94:b1:5e:d3:c9:2e:3b:b9:0f:56:8f: 4d:19:c2:bc:64:d8:e4:9d:48:31:a8:a3:16:c9:9c:0c:06:33: 9e:0d:fe:58:ad:06:66:21:80:2c:16:56:3f:55:c0:45:92:dd: 2c:3e:5c:37:c4:93:90:d7:90:28:ba:ab:6f:32:04:c6:ce:c9: 34:7b:c1:da:df:4a:83:10:57:d6:2b:6b:e6:da:14:38:c5:f9: 27:e2:36:17:47:9b:a3:14:77:94:cb:80:ef:a1:71:3c:9b:18: f7:5d:df:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN36D3UKiAxjdwuludzAVzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjI0MDEwMDU5WhcNMjUxMjI1MDEwMDU5WjAzMTEwLwYDVQQD EygxMDZhNWVkYWFhYzYzYzkxMmNmMTc1MDQxZmQ2Nzk3YzY0MTY4ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+ro8p6HSUfEZx4beKmdtSJmGb6C bkp2gWj59v+LwcdYgDq20w7EGH0pdJCI39p4kfZX2eMBwTrEXUO8oPCgtwmSmq0t YIoCjSwBsxcYHNi6R+cRSalF8FBbJjNjwoYEdAPOPw5IUqjubpusboaR6eBuJ2Eb 36ctnvNqdoWHlWQVrWfe4ZX53yxLjQjKw5RQkb8feB80mRMK9p5ClzvCrYcZ0z57 zx6JHsMsDB9fgip/Vd2PBMMhkJTjvHwMQ9NBJ6x1+4igp+kN7JZ5WoCISDLLRafx lsaSnExFsSzzZllYgcUft1srPCYPVxyn9ZkGdMuo9uLh962/wGcwJoZrjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBBqXtqqxjyRLPF1BB/WeXxkFo9dMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm9T+GA1z VE0qULhbnP+uQGgLv5TOTLzKmohUcKEpD2mHiZrKJijU5CO76yvMkiNh+Btha3Qw lwCpjzlET1QD3EvMtKrfj5Twl31ZGr1XDYxoB74Etq4bbR24KlLssRLNxg8VjHA7 tDUwTUdfTW1tiGOR2c+jsHJqnsNtXE06Q6mvp+GzpZvYtNETr2OVlgp8QeY7OmzJ vZSxXtPJLju5D1aPTRnCvGTY5J1IMaijFsmcDAYzng3+WK0GZiGALBZWP1XARZLd LD5cN8STkNeQKLqrbzIExs7JNHvB2t9KgxBX1itr5toUOMX5J+I2F0eboxR3lMuA 76FxPJsY913fEw== -----END CERTIFICATE-----Generated at Wed Dec 24 11:12:33 2025 by rpki-client