This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: YliWmrLBRjbOELRbY9yz8wiBpefwrIAoBnOMix6go7E= Subject key identifier: CA:0D:87:66:6F:6F:80:8F:F8:33:3C:34:E0:67:31:08:D7:18:DC:5E Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B30E7D6ADB822BC2F99DEA8D89A3E6C13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1715 Signing time: Thu 18 Dec 2025 10:00:58 +0000 Manifest this update: Thu 18 Dec 2025 10:00:58 +0000 Manifest next update: Fri 19 Dec 2025 10:00:58 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: daMfw5kyw7TDWLgQ5/k7DA883zbFBqFPSsAAARskNxM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e7:d6:ad:b8:22:bc:2f:99:de:a8:d8:9a:3e:6c:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 18 10:00:58 2025 GMT Not After : Dec 19 10:00:58 2025 GMT Subject: CN=ca0d87666f6f808ff8333c34e0673108d718dc5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:4c:10:7d:8f:44:5d:99:a5:08:bf:ec:b8:4b: d9:bb:c6:b9:d1:a3:57:a7:ac:02:04:75:08:0e:07: 5a:61:85:aa:00:d8:da:d1:8b:90:37:e9:33:a6:d0: 3c:a3:dc:94:de:dd:84:eb:e4:ed:19:db:82:82:0f: 29:30:d9:ba:e4:14:15:1b:f2:79:c2:5d:29:ff:54: 09:98:29:15:9f:9a:ee:60:88:f6:70:13:98:26:f0: 58:e8:10:ad:e4:1e:ad:09:96:d8:f6:94:b5:a3:25: 18:fa:ae:48:92:90:a0:42:82:cb:11:8a:ad:dd:73: 4b:a8:51:1c:e3:5c:82:19:1d:70:27:82:a2:10:76: 19:5e:16:ba:c1:12:bf:cc:8f:06:a8:49:36:b5:c0: 19:da:7b:98:b5:25:19:b7:27:d5:16:8d:49:eb:b3: 31:a3:b4:64:62:49:59:81:7c:a3:b8:45:37:0a:0a: 5c:28:2f:43:6d:16:93:3a:96:b7:d1:1a:9e:21:af: 1d:39:d3:d4:a6:bd:50:53:97:ff:5c:b4:b9:6d:c4: ac:03:3f:b1:f6:8d:f9:36:ce:9d:66:f1:3d:98:7d: 42:07:60:7a:26:e0:5d:a5:77:2f:d0:7e:c0:71:1f: 25:5f:43:eb:64:2d:97:02:9b:b7:77:d6:8a:68:69: 50:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:0D:87:66:6F:6F:80:8F:F8:33:3C:34:E0:67:31:08:D7:18:DC:5E X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:c7:6e:f7:08:21:77:f3:13:00:8b:0a:72:bd:b0:a9:bc:06: e2:9c:00:f1:fd:18:d1:32:a1:53:0b:37:d8:5b:aa:75:12:98: 3a:c0:85:46:db:14:8d:6b:f3:55:63:1c:68:71:bb:ae:1f:0f: 7b:10:7f:d3:61:d8:75:70:40:3d:de:e2:85:31:3c:d6:31:33: cd:b8:57:e9:8e:15:22:73:1b:32:de:25:5c:74:34:be:6d:2b: 13:57:60:fe:65:0c:a1:e4:40:9c:00:cd:97:ff:5b:0e:2f:17: 24:2d:17:c4:63:ec:1b:a4:7c:33:c1:e4:91:92:c2:a3:c6:c7: fa:4b:75:4c:a2:74:d2:a9:4b:3c:c3:60:47:db:5b:d2:d6:75: b0:24:8f:27:55:7b:bd:64:cd:f3:30:07:52:ff:01:d7:4a:55: 13:b3:d0:fc:80:bb:19:25:a5:1a:42:96:22:29:d0:32:b1:13: 69:cc:6b:05:98:ee:4c:d7:9b:da:34:f2:23:01:52:26:76:b2: 44:9f:3a:7d:ef:dd:6c:35:3e:fd:26:da:ba:83:59:ed:66:0d: a8:80:c1:39:19:98:9a:ad:14:1c:5b:8f:3f:07:34:c0:e2:82: 3c:fc:f3:c1:e8:65:0e:05:0f:9f:50:0a:f0:97:42:46:5d:63: 18:13:9b:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw59atuCK8L5neqNiaPmwTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjE4MTAwMDU4WhcNMjUxMjE5MTAwMDU4WjAzMTEwLwYDVQQD EyhjYTBkODc2NjZmNmY4MDhmZjgzMzNjMzRlMDY3MzEwOGQ3MThkYzVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUwQfY9EXZmlCL/suEvZu8a50aNX p6wCBHUIDgdaYYWqANja0YuQN+kzptA8o9yU3t2E6+TtGduCgg8pMNm65BQVG/J5 wl0p/1QJmCkVn5ruYIj2cBOYJvBY6BCt5B6tCZbY9pS1oyUY+q5IkpCgQoLLEYqt 3XNLqFEc41yCGR1wJ4KiEHYZXha6wRK/zI8GqEk2tcAZ2nuYtSUZtyfVFo1J67Mx o7RkYklZgXyjuEU3CgpcKC9DbRaTOpa30RqeIa8dOdPUpr1QU5f/XLS5bcSsAz+x 9o35Ns6dZvE9mH1CB2B6JuBdpXcv0H7AcR8lX0PrZC2XApu3d9aKaGlQawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMoNh2Zvb4CP+DM8NOBnMQjXGNxeMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMdu9wgh d/MTAIsKcr2wqbwG4pwA8f0Y0TKhUws32FuqdRKYOsCFRtsUjWvzVWMcaHG7rh8P exB/02HYdXBAPd7ihTE81jEzzbhX6Y4VInMbMt4lXHQ0vm0rE1dg/mUMoeRAnADN l/9bDi8XJC0XxGPsG6R8M8HkkZLCo8bH+kt1TKJ00qlLPMNgR9tb0tZ1sCSPJ1V7 vWTN8zAHUv8B10pVE7PQ/IC7GSWlGkKWIinQMrETacxrBZjuTNeb2jTyIwFSJnay RJ86fe/dbDU+/SbauoNZ7WYNqIDBORmYmq0UHFuPPwc0wOKCPPzzwehlDgUPn1AK 8JdCRl1jGBObWg== -----END CERTIFICATE-----Generated at Thu Dec 18 16:44:39 2025 by rpki-client