This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.mft File: xTtM8KdHHwAPilagSbFjlnzDvZk.mft (raw, json) Hash identifier: /1tNwWWkPk7Dij1Zt8GiKtHOIIaOgQit8wD/6ebMOw0= Subject key identifier: 75:84:AA:B2:3B:02:36:25:0D:CD:C1:88:E4:57:58:27:41:AA:37:B0 Authority key identifier: C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99 Certificate issuer: /CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99 Certificate serial: 019B3456A951BF6C040A930DB6A22BCE827D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.mft Manifest number: 16A2 Signing time: Fri 19 Dec 2025 02:00:53 +0000 Manifest this update: Fri 19 Dec 2025 02:00:53 +0000 Manifest next update: Sat 20 Dec 2025 02:00:53 +0000 Files and hashes: 1: 602Z4NiRUVoUbtoD2a1_hKZKM5w.roa (hash: 3NgwOwVM6/UTanDsySZE3RJFx37z0Ri4EFGUt0jIqTA=) 2: xTtM8KdHHwAPilagSbFjlnzDvZk.crl (hash: dNDZck6jTf7Y1AEkskbVCas9Fq7lzU8MYMKj9UlIleY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.crl rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.mft rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:56:a9:51:bf:6c:04:0a:93:0d:b6:a2:2b:ce:82:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c53b4cf0a7471f000f8a56a049b163967cc3bd99 Validity Not Before: Dec 19 02:00:53 2025 GMT Not After : Dec 20 02:00:53 2025 GMT Subject: CN=7584aab23b0236250dcdc188e457582741aa37b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c8:e7:d3:15:aa:c3:e7:b6:4e:7f:a1:e5:d4: 27:bb:89:e0:df:37:5b:94:aa:8c:62:ff:c3:5c:7b: 30:bb:56:ce:42:9f:b8:4e:3a:1c:a8:48:de:4d:6d: 77:0a:a3:b9:fd:8a:f9:19:9c:58:30:e9:19:70:4c: 21:bf:19:f9:78:f9:4d:17:65:8d:cb:bf:a2:20:d2: 74:ce:af:1a:a9:d2:61:ba:94:68:e6:c7:a4:94:04: 18:2a:52:86:06:2b:47:dc:81:c3:37:03:70:08:2f: 2b:5b:4b:e2:35:58:24:10:b2:c0:42:b5:57:08:9f: af:e0:f2:1b:ce:b7:c6:85:6e:15:0a:a2:0b:48:dd: 95:7c:16:53:ac:96:9f:9a:4d:16:d6:d7:ff:0c:a7: ff:5d:01:be:c9:0d:da:36:01:6c:f0:90:89:28:8f: 9d:16:7d:19:d5:b4:2c:ba:e9:78:64:f5:25:b1:dd: a6:33:cb:aa:a7:49:8a:00:ba:40:65:11:07:40:d0: a3:19:61:ca:52:26:aa:7e:79:22:e9:5d:ad:57:98: a4:63:e1:83:2c:a2:5a:02:4b:8a:66:33:f2:e0:b8: 07:12:03:46:b9:2d:66:ed:58:9e:13:be:c7:38:9e: 04:61:df:11:8a:91:65:e9:c0:46:f0:de:89:62:9a: dc:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:84:AA:B2:3B:02:36:25:0D:CD:C1:88:E4:57:58:27:41:AA:37:B0 X509v3 Authority Key Identifier: keyid:C5:3B:4C:F0:A7:47:1F:00:0F:8A:56:A0:49:B1:63:96:7C:C3:BD:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTtM8KdHHwAPilagSbFjlnzDvZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bb2b75-bc02-4a6b-98d6-d84e6d3af975/1/xTtM8KdHHwAPilagSbFjlnzDvZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:f2:f1:cd:49:31:1d:86:ea:e2:f1:47:8e:f4:dc:47:3f:f1: 