This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: rnpnTQ57QJnM/jRqzye/J1VQ3eyaTcBU7BN22iL+zck= Subject key identifier: 9A:5D:F2:12:DF:58:D4:02:F9:CC:E6:F4:2D:A0:1E:CB:D3:0F:A4:14 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019AE9744B242C62F677F4A9D26F97D1A182 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 16F0 Signing time: Thu 04 Dec 2025 13:01:43 +0000 Manifest this update: Thu 04 Dec 2025 13:01:43 +0000 Manifest next update: Fri 05 Dec 2025 13:01:43 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: BvN4a4QDwlJ2rqNa/ZqRuwjgpiTRsbSSHlRnDK3WGFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 13:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e9:74:4b:24:2c:62:f6:77:f4:a9:d2:6f:97:d1:a1:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 4 13:01:43 2025 GMT Not After : Dec 5 13:01:43 2025 GMT Subject: CN=9a5df212df58d402f9cce6f42da01ecbd30fa414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a9:18:11:3e:8f:77:b5:b0:61:5b:4f:4a:51: 4e:eb:1d:1f:d1:5f:69:81:21:67:2b:5f:ad:55:53: 34:35:3e:4d:7f:f4:fe:b2:ad:21:66:ad:a2:66:8f: a3:47:a6:7c:c5:5c:63:cd:bb:eb:ac:47:d0:f3:43: 1b:05:31:fe:1f:e7:c0:e3:ba:e6:06:96:59:b9:54: aa:cd:0e:6b:06:5f:1b:a9:03:99:df:b8:09:1a:f7: c4:5a:65:7d:b4:22:c9:b5:9b:30:0c:bd:81:dc:d2: 2b:a8:e0:59:84:e8:d8:1f:8f:0b:ab:fa:c3:e1:13: 76:ab:86:9e:5a:08:96:9a:d6:c5:83:aa:48:60:29: 75:c3:fa:7d:cb:ca:ef:fe:8b:03:5a:bb:d9:e3:87: 47:de:2f:e9:63:f9:bc:c3:9f:74:21:96:d7:55:ab: fe:b9:e4:01:77:f7:b1:bd:95:96:3f:8e:82:dd:72: 4e:f4:6d:9c:1a:10:d5:37:ee:37:68:0d:49:23:52: 2c:1c:0e:7e:d6:4e:a9:e7:f9:d4:9a:b2:77:50:c8: 81:e7:3a:92:ca:03:70:a7:4c:16:1f:f2:1f:b0:a4: 5c:83:d8:80:d4:37:3c:e0:12:1f:7a:d0:3a:3d:c3: e4:50:ae:80:c3:c5:37:87:61:dc:8d:de:8e:9e:ac: 7f:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:5D:F2:12:DF:58:D4:02:F9:CC:E6:F4:2D:A0:1E:CB:D3:0F:A4:14 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:c1:f1:8e:13:b8:60:22:29:47:9e:02:be:27:84:57:8a:76: e8:56:a3:49:91:5e:d0:05:ec:61:01:1a:a6:72:73:8c:8c:b7: 39:e2:1f:08:dc:65:ac:82:a3:fc:31:90:d2:fd:40:4f:e8:04: be:2f:16:7d:60:fd:c7:a9:ed:86:81:66:35:e9:82:6c:13:8e: cd:05:b2:7e:87:36:f9:20:6f:bd:87:b0:a8:19:d3:95:0c:57: 2b:09:df:cf:09:57:b5:bc:06:c8:db:c1:ae:9a:4f:ea:84:c3: bf:15:c3:f9:51:07:dc:9a:9d:bf:d1:17:07:58:d2:d5:cb:06: 3d:41:b6:1c:c4:9a:31:1c:fa:60:84:3b:17:84:f5:7f:4f:21: f3:7e:b2:85:1a:c4:0e:05:e1:28:a0:2f:d8:d1:fd:35:8f:d6: 24:14:88:03:55:9f:5f:a8:72:eb:88:ae:f2:05:ec:2f:6d:18: b4:16:e9:dd:79:a9:12:c7:c5:80:98:e9:95:77:51:49:fd:c6: e9:18:ff:e4:c9:30:f5:6c:62:09:10:7e:06:72:18:b0:a8:41: 3a:fd:48:40:5f:c4:a9:b8:5a:bf:a0:7b:f1:a2:4b:b7:f2:7e: 0e:bc:1c:d3:ee:16:29:d3:f2:52:cc:00:18:5f:64:a6:18:3e: 1a:1d:0c:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrpdEskLGL2d/Sp0m+X0aGCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjA0MTMwMTQzWhcNMjUxMjA1MTMwMTQzWjAzMTEwLwYDVQQD Eyg5YTVkZjIxMmRmNThkNDAyZjljY2U2ZjQyZGEwMWVjYmQzMGZhNDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26kYET6Pd7WwYVtPSlFO6x0f0V9p gSFnK1+tVVM0NT5Nf/T+sq0hZq2iZo+jR6Z8xVxjzbvrrEfQ80MbBTH+H+fA47rm BpZZuVSqzQ5rBl8bqQOZ37gJGvfEWmV9tCLJtZswDL2B3NIrqOBZhOjYH48Lq/rD 4RN2q4aeWgiWmtbFg6pIYCl1w/p9y8rv/osDWrvZ44dH3i/pY/m8w590IZbXVav+ ueQBd/exvZWWP46C3XJO9G2cGhDVN+43aA1JI1IsHA5+1k6p5/nUmrJ3UMiB5zqS ygNwp0wWH/IfsKRcg9iA1Dc84BIfetA6PcPkUK6Aw8U3h2Hcjd6Onqx/iQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJpd8hLfWNQC+czm9C2gHsvTD6QUMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZsHxjhO4 YCIpR54CvieEV4p26FajSZFe0AXsYQEapnJzjIy3OeIfCNxlrIKj/DGQ0v1AT+gE vi8WfWD9x6nthoFmNemCbBOOzQWyfoc2+SBvvYewqBnTlQxXKwnfzwlXtbwGyNvB rppP6oTDvxXD+VEH3Jqdv9EXB1jS1csGPUG2HMSaMRz6YIQ7F4T1f08h836yhRrE DgXhKKAv2NH9NY/WJBSIA1WfX6hy64iu8gXsL20YtBbp3XmpEsfFgJjplXdRSf3G 6Rj/5Mkw9WxiCRB+BnIYsKhBOv1IQF/Eqbhav6B78aJLt/J+Drwc0+4WKdPyUswA GF9kphg+Gh0M6w== -----END CERTIFICATE-----Generated at Thu Dec 4 19:58:15 2025 by rpki-client