This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json) Hash identifier: gB1f8aYZSFg7SkdYtS9noxLJuPJBRYJyGJJCef1myZY= Subject key identifier: 99:73:67:11:C1:22:A9:83:FF:38:0E:AA:C8:B2:DA:29:BA:59:D0:96 Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d Certificate serial: 019B0747826A20A2A9153898149CB381A2A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft Manifest number: 16FE Signing time: Wed 10 Dec 2025 08:01:25 +0000 Manifest this update: Wed 10 Dec 2025 08:01:25 +0000 Manifest next update: Thu 11 Dec 2025 08:01:25 +0000 Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=) 2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: ysWQTNBpbdlXPy00oXHOvyzpukE0+ie6GAlUrTdTdaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:07:47:82:6a:20:a2:a9:15:38:98:14:9c:b3:81:a2:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d Validity Not Before: Dec 10 08:01:25 2025 GMT Not After : Dec 11 08:01:25 2025 GMT Subject: CN=99736711c122a983ff380eaac8b2da29ba59d096 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:82:bc:26:6b:25:bd:05:19:d0:c2:43:25:cb: 11:c7:7e:f6:49:2c:e5:d8:8f:44:60:4d:24:b1:07: 57:9b:ae:f4:24:ce:97:32:ef:71:d6:7e:2a:36:b1: 22:8f:de:c9:f5:16:91:78:11:af:58:12:de:dc:89: 6a:27:07:ff:ef:45:62:53:08:08:89:19:9f:2a:f3: 68:6a:d4:53:08:7f:69:2f:7d:00:b4:ad:71:4b:73: 03:ae:7a:10:75:54:2b:59:d0:b6:3f:29:c1:b1:c6: cc:3c:21:b8:d3:99:fb:cd:d6:f2:1a:20:e4:8c:51: 6a:d9:14:a3:e0:9c:4c:e6:75:e6:c1:2c:aa:fa:09: 0a:9d:4c:20:e9:0c:69:30:9e:a8:6e:56:23:d5:80: 0b:d9:ab:1a:1a:a0:b2:3e:7f:90:3a:a4:6b:9c:0a: d0:19:fe:86:4f:9d:f9:ff:a7:bb:b8:64:ef:ec:d2: a9:dc:6c:08:5c:9a:87:99:71:58:02:8a:a6:ce:76: fa:35:53:29:bc:93:c5:a5:fd:e0:d3:29:8e:2d:e9: c8:24:50:f7:28:f2:02:2e:5a:6e:c9:f2:e6:f0:0c: 9c:35:23:43:2c:3d:e5:2e:b4:3b:40:76:02:39:c6: ad:f6:b3:24:80:82:cc:29:c3:e0:01:c1:fc:e9:31: 3a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:73:67:11:C1:22:A9:83:FF:38:0E:AA:C8:B2:DA:29:BA:59:D0:96 X509v3 Authority Key Identifier: keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:f2:89:c0:60:ae:14:8d:da:77:d5:24:88:c9:d2:53:85:0e: 86:77:86:8a:11:9e:56:29:a5:48:ee:18:40:1b:d3:58:27:a0: d9:da:fa:8a:ae:c7:dd:e3:55:69:da:5d:f8:f5:6f:e1:a7:ef: 45:ab:7e:0f:9b:53:77:9e:01:ef:9f:1c:80:54:77:1e:06:54: 3c:73:87:a2:35:5c:9e:b8:22:29:07:e4:c2:50:0e:07:b4:60: ef:7f:6e:a8:ae:6b:3e:64:f6:5f:a7:9e:a3:25:ab:27:f7:76: 36:24:93:7a:0e:40:67:68:04:39:6e:65:75:3c:54:71:a3:48: d5:78:dd:e6:45:9d:60:bb:d3:53:1f:92:c6:31:3a:ff:dd:25: 91:c3:2f:90:be:04:29:dc:83:61:5e:b2:da:87:20:0c:ff:dc: 4d:f3:4a:b1:d3:b3:0f:e3:bc:33:7c:46:9f:1e:36:5a:90:bb: 82:5d:ab:f5:07:ef:3b:a8:29:d6:5d:aa:9f:22:22:e2:5c:93: 1e:45:52:fe:0e:df:8b:6c:87:da:c0:aa:f8:6f:27:28:a7:31: 0d:3d:0d:3d:ab:ef:58:a6:12:7b:c8:d7:0b:9f:f7:9b:2a:e7: 42:5d:98:bf:8a:d4:c7:e3:94:27:01:48:01:76:97:2d:19:2d: 3a:9c:40:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsHR4JqIKKpFTiYFJyzgaKoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw MzA5NGQwHhcNMjUxMjEwMDgwMTI1WhcNMjUxMjExMDgwMTI1WjAzMTEwLwYDVQQD Eyg5OTczNjcxMWMxMjJhOTgzZmYzODBlYWFjOGIyZGEyOWJhNTlkMDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4K8JmslvQUZ0MJDJcsRx372SSzl 2I9EYE0ksQdXm670JM6XMu9x1n4qNrEij97J9RaReBGvWBLe3IlqJwf/70ViUwgI iRmfKvNoatRTCH9pL30AtK1xS3MDrnoQdVQrWdC2PynBscbMPCG405n7zdbyGiDk jFFq2RSj4JxM5nXmwSyq+gkKnUwg6QxpMJ6oblYj1YAL2asaGqCyPn+QOqRrnArQ Gf6GT535/6e7uGTv7NKp3GwIXJqHmXFYAoqmznb6NVMpvJPFpf3g0ymOLenIJFD3 KPICLlpuyfLm8AycNSNDLD3lLrQ7QHYCOcat9rMkgILMKcPgAcH86TE6hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJlzZxHBIqmD/zgOqsiy2im6WdCWMB8GA1UdIwQY MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2 LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEfKJwGCu FI3ad9UkiMnSU4UOhneGihGeVimlSO4YQBvTWCeg2dr6iq7H3eNVadpd+PVv4afv Rat+D5tTd54B758cgFR3HgZUPHOHojVcnrgiKQfkwlAOB7Rg739uqK5rPmT2X6ee oyWrJ/d2NiSTeg5AZ2gEOW5ldTxUcaNI1Xjd5kWdYLvTUx+SxjE6/90lkcMvkL4E KdyDYV6y2ocgDP/cTfNKsdOzD+O8M3xGnx42WpC7gl2r9QfvO6gp1l2qnyIi4lyT HkVS/g7fi2yH2sCq+G8nKKcxDT0NPavvWKYSe8jXC5/3myrnQl2Yv4rUx+OUJwFI AXaXLRktOpxAQg== -----END CERTIFICATE-----Generated at Wed Dec 10 09:45:29 2025 by rpki-client