6c:92:08:9e:1e:9a:75:07:74:e5:bb:f9:17:fd:28:d1:19:39: ce:4f:22:7c:f6:0a:83:9f:c0:f7:43:58:f6:34:de:ac:ef:15: d0:4e:3c:e9:4b:fc:5d:4c:e6:40:ca:0c:ba:69:f6:ef:96:fd: d0:d8:de:f4:a6:80:73:c2:b8:66:2a:55:0e:a8:b1:0e:b0:f4: fd:eb:fc:4b:ac:c2:c1:e4:6f:e0:22:99:55:02:d4:0a:5f:cf: 65:3f:53:fd:8d:25:9b:81:15:a8:ec:f3:8c:68:62:a4:f1:57: 9f:eb:01:97:ab:bf:40:6b:c2:e4:92:b3:2c:b8:ee:29:54:fa: 8d:cd:64:c0:fe:e3:3a:9c:df:49:ab:b4:be:13:04:5e:d2:7d: 7c:fa:a0:f1:45:7c:f0:de:6f:6f:7c:31:30:a3:63:38:85:a7: 03:f0:a8:d1:e1:67:98:bd:fe:75:f5:cb:54:40:08:dc:1c:52: 88:3b:55:2a:87:f6:91:fd:cc:79:05:3e:0b:84:ad:15:d5:1b: 24:ca:9a:f9:4e:35:2d:79:ed:69:b1:fe:cf:10:78:70:e7:69: eb:1b:17:ad:2b:f5:5f:3f:14:6e:b8:83:c1:94:3c:fb:c3:f8: a5:52:76:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0VqlRv2wECpMNtqIrzoJ9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1M2I0Y2YwYTc0NzFmMDAwZjhhNTZhMDQ5YjE2Mzk2N2Nj M2JkOTkwHhcNMjUxMjE5MDIwMDUzWhcNMjUxMjIwMDIwMDUzWjAzMTEwLwYDVQQD Eyg3NTg0YWFiMjNiMDIzNjI1MGRjZGMxODhlNDU3NTgyNzQxYWEzN2IwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcjn0xWqw+e2Tn+h5dQnu4ng3zdb lKqMYv/DXHswu1bOQp+4TjocqEjeTW13CqO5/Yr5GZxYMOkZcEwhvxn5ePlNF2WN y7+iINJ0zq8aqdJhupRo5seklAQYKlKGBitH3IHDNwNwCC8rW0viNVgkELLAQrVX CJ+v4PIbzrfGhW4VCqILSN2VfBZTrJafmk0W1tf/DKf/XQG+yQ3aNgFs8JCJKI+d Fn0Z1bQsuul4ZPUlsd2mM8uqp0mKALpAZREHQNCjGWHKUiaqfnki6V2tV5ikY+GD LKJaAkuKZjPy4LgHEgNGuS1m7VieE77HOJ4EYd8RipFl6cBG8N6JYprcCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHWEqrI7AjYlDc3BiORXWCdBqjewMB8GA1UdIwQY MBaAFMU7TPCnRx8AD4pWoEmxY5Z8w72ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFR0TThLZEhId0FQaWxhZ1NiRmpsbnpEdlprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iYjJiNzUtYmMwMi00YTZiLTk4ZDYt ZDg0ZTZkM2FmOTc1LzEveFR0TThLZEhId0FQaWxhZ1NiRmpsbnpEdlprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9iYjJiNzUtYmMwMi00YTZiLTk4ZDYtZDg0ZTZkM2FmOTc1 LzEveFR0TThLZEhId0FQaWxhZ1NiRmpsbnpEdlprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPLxzUkx HYbq4vFHjvTcRz/xbJIInh6adQd05bv5F/0o0Rk5zk8ifPYKg5/A90NY9jTerO8V 0E486Uv8XUzmQMoMumn275b90Nje9KaAc8K4ZipVDqixDrD0/ev8S6zCweRv4CKZ VQLUCl/PZT9T/Y0lm4EVqOzzjGhipPFXn+sBl6u/QGvC5JKzLLjuKVT6jc1kwP7j OpzfSau0vhMEXtJ9fPqg8UV88N5vb3wxMKNjOIWnA/Co0eFnmL3+dfXLVEAI3BxS iDtVKof2kf3MeQU+C4StFdUbJMqa+U41LXntabH+zxB4cOdp6xsXrSv1Xz8UbriD wZQ8+8P4pVJ2dw== -----END CERTIFICATE-----Generated at Fri Dec 19 04:48:34 2025 by rpki-client