This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: UxhfOq2UnWJ4roS+u9DHwJ/H+pAb2fwuG+kALm7HYKk= Subject key identifier: DF:40:57:16:98:15:BB:FA:DB:22:46:35:2B:CC:FB:18:11:E1:58:0B Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AD43688860F5E20819BCA747403E9D4CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16E5 Signing time: Sun 30 Nov 2025 10:02:14 +0000 Manifest this update: Sun 30 Nov 2025 10:02:14 +0000 Manifest next update: Mon 01 Dec 2025 10:02:14 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: qLEea3RY/khcrNGEeyqImNGFopqTF4bkER58F2sPXYI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 01 Dec 2025 08:51:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d4:36:88:86:0f:5e:20:81:9b:ca:74:74:03:e9:d4:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Nov 30 10:02:14 2025 GMT Not After : Dec 1 10:02:14 2025 GMT Subject: CN=df4057169815bbfadb2246352bccfb1811e1580b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4b:82:e7:65:7b:d5:eb:7e:61:f2:0a:28:29: d7:92:a5:51:48:b6:34:f1:d2:56:d6:d3:23:32:b6: ca:6c:dc:05:eb:b1:44:09:23:63:a7:d5:59:b6:a6: c2:c6:a9:ac:23:a7:c2:0b:e8:8d:97:4e:0c:68:86: 79:58:4e:f5:80:9d:5c:3c:2d:46:ac:71:8b:53:f0: 62:d6:21:08:f1:33:b6:bc:ca:e0:38:a9:94:39:ae: 54:66:f6:12:61:b0:d2:47:17:3b:0a:7c:9c:0d:41: e5:7e:cc:e8:4c:c1:ce:8d:4a:26:f9:18:6d:50:5d: 7a:00:5a:f9:6b:30:bb:31:1d:29:ed:5c:1a:ac:9a: 98:32:e1:d0:28:a3:85:af:be:0a:70:73:35:8c:65: fc:32:d3:93:92:31:fc:6f:c9:56:4f:e3:ec:22:4f: 9a:a0:5b:3d:9d:78:a1:e4:8c:3d:0f:19:b1:d3:e5: c3:8c:d6:f7:97:80:98:21:6d:a8:09:a7:cf:47:64: a4:ec:a9:0b:df:20:3d:85:5b:ac:fd:d7:25:ab:58: 22:cb:09:99:00:6a:4e:a7:d4:5a:9c:7e:14:15:78: a9:ca:a7:52:2c:19:fd:16:ab:cc:1b:2d:b6:93:53: 62:e6:6a:74:4d:fd:99:35:82:d9:41:51:4e:20:cf: 08:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:40:57:16:98:15:BB:FA:DB:22:46:35:2B:CC:FB:18:11:E1:58:0B X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:85:ea:d1:60:0c:c9:e8:2b:12:55:c9:b7:c1:dc:06:4a:b4: 74:9d:c3:59:15:e8:7f:83:9c:96:16:7d:30:db:d6:b0:3f:87: 45:9a:bf:0b:87:ca:9a:56:31:83:40:46:dd:7f:9f:d2:e2:ab: 6e:bc:d2:4b:00:d4:3c:d4:01:3c:a1:84:e0:0b:9c:7f:c3:55: 3b:3f:89:25:86:b8:89:62:1d:4f:3c:28:b5:ae:da:01:25:ba: 9a:f2:94:82:59:19:4f:0b:2f:89:a3:fa:c9:1c:49:fe:da:06: 95:51:90:ef:7b:9a:58:1c:96:a1:42:35:21:e0:87:51:be:eb: 97:b8:f8:e0:5b:b2:92:26:2b:87:6f:b0:f5:e2:7e:7e:7a:cc: e7:a4:62:ba:fd:31:cf:09:97:7f:f7:4b:7f:f8:41:10:ef:4b: e3:e9:24:fc:04:35:98:a3:cd:bf:6d:e8:41:00:20:d2:17:86: 4e:a7:de:24:73:79:91:52:71:4a:4c:ff:1d:46:ab:39:10:bd: 40:85:7e:de:7d:3e:13:2e:e1:c2:ed:ca:eb:de:12:25:37:fb: b1:1f:29:b6:11:da:b2:11:31:17:42:3e:ab:a8:59:f3:a7:49: 60:d4:4f:d4:a8:ee:d4:33:c1:33:aa:8f:00:c0:26:be:b8:db: 9e:75:5d:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrUNoiGD14ggZvKdHQD6dTPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMTMwMTAwMjE0WhcNMjUxMjAxMTAwMjE0WjAzMTEwLwYDVQQD EyhkZjQwNTcxNjk4MTViYmZhZGIyMjQ2MzUyYmNjZmIxODExZTE1ODBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUuC52V71et+YfIKKCnXkqVRSLY0 8dJW1tMjMrbKbNwF67FECSNjp9VZtqbCxqmsI6fCC+iNl04MaIZ5WE71gJ1cPC1G rHGLU/Bi1iEI8TO2vMrgOKmUOa5UZvYSYbDSRxc7CnycDUHlfszoTMHOjUom+Rht UF16AFr5azC7MR0p7VwarJqYMuHQKKOFr74KcHM1jGX8MtOTkjH8b8lWT+PsIk+a oFs9nXih5Iw9Dxmx0+XDjNb3l4CYIW2oCafPR2Sk7KkL3yA9hVus/dclq1giywmZ AGpOp9RanH4UFXipyqdSLBn9FqvMGy22k1Ni5mp0Tf2ZNYLZQVFOIM8IFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN9AVxaYFbv62yJGNSvM+xgR4VgLMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIXq0WAM yegrElXJt8HcBkq0dJ3DWRXof4OclhZ9MNvWsD+HRZq/C4fKmlYxg0BG3X+f0uKr brzSSwDUPNQBPKGE4Aucf8NVOz+JJYa4iWIdTzwota7aASW6mvKUglkZTwsviaP6 yRxJ/toGlVGQ73uaWByWoUI1IeCHUb7rl7j44FuykiYrh2+w9eJ+fnrM56Riuv0x zwmXf/dLf/hBEO9L4+kk/AQ1mKPNv23oQQAg0heGTqfeJHN5kVJxSkz/HUarORC9 QIV+3n0+Ey7hwu3K694SJTf7sR8pthHashExF0I+q6hZ86dJYNRP1Kju1DPBM6qP AMAmvrjbnnVdqQ== -----END CERTIFICATE-----Generated at Sun Nov 30 15:12:08 2025 by rpki-client