This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft File: XEXOsYsUpzcoK3WvC6Fs_9emq64.mft (raw, json) Hash identifier: zWBHyM7vc3BaRP31ODjskMq4cTfCFMQVWVESldct8QU= Subject key identifier: 43:24:28:BC:8D:69:E2:5C:07:A6:AD:EB:1D:AF:F9:BB:AD:6E:F6:E5 Authority key identifier: 5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE Certificate issuer: /CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae Certificate serial: 019B32689C36203D84B2138A4FF130DECBE4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft Manifest number: 0E1A Signing time: Thu 18 Dec 2025 17:01:15 +0000 Manifest this update: Thu 18 Dec 2025 17:01:15 +0000 Manifest next update: Fri 19 Dec 2025 17:01:15 +0000 Files and hashes: 1: E83frRAKntD4nIpmLLlDFnDmwrE.roa (hash: no2xUk2K6bJpEcjtJeTqAFy6TGnwm5W/7draqh+RfBA=) 2: XEXOsYsUpzcoK3WvC6Fs_9emq64.crl (hash: qNJNdOCJw053yNU7+hQAAW2iL23g2dqSLdHWA/NPPMY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:9c:36:20:3d:84:b2:13:8a:4f:f1:30:de:cb:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae Validity Not Before: Dec 18 17:01:15 2025 GMT Not After : Dec 19 17:01:15 2025 GMT Subject: CN=432428bc8d69e25c07a6adeb1daff9bbad6ef6e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a7:63:e3:c2:d1:d7:6b:7e:16:0e:59:97:39: 34:dd:ed:58:b9:19:24:d3:e5:3f:bd:8d:a1:91:50: 98:76:13:9f:9d:a9:7f:ee:23:bb:7e:91:f7:01:55: bc:0a:92:30:24:b5:a1:f3:22:7d:77:73:5f:d9:9d: 29:fa:40:53:12:23:1d:2e:43:77:96:be:d3:a1:d6: 5f:6d:f8:8b:16:46:ae:aa:91:f2:1e:93:b3:92:2e: 52:24:e7:b8:dc:d8:50:13:d9:34:eb:93:15:9d:13: f1:68:cd:51:55:f1:3e:e4:61:74:f7:b4:7c:04:37: d1:bc:9d:54:f6:60:f0:c2:6f:ca:7f:01:9d:5f:6d: bc:59:0e:bb:0c:ed:d2:94:04:e3:80:ce:21:90:7a: 34:e2:3b:0f:a1:e8:d6:b7:6c:6c:12:f5:28:52:8e: 72:5c:1a:22:80:a1:d9:c6:62:7f:6e:65:10:f5:9e: 64:49:1e:a3:a2:19:09:d8:72:ce:8c:64:5e:bc:89: 90:cb:81:25:c5:17:fb:ee:ae:19:36:38:7b:73:94: 57:a3:c6:08:b0:71:15:34:a4:16:55:8a:d5:2b:f2: b6:76:81:32:0c:8f:41:be:6f:71:e0:9a:ae:82:55: 3c:5d:51:d5:e5:a8:96:36:4d:06:07:06:a2:6b:ec: f8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:24:28:BC:8D:69:E2:5C:07:A6:AD:EB:1D:AF:F9:BB:AD:6E:F6:E5 X509v3 Authority Key Identifier: keyid:5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:0f:8f:82:f1:ce:81:cf:60:23:07:93:0e:d2:53:74:b8:44: a9:91:45:fb:6f:92:33:0c:4e:5d:7e:60:60:85:77:ca:a3:9b: 99:cf:81:5c:d6:e1:63:79:18:77:f2:d1:d7:8c:5c:5c:91:56: a7:30:fa:90:71:38:f8:e3:ce:22:48:12:03:a9:44:eb:63:3e: 5a:22:c0:36:17:85:92:86:f3:81:b7:86:0e:34:f5:8d:b9:95: 9b:42:3f:1f:a8:6b:eb:d9:20:6b:d4:b5:f5:39:c4:2c:8b:a9: 0b:04:57:c8:e4:2e:4a:f2:5f:5a:b4:01:24:fe:a0:b3:a1:15: 14:58:3f:aa:30:66:80:b0:75:e8:ce:c4:aa:df:f3:26:54:10: 4d:cf:67:0a:37:c5:9d:b9:82:52:74:c9:7b:76:71:32:d9:d8: 9f:6e:3f:7c:8c:c5:eb:45:22:b5:59:d1:be:75:d0:46:79:2f: a3:8b:4e:e8:73:3c:d6:36:25:cb:ac:73:27:01:d1:f7:29:9d: 48:4a:a4:e0:94:db:ad:76:0f:06:3e:b1:e3:ea:a4:57:f4:9a: 15:da:f8:e2:6e:57:5c:70:38:56:97:31:3a:c4:25:ec:c9:82: 92:00:b4:66:50:fc:b4:a6:a9:0c:bc:3c:00:c7:f6:34:d5:07: 2e:3f:c1:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaJw2ID2EshOKT/Ew3svkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNDVjZWIxOGIxNGE3MzcyODJiNzVhZjBiYTE2Y2ZmZDdh NmFiYWUwHhcNMjUxMjE4MTcwMTE1WhcNMjUxMjE5MTcwMTE1WjAzMTEwLwYDVQQD Eyg0MzI0MjhiYzhkNjllMjVjMDdhNmFkZWIxZGFmZjliYmFkNmVmNmU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76dj48LR12t+Fg5Zlzk03e1YuRkk 0+U/vY2hkVCYdhOfnal/7iO7fpH3AVW8CpIwJLWh8yJ9d3Nf2Z0p+kBTEiMdLkN3 lr7TodZfbfiLFkauqpHyHpOzki5SJOe43NhQE9k065MVnRPxaM1RVfE+5GF097R8 BDfRvJ1U9mDwwm/KfwGdX228WQ67DO3SlATjgM4hkHo04jsPoejWt2xsEvUoUo5y XBoigKHZxmJ/bmUQ9Z5kSR6johkJ2HLOjGRevImQy4ElxRf77q4ZNjh7c5RXo8YI sHEVNKQWVYrVK/K2doEyDI9Bvm9x4JquglU8XVHV5aiWNk0GBwaia+z4nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEMkKLyNaeJcB6at6x2v+butbvblMB8GA1UdIwQY MBaAFFxFzrGLFKc3KCt1rwuhbP/XpquuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUt YzYxYmY3NzQ5ZGY1LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUtYzYxYmY3NzQ5ZGY1 LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQw+PgvHO gc9gIweTDtJTdLhEqZFF+2+SMwxOXX5gYIV3yqObmc+BXNbhY3kYd/LR14xcXJFW pzD6kHE4+OPOIkgSA6lE62M+WiLANheFkobzgbeGDjT1jbmVm0I/H6hr69kga9S1 9TnELIupCwRXyOQuSvJfWrQBJP6gs6EVFFg/qjBmgLB16M7Eqt/zJlQQTc9nCjfF nbmCUnTJe3ZxMtnYn24/fIzF60UitVnRvnXQRnkvo4tO6HM81jYly6xzJwHR9ymd SEqk4JTbrXYPBj6x4+qkV/SaFdr44m5XXHA4VpcxOsQl7MmCkgC0ZlD8tKapDLw8 AMf2NNUHLj/BOg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:39:01 2025 by rpki-client