This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json) Hash identifier: ia8YhRj711tGwPhhB02KkezEVBtHHzySf1tbIKHgVX8= Subject key identifier: F9:9D:71:A0:A2:1B:9F:5B:C4:C9:09:AB:28:16:65:81:93:1A:09:C8 Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Certificate serial: 019AF01A6F5419179C2EFAE0C8A4A6C83E78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft Manifest number: 16A2 Signing time: Fri 05 Dec 2025 20:00:55 +0000 Manifest this update: Fri 05 Dec 2025 20:00:55 +0000 Manifest next update: Sat 06 Dec 2025 20:00:55 +0000 Files and hashes: 1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: zwG1xqcO1aL/X8S1nenui0CtIkqniGtAUSGy16ZnCyE=) 2: ir_nzSQYAsgPoPu8kRGYQzALm7U.roa (hash: TCpfNyg//XzFyrfc8SAsUbs4iWswcCSro2mnromAmQo=) 3: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (hash: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 17:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:1a:6f:54:19:17:9c:2e:fa:e0:c8:a4:a6:c8:3e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Validity Not Before: Dec 5 20:00:55 2025 GMT Not After : Dec 6 20:00:55 2025 GMT Subject: CN=f99d71a0a21b9f5bc4c909ab28166581931a09c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a2:09:3b:8c:c4:fb:21:7b:85:52:de:80:84: d2:64:08:69:b0:54:04:31:66:6d:c8:15:d9:b3:9a: f7:c6:05:98:55:4d:8c:bf:97:6e:3c:0e:cb:f8:77: 58:71:30:3b:10:60:27:46:46:e1:38:94:e0:44:17: 41:b7:de:c1:bb:b0:02:f5:d5:a2:8a:e7:fd:45:73: 9c:b6:89:21:7d:00:0c:4c:c7:54:e1:9e:96:fe:27: 65:bc:d6:8b:0a:a3:da:37:88:7a:27:ed:97:40:48: 41:fa:9d:59:70:eb:1a:55:5b:a8:4b:2e:03:98:70: 0b:d3:9b:a2:0a:ce:94:76:72:60:ae:e4:a0:b1:8e: ac:77:d3:88:b3:70:e1:af:54:af:ed:28:ed:2f:57: ac:f5:47:43:22:5a:fd:26:2a:22:d3:8a:da:34:e8: c0:4c:da:51:f7:69:29:32:46:07:f4:e2:58:10:af: 8b:40:fa:7c:08:b0:fc:df:fd:56:f9:1a:62:42:fe: d3:79:2e:d8:c3:a4:b0:26:44:35:13:d6:2a:52:0f: bd:21:70:25:77:a6:b0:a4:01:54:56:62:3a:0a:44: a1:e8:5f:af:c3:4f:05:0f:58:84:7d:81:57:29:be: 9b:27:2c:f8:6e:d7:49:92:f2:7a:07:05:6c:17:c0: 2b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:9D:71:A0:A2:1B:9F:5B:C4:C9:09:AB:28:16:65:81:93:1A:09:C8 X509v3 Authority Key Identifier: keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:a9:cc:b7:f9:e4:88:5b:d1:4f:5a:32:50:88:c1:26:ba:de: 71:9d:e6:d9:7d:96:2c:3f:70:6a:03:6b:d8:94:ce:a7:13:1e: 35:5d:df:d7:59:fb:ff:a3:c5:a3:0e:de:c9:1d:95:3d:3d:62: f0:86:26:3a:96:f1:6c:11:11:49:ba:47:d2:13:ef:6f:80:af: c1:6b:7a:04:eb:8a:2d:6f:29:d3:e1:0a:75:be:97:01:9d:94: 31:32:52:8a:5a:22:e9:90:4f:ac:51:51:a7:35:0a:21:8f:87: 94:5a:ca:e7:fc:5b:a2:72:30:02:1c:b6:6f:b5:bb:c4:a6:7f: 8c:ee:81:00:0f:4a:61:a2:e3:18:4e:6b:35:54:87:54:97:24: 1b:d7:79:36:fa:23:0f:16:71:7c:ee:01:d6:9b:38:2c:d6:8e: 04:57:9c:f0:42:2c:05:3f:02:24:36:12:a4:6a:15:12:92:89: 99:43:92:09:d0:48:5d:fd:d5:49:62:39:87:02:e7:1f:5a:1c: 32:0a:4f:85:2b:77:f3:e2:02:71:cd:4d:33:4a:31:51:f2:1a: 4f:53:a7:55:03:7e:5c:fc:30:37:a3:83:04:ed:b4:6b:0b:eb: 7e:0b:05:d9:eb:5a:f1:92:fc:bf:a5:6d:c7:48:47:58:d3:c3: b2:0b:f6:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwGm9UGRecLvrgyKSmyD54MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm MTFhZDMwHhcNMjUxMjA1MjAwMDU1WhcNMjUxMjA2MjAwMDU1WjAzMTEwLwYDVQQD EyhmOTlkNzFhMGEyMWI5ZjViYzRjOTA5YWIyODE2NjU4MTkzMWEwOWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKIJO4zE+yF7hVLegITSZAhpsFQE MWZtyBXZs5r3xgWYVU2Mv5duPA7L+HdYcTA7EGAnRkbhOJTgRBdBt97Bu7AC9dWi iuf9RXOctokhfQAMTMdU4Z6W/idlvNaLCqPaN4h6J+2XQEhB+p1ZcOsaVVuoSy4D mHAL05uiCs6UdnJgruSgsY6sd9OIs3Dhr1Sv7SjtL1es9UdDIlr9Jioi04raNOjA TNpR92kpMkYH9OJYEK+LQPp8CLD83/1W+RpiQv7TeS7Yw6SwJkQ1E9YqUg+9IXAl d6awpAFUVmI6CkSh6F+vw08FD1iEfYFXKb6bJyz4btdJkvJ6BwVsF8Ar8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPmdcaCiG59bxMkJqygWZYGTGgnIMB8GA1UdIwQY MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4 LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAganMt/nk iFvRT1oyUIjBJrrecZ3m2X2WLD9wagNr2JTOpxMeNV3f11n7/6PFow7eyR2VPT1i 8IYmOpbxbBERSbpH0hPvb4CvwWt6BOuKLW8p0+EKdb6XAZ2UMTJSiloi6ZBPrFFR pzUKIY+HlFrK5/xbonIwAhy2b7W7xKZ/jO6BAA9KYaLjGE5rNVSHVJckG9d5Nvoj DxZxfO4B1ps4LNaOBFec8EIsBT8CJDYSpGoVEpKJmUOSCdBIXf3VSWI5hwLnH1oc MgpPhSt38+ICcc1NM0oxUfIaT1OnVQN+XPwwN6ODBO20awvrfgsF2eta8ZL8v6Vt x0hHWNPDsgv2YQ== -----END CERTIFICATE-----Generated at Fri Dec 5 23:04:24 2025 by rpki-client