This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft File: XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json) Hash identifier: R4gielvLIatsu9jpf/j2R6cDHhC9BAYZsrfDc5KfAjo= Subject key identifier: CE:D5:58:F1:30:25:96:2E:92:60:76:0F:9D:7C:70:84:49:38:69:7D Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A Certificate issuer: /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a Certificate serial: 019B5AE8CAAFD3982CA73F1033F50F684BE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft Manifest number: 0492 Signing time: Fri 26 Dec 2025 13:46:04 +0000 Manifest this update: Fri 26 Dec 2025 13:46:04 +0000 Manifest next update: Sat 27 Dec 2025 13:46:04 +0000 Files and hashes: 1: M0DY0-cxOITylOA1AQbMHjzuLns.roa (hash: TCLFDYQDGEHGNtY7ssTerark8mKFfbDCNGa95chOu74=) 2: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: R7gcEAEtX2BSp3YFuRtSY+abtnstOQsY5JWaRCOyrLI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:e8:ca:af:d3:98:2c:a7:3f:10:33:f5:0f:68:4b:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a Validity Not Before: Dec 26 13:46:04 2025 GMT Not After : Dec 27 13:46:04 2025 GMT Subject: CN=ced558f13025962e9260760f9d7c70844938697d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f1:d7:bf:fe:79:5c:48:0a:28:02:ab:6b:88: 99:ab:7b:08:46:77:f3:11:2c:06:00:9c:c6:0a:fd: 6f:86:a7:81:e6:cc:30:47:ca:e3:2f:ee:71:6c:7c: dd:ec:d7:a8:31:ea:ec:0e:ac:67:5b:9d:d2:9d:18: d4:fd:48:0e:54:18:bd:34:00:10:3f:ba:f0:20:4d: e9:04:7a:cc:03:02:2f:20:bb:35:5a:35:5f:86:de: 23:75:44:ea:b0:eb:36:18:2b:e5:d1:29:68:72:61: 42:4a:e8:47:c6:12:e1:ae:ab:a4:75:0f:aa:cc:27: b9:e9:3d:0d:9f:fe:5a:72:2b:a8:44:21:f1:37:b8: 05:a4:56:62:cd:80:dd:b8:4b:b8:bb:51:fe:b7:aa: 39:ec:33:0a:6c:a5:25:b4:8b:7d:69:16:f2:78:07: d8:00:ea:bd:e4:04:fb:41:8e:e8:94:56:f1:f6:2f: 70:d9:0f:76:68:0d:5b:39:37:a2:2a:eb:67:15:35: 9b:b2:a2:4d:59:53:c6:94:38:48:0e:44:18:25:22: c1:16:94:68:ac:79:3a:89:63:7c:d8:26:3b:11:da: b4:7a:97:57:04:01:1a:f2:05:28:c4:86:9e:11:04: 94:16:5e:80:96:02:7e:10:50:dc:01:3d:e8:a1:88: ed:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:D5:58:F1:30:25:96:2E:92:60:76:0F:9D:7C:70:84:49:38:69:7D X509v3 Authority Key Identifier: keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:43:b4:d2:ec:97:29:2b:ef:5b:88:2b:60:fe:c2:af:18:91: b2:ee:c1:82:34:20:1d:11:21:cd:a1:a5:89:af:f8:f0:49:86: b0:4e:c2:c7:48:12:65:a9:08:41:55:f6:01:46:63:0c:ab:22: a3:cf:d6:48:9d:07:73:f5:f2:2c:d5:de:2a:b9:0f:b8:98:49: f8:ac:f2:58:b7:00:8c:73:09:ec:9a:f1:94:8d:cf:4b:96:b1: 9d:56:20:77:68:43:40:25:37:5b:bb:94:16:fa:91:47:50:c0: e2:bb:b6:42:ee:43:b8:0c:d4:91:f3:57:13:22:6c:d6:26:26: be:32:b2:e9:72:79:c9:e8:a9:95:28:13:0a:3b:b2:60:79:56: 9f:6e:68:ad:c1:93:c2:ee:4d:a2:de:8c:bc:67:0d:4e:2a:2e: c0:6b:da:cc:ed:4b:48:ac:6a:71:03:72:40:7f:60:99:d0:dc: f5:39:5c:e3:97:02:6b:bc:cd:46:63:e5:b4:68:29:cf:5c:77: 72:2b:d8:dd:62:ac:df:eb:f8:86:06:e9:e8:1e:c0:f6:af:28: 30:4e:35:78:8a:4f:31:b3:f9:9b:17:70:8f:c5:ef:5f:52:76: c1:d0:d6:6c:ce:6c:de:8f:ed:5a:13:24:d4:d2:91:5f:36:4c: 0e:ac:7d:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta6Mqv05gspz8QM/UPaEviMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx NmViM2EwHhcNMjUxMjI2MTM0NjA0WhcNMjUxMjI3MTM0NjA0WjAzMTEwLwYDVQQD EyhjZWQ1NThmMTMwMjU5NjJlOTI2MDc2MGY5ZDdjNzA4NDQ5Mzg2OTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvHXv/55XEgKKAKra4iZq3sIRnfz ESwGAJzGCv1vhqeB5swwR8rjL+5xbHzd7NeoMersDqxnW53SnRjU/UgOVBi9NAAQ P7rwIE3pBHrMAwIvILs1WjVfht4jdUTqsOs2GCvl0SlocmFCSuhHxhLhrqukdQ+q zCe56T0Nn/5aciuoRCHxN7gFpFZizYDduEu4u1H+t6o57DMKbKUltIt9aRbyeAfY AOq95AT7QY7olFbx9i9w2Q92aA1bOTeiKutnFTWbsqJNWVPGlDhIDkQYJSLBFpRo rHk6iWN82CY7Edq0epdXBAEa8gUoxIaeEQSUFl6AlgJ+EFDcAT3ooYjtpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM7VWPEwJZYukmB2D518cIRJOGl9MB8GA1UdIwQY MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0O00uyX KSvvW4grYP7CrxiRsu7BgjQgHREhzaGlia/48EmGsE7Cx0gSZakIQVX2AUZjDKsi o8/WSJ0Hc/XyLNXeKrkPuJhJ+KzyWLcAjHMJ7JrxlI3PS5axnVYgd2hDQCU3W7uU FvqRR1DA4ru2Qu5DuAzUkfNXEyJs1iYmvjKy6XJ5yeiplSgTCjuyYHlWn25orcGT wu5Not6MvGcNTiouwGvazO1LSKxqcQNyQH9gmdDc9Tlc45cCa7zNRmPltGgpz1x3 civY3WKs3+v4hgbp6B7A9q8oME41eIpPMbP5mxdwj8XvX1J2wdDWbM5s3o/tWhMk 1NKRXzZMDqx9Ag== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:24 2025 by rpki-client