This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: TSoNtWOOcFEFZgTRDdAg2Cuvyv0Ghve5tdEqShplAMk= Subject key identifier: 76:BB:0C:44:E3:D2:11:A4:3C:05:85:09:1E:7F:FD:47:33:B9:B9:8F Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B38A21BDC75955C06732DD98129DA6E55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1719 Signing time: Fri 19 Dec 2025 22:01:46 +0000 Manifest this update: Fri 19 Dec 2025 22:01:46 +0000 Manifest next update: Sat 20 Dec 2025 22:01:46 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: 7zRsJTAYO2cxSsaSLjr1ypd1xlZ9B3qHXcacrD0CPnA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 17:13:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:1b:dc:75:95:5c:06:73:2d:d9:81:29:da:6e:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 19 22:01:46 2025 GMT Not After : Dec 20 22:01:46 2025 GMT Subject: CN=76bb0c44e3d211a43c0585091e7ffd4733b9b98f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:52:c5:b9:4e:c7:59:d2:9b:48:7f:63:63:11: e4:80:79:c2:d0:fb:b1:1f:af:8c:ce:0c:d7:27:6d: 2f:d3:3d:44:58:f2:60:d8:a9:03:24:e5:06:f7:d8: 75:d1:d2:eb:41:b4:29:57:02:6c:b2:47:5c:0c:73: 6d:22:4b:91:8a:ac:a8:1a:52:da:5c:bb:ec:65:bd: 05:76:8e:3c:67:fe:e6:a4:29:98:fc:8a:49:e6:97: f6:ee:ac:e7:ea:bf:66:26:7d:3e:1f:d9:b5:11:06: 9a:3c:43:63:31:e7:2e:44:fa:c0:82:31:3e:ae:b5: 2b:f4:63:9f:bd:e6:56:fe:3d:fe:62:4b:d8:e7:07: a1:9b:6d:fb:59:72:ad:f6:2f:2d:2d:06:1b:81:50: 5f:61:6f:7b:b0:68:ce:85:a0:e9:a1:3a:a5:e8:16: c0:5c:5d:19:c5:bd:68:9b:0d:74:8b:82:cf:28:82: f8:b3:cb:5a:36:28:d8:9e:c8:f3:e4:2c:18:94:e4: d2:25:d9:e6:0d:bc:79:cf:54:d1:80:f9:bb:2c:48: 50:c5:37:b5:3d:97:d9:b5:ac:7c:3c:09:53:76:d6: c2:f4:70:f5:0a:31:14:29:ae:dd:9a:28:2f:88:2f: ea:50:04:f9:cc:32:09:48:bb:37:ea:55:d5:cf:70: 65:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:BB:0C:44:E3:D2:11:A4:3C:05:85:09:1E:7F:FD:47:33:B9:B9:8F X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:8a:fa:96:c2:36:84:18:fc:28:71:e6:fb:3a:3c:64:fa:4f: 99:d5:b3:10:2a:cf:d4:18:38:6c:3c:7d:e4:3f:ae:da:a7:43: 52:eb:ca:51:db:a6:c4:61:0b:ad:c0:26:3c:b4:4c:54:6c:0c: 62:29:18:48:af:eb:d0:91:19:ed:0d:7a:32:d8:c4:6d:ef:08: 5c:5b:d8:f4:62:77:4b:2e:3b:80:ad:a7:57:e4:67:12:e5:25: 47:92:b5:42:c0:86:ed:eb:7d:2c:51:e2:1a:d4:ec:f7:f0:13: 69:bd:4b:59:d1:00:91:46:92:ba:e8:fb:b4:fa:c1:46:a8:f9: 2b:17:c7:9f:e8:a3:f7:d0:e9:eb:8b:f0:78:c2:c4:85:bd:f0: ea:7c:00:b7:13:e6:79:ea:29:4e:27:4a:0f:d7:ee:73:3a:ca: 10:dd:8c:e1:af:e6:a4:a1:d6:22:19:d3:b0:3d:8e:ee:68:0a: 82:ac:d9:84:fa:b0:7b:e4:a7:ed:c1:83:6d:a2:cf:eb:fc:b8: a4:69:3a:4b:c0:66:2a:f3:3c:d1:e3:b2:f7:11:a0:f6:1d:93: de:29:cf:fa:47:17:78:8d:de:5b:2e:4f:28:41:88:27:02:3d: ff:fe:8d:f8:e9:92:27:8b:28:6e:72:44:f1:6c:55:28:87:ce: 8b:65:f8:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4ohvcdZVcBnMt2YEp2m5VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjE5MjIwMTQ2WhcNMjUxMjIwMjIwMTQ2WjAzMTEwLwYDVQQD Eyg3NmJiMGM0NGUzZDIxMWE0M2MwNTg1MDkxZTdmZmQ0NzMzYjliOThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlLFuU7HWdKbSH9jYxHkgHnC0Pux H6+MzgzXJ20v0z1EWPJg2KkDJOUG99h10dLrQbQpVwJsskdcDHNtIkuRiqyoGlLa XLvsZb0Fdo48Z/7mpCmY/IpJ5pf27qzn6r9mJn0+H9m1EQaaPENjMecuRPrAgjE+ rrUr9GOfveZW/j3+YkvY5wehm237WXKt9i8tLQYbgVBfYW97sGjOhaDpoTql6BbA XF0Zxb1omw10i4LPKIL4s8taNijYnsjz5CwYlOTSJdnmDbx5z1TRgPm7LEhQxTe1 PZfZtax8PAlTdtbC9HD1CjEUKa7dmigviC/qUAT5zDIJSLs36lXVz3BlXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHa7DETj0hGkPAWFCR5//UczubmPMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMor6lsI2 hBj8KHHm+zo8ZPpPmdWzECrP1Bg4bDx95D+u2qdDUuvKUdumxGELrcAmPLRMVGwM YikYSK/r0JEZ7Q16MtjEbe8IXFvY9GJ3Sy47gK2nV+RnEuUlR5K1QsCG7et9LFHi GtTs9/ATab1LWdEAkUaSuuj7tPrBRqj5KxfHn+ij99Dp64vweMLEhb3w6nwAtxPm eeopTidKD9fuczrKEN2M4a/mpKHWIhnTsD2O7mgKgqzZhPqwe+Sn7cGDbaLP6/y4 pGk6S8BmKvM80eOy9xGg9h2T3inP+kcXeI3eWy5PKEGIJwI9//6N+OmSJ4sobnJE 8WxVKIfOi2X4eA== -----END CERTIFICATE-----Generated at Sat Dec 20 02:48:32 2025 by rpki-client