This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: M9MXK1wof7AtXyZUtNgMxmtnMIitNt4n4ZtDox2dFhk= Subject key identifier: 3E:06:E6:80:5C:07:6F:F6:03:4B:E4:74:CE:FF:C1:30:ED:B1:1F:BA Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019A9A46DA555207AF7C5D41B8C781DED625 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16C7 Signing time: Wed 19 Nov 2025 04:02:05 +0000 Manifest this update: Wed 19 Nov 2025 04:02:05 +0000 Manifest next update: Thu 20 Nov 2025 04:02:05 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: kYpxX9mfaOUxVWOx1zyCVNDGH2ksjGhFALv+I2gxiP8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 20 Nov 2025 04:02:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9a:46:da:55:52:07:af:7c:5d:41:b8:c7:81:de:d6:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Nov 19 04:02:05 2025 GMT Not After : Nov 20 04:02:05 2025 GMT Subject: CN=3e06e6805c076ff6034be474ceffc130edb11fba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:07:f1:58:45:f3:96:4b:9b:c9:1d:0b:6f:c6: 8e:36:e4:9f:f3:ca:de:9b:fa:fa:c1:62:d3:b3:3e: f2:79:2c:15:e2:4b:22:35:8c:06:d8:64:55:77:ba: 6f:68:00:0e:3c:07:d1:2d:d8:c3:d4:2b:39:84:ba: 60:d9:03:80:2a:b7:cc:51:9f:76:56:c3:a2:b0:ad: da:82:cd:d0:fe:45:cd:0b:7a:54:bd:97:a8:b7:59: 28:99:3a:6a:32:22:59:1a:0c:17:e7:0c:12:50:3c: 8f:2e:52:0a:ec:db:1e:72:cf:8a:9e:72:87:da:4e: 64:b7:76:40:5d:39:78:fd:81:85:ec:de:c8:6b:a3: 30:67:ef:6c:9c:ce:06:b5:f7:6f:00:35:c6:89:74: 8c:3c:96:73:a9:b5:59:8d:eb:b9:90:6d:d0:0b:36: 27:52:1d:56:02:62:ad:6a:54:5e:c8:c5:c4:55:a0: e8:1d:07:96:e5:fc:10:bb:69:d2:e6:8b:e0:7a:8f: 8f:02:a6:48:b2:0a:c5:1c:98:23:f6:fa:0e:b2:e9: ea:34:62:33:73:ad:9b:f2:9c:66:b7:0f:50:75:ad: 0c:ac:13:da:17:81:d9:99:cf:80:77:61:a2:3d:12: ee:4c:9a:f9:3d:a4:cf:87:0f:a9:3a:b1:19:66:d7: 4c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:06:E6:80:5C:07:6F:F6:03:4B:E4:74:CE:FF:C1:30:ED:B1:1F:BA X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:41:df:1a:75:a0:53:41:be:e6:b3:b6:b1:63:a4:e1:99:4a: 2f:d2:a6:30:05:41:b4:c4:59:9a:f2:ad:87:55:53:f2:6b:fa: 10:12:98:67:eb:3e:09:b2:0e:5a:70:6e:0a:d0:ee:4c:ed:81: fb:22:a4:7c:0f:49:ed:c6:7a:d0:cb:b4:05:5a:80:f9:c4:ca: 00:3f:7f:71:ea:45:65:48:0b:27:05:a6:0e:9c:28:96:89:c1: ea:27:6f:c2:56:82:11:62:b1:49:fe:a8:42:bb:2c:56:0f:6f: 42:b3:ca:a5:b1:70:d5:21:44:d9:14:0e:a6:a8:d0:b3:f7:4a: e8:bb:69:6a:5f:6d:b4:32:6a:7d:de:55:37:5d:76:08:d8:3a: 89:a9:ad:0e:7f:ef:20:6d:ed:9c:84:10:b8:fd:af:5f:f7:b2: e3:42:07:6d:0f:89:92:62:b5:e0:e1:ba:e4:6c:34:e7:3b:67: 71:ce:62:7d:47:84:ae:f1:3c:28:2e:89:e6:03:c2:4d:7b:09: e9:d3:2e:c9:c0:57:ff:dd:66:be:ed:43:7d:ee:b9:2c:b3:ed: 91:35:35:91:fd:9b:37:7e:2c:13:5a:36:93:f6:20:b7:88:ee: cb:9c:66:f8:e9:9a:67:b8:ab:bd:48:cc:27:dd:49:a3:c3:f6: 0d:76:bc:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqaRtpVUgevfF1BuMeB3tYlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMTE5MDQwMjA1WhcNMjUxMTIwMDQwMjA1WjAzMTEwLwYDVQQD EygzZTA2ZTY4MDVjMDc2ZmY2MDM0YmU0NzRjZWZmYzEzMGVkYjExZmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngfxWEXzlkubyR0Lb8aONuSf88re m/r6wWLTsz7yeSwV4ksiNYwG2GRVd7pvaAAOPAfRLdjD1Cs5hLpg2QOAKrfMUZ92 VsOisK3ags3Q/kXNC3pUvZeot1komTpqMiJZGgwX5wwSUDyPLlIK7Nsecs+KnnKH 2k5kt3ZAXTl4/YGF7N7Ia6MwZ+9snM4GtfdvADXGiXSMPJZzqbVZjeu5kG3QCzYn Uh1WAmKtalReyMXEVaDoHQeW5fwQu2nS5ovgeo+PAqZIsgrFHJgj9voOsunqNGIz c62b8pxmtw9Qda0MrBPaF4HZmc+Ad2GiPRLuTJr5PaTPhw+pOrEZZtdMgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD4G5oBcB2/2A0vkdM7/wTDtsR+6MB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATkHfGnWg U0G+5rO2sWOk4ZlKL9KmMAVBtMRZmvKth1VT8mv6EBKYZ+s+CbIOWnBuCtDuTO2B +yKkfA9J7cZ60Mu0BVqA+cTKAD9/cepFZUgLJwWmDpwolonB6idvwlaCEWKxSf6o QrssVg9vQrPKpbFw1SFE2RQOpqjQs/dK6Ltpal9ttDJqfd5VN112CNg6iamtDn/v IG3tnIQQuP2vX/ey40IHbQ+JkmK14OG65Gw05ztncc5ifUeErvE8KC6J5gPCTXsJ 6dMuycBX/91mvu1Dfe65LLPtkTU1kf2bN34sE1o2k/Ygt4juy5xm+OmaZ7irvUjM J91Jo8P2DXa8Lw== -----END CERTIFICATE-----Generated at Wed Nov 19 11:13:12 2025 by rpki-client