This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.mft File: XcKN1dDOGOISxpsKAlHp1hVxysY.mft (raw, json) Hash identifier: 41xW2p0019xg4pWtc0e44JmwUSBy0UOlbTUECqkAaI0= Subject key identifier: 6A:48:B2:F3:F7:51:39:84:BB:76:A7:70:26:06:C4:11:FA:8C:62:F6 Authority key identifier: 5D:C2:8D:D5:D0:CE:18:E2:12:C6:9B:0A:02:51:E9:D6:15:71:CA:C6 Certificate issuer: /CN=5dc28dd5d0ce18e212c69b0a0251e9d61571cac6 Certificate serial: 019B5A88E42CBF6901E6BAAC3959739784D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcKN1dDOGOISxpsKAlHp1hVxysY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.mft Manifest number: 3D Signing time: Fri 26 Dec 2025 12:01:19 +0000 Manifest this update: Fri 26 Dec 2025 12:01:19 +0000 Manifest next update: Sat 27 Dec 2025 12:01:19 +0000 Files and hashes: 1: 0f_arJoBaLF-XLrzU8EcXTZHmfY.roa (hash: ywtuL9VpnhJkhV8T3hg8KzfDj9nIGXXgCL1jP2eFkdU=) 2: XcKN1dDOGOISxpsKAlHp1hVxysY.crl (hash: F5crXYG3fdTTFzWgpeDSN3dxvrjFuPjbxZ4Y4X/CHi0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.crl rsync://rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.mft rsync://rpki.ripe.net/repository/DEFAULT/XcKN1dDOGOISxpsKAlHp1hVxysY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:e4:2c:bf:69:01:e6:ba:ac:39:59:73:97:84:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dc28dd5d0ce18e212c69b0a0251e9d61571cac6 Validity Not Before: Dec 26 12:01:19 2025 GMT Not After : Dec 27 12:01:19 2025 GMT Subject: CN=6a48b2f3f7513984bb76a7702606c411fa8c62f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:76:98:1f:01:51:32:5e:d6:8a:c3:72:dd:ef: 9f:e1:47:9a:3c:8e:5c:98:0a:33:25:58:51:2f:c3: fd:75:97:44:69:1a:45:79:c9:db:26:6c:b8:df:11: 76:e8:de:46:e8:f7:73:88:ff:a4:d2:57:c7:f6:d4: 7b:5c:5d:0f:2f:3c:64:e3:bc:47:cc:95:9c:6a:6d: 1b:2d:7c:45:8b:78:fd:54:e8:96:cd:a7:96:2c:0c: 96:87:7d:cf:a9:aa:94:f5:b2:9b:8c:d1:7c:e1:8f: 3d:d7:63:03:e7:af:ac:e8:80:ce:10:21:2c:51:b7: 93:3b:cc:26:f0:0d:15:a4:41:7f:68:3f:79:5e:77: db:d4:84:8f:bc:71:ac:78:12:a7:84:99:57:fd:84: ac:76:2a:a6:6b:22:06:c2:5c:fa:c7:53:8d:67:da: 5e:4c:98:b7:0d:66:ff:0f:07:39:43:ac:d1:d2:62: b7:55:9e:af:19:79:db:fc:88:81:57:ff:39:b6:e0: a1:d6:ed:12:46:4b:c1:80:dc:24:ec:b6:b6:63:5b: 41:4c:26:65:93:d9:ec:68:f3:86:17:65:87:42:06: 74:f2:e3:11:59:cc:e1:96:b9:a3:74:d0:d7:69:16: f8:53:82:2c:77:32:ec:ed:75:21:b7:ee:56:0b:42: ad:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:48:B2:F3:F7:51:39:84:BB:76:A7:70:26:06:C4:11:FA:8C:62:F6 X509v3 Authority Key Identifier: keyid:5D:C2:8D:D5:D0:CE:18:E2:12:C6:9B:0A:02:51:E9:D6:15:71:CA:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcKN1dDOGOISxpsKAlHp1hVxysY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3256b4-4160-4d14-b44f-241e8fe27381/1/XcKN1dDOGOISxpsKAlHp1hVxysY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:6f:e7:3c:51:cd:a2:a7:4f:98:1f:fa:44:57:35:11:c8:90: 28:5c:20:41:0d:72:8b:63:00:dd:a9:15:d1:31:63:80:b0:9b: 4e:00:44:d3:c8:dc:69:00:34:0c:54:3f:ad:b4:49:81:2e:a6: f9:58:a4:de:f5:97:91:a4:e5:82:fa:23:58:55:f9:69:9c:3c: 1c:9e:97:46:db:27:59:fb:12:53:cc:54:10:b9:f7:d2:20:18: 7a:bd:4f:81:b7:8e:d4:6a:76:f8:1c:3c:17:9d:94:03:b9:62: b7:de:49:14:b5:db:4b:f0:84:62:8a:77:e3:69:34:f4:5a:ab: 43:f8:2e:98:ec:63:e3:3e:76:33:4a:6c:9a:6e:63:be:6d:55: a6:52:d2:7e:88:67:ff:8e:50:80:bb:da:82:3d:d1:10:14:39: 23:50:f2:c2:a3:4e:f3:9b:77:14:c7:9a:75:e5:f0:d1:1e:a6: 9c:78:ac:76:13:23:a6:dd:92:da:c8:01:d3:40:b1:d3:9b:fd: 9f:28:99:6a:7c:2a:bc:e6:ab:e2:61:d7:28:21:eb:81:67:ba: dd:4d:a4:52:11:c6:41:c2:66:97:82:83:f4:4f:99:64:73:a1: fc:2f:6f:4e:27:43:8c:dc:f9:72:26:36:20:9c:66:8f:3d:4e: c5:3a:aa:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiOQsv2kB5rqsOVlzl4TXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYzI4ZGQ1ZDBjZTE4ZTIxMmM2OWIwYTAyNTFlOWQ2MTU3 MWNhYzYwHhcNMjUxMjI2MTIwMTE5WhcNMjUxMjI3MTIwMTE5WjAzMTEwLwYDVQQD Eyg2YTQ4YjJmM2Y3NTEzOTg0YmI3NmE3NzAyNjA2YzQxMWZhOGM2MmY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HaYHwFRMl7WisNy3e+f4UeaPI5c mAozJVhRL8P9dZdEaRpFecnbJmy43xF26N5G6PdziP+k0lfH9tR7XF0PLzxk47xH zJWcam0bLXxFi3j9VOiWzaeWLAyWh33PqaqU9bKbjNF84Y8912MD56+s6IDOECEs UbeTO8wm8A0VpEF/aD95Xnfb1ISPvHGseBKnhJlX/YSsdiqmayIGwlz6x1ONZ9pe TJi3DWb/Dwc5Q6zR0mK3VZ6vGXnb/IiBV/85tuCh1u0SRkvBgNwk7La2Y1tBTCZl k9nsaPOGF2WHQgZ08uMRWczhlrmjdNDXaRb4U4IsdzLs7XUht+5WC0Kt+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGpIsvP3UTmEu3ancCYGxBH6jGL2MB8GA1UdIwQY MBaAFF3CjdXQzhjiEsabCgJR6dYVccrGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGNLTjFkRE9HT0lTeHBzS0FsSHAxaFZ4eXNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zMjU2YjQtNDE2MC00ZDE0LWI0NGYt MjQxZThmZTI3MzgxLzEvWGNLTjFkRE9HT0lTeHBzS0FsSHAxaFZ4eXNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC8zMjU2YjQtNDE2MC00ZDE0LWI0NGYtMjQxZThmZTI3Mzgx LzEvWGNLTjFkRE9HT0lTeHBzS0FsSHAxaFZ4eXNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsW/nPFHN oqdPmB/6RFc1EciQKFwgQQ1yi2MA3akV0TFjgLCbTgBE08jcaQA0DFQ/rbRJgS6m +Vik3vWXkaTlgvojWFX5aZw8HJ6XRtsnWfsSU8xUELn30iAYer1PgbeO1Gp2+Bw8 F52UA7lit95JFLXbS/CEYop342k09FqrQ/gumOxj4z52M0psmm5jvm1VplLSfohn /45QgLvagj3REBQ5I1DywqNO85t3FMeadeXw0R6mnHisdhMjpt2S2sgB00Cx05v9 nyiZanwqvOar4mHXKCHrgWe63U2kUhHGQcJml4KD9E+ZZHOh/C9vTidDjNz5ciY2 IJxmjz1OxTqqbQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:13 2025 by rpki-client