This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft File: XzHZebcQ7eIGiCOIGqYRrROvVFk.mft (raw, json) Hash identifier: 8LPIG6mocj9MSpr4dkT9u8nsV8yugvdTuuJKD0loHoc= Subject key identifier: 3D:11:C9:C9:BA:57:55:D0:10:59:B9:0A:9F:5C:C5:6F:F0:C5:93:09 Authority key identifier: 5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 Certificate issuer: /CN=5f31d979b710ede2068823881aa611ad13af5459 Certificate serial: 019B5976540CAED4B070B6010B08C3AC4A50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft Manifest number: 0D4C Signing time: Fri 26 Dec 2025 07:01:25 +0000 Manifest this update: Fri 26 Dec 2025 07:01:25 +0000 Manifest next update: Sat 27 Dec 2025 07:01:25 +0000 Files and hashes: 1: 7VePb56Lb2mDp_DoHqAJOVOs_T8.roa (hash: V7IpcMoqQADg7SX3r725vYH2jPknDmi+ikdfBjQyP5c=) 2: XzHZebcQ7eIGiCOIGqYRrROvVFk.crl (hash: AkAVCJBwOUzmV6L8XAzG/fCiLSER6b02KhvyJN4sl/Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:54:0c:ae:d4:b0:70:b6:01:0b:08:c3:ac:4a:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f31d979b710ede2068823881aa611ad13af5459 Validity Not Before: Dec 26 07:01:25 2025 GMT Not After : Dec 27 07:01:25 2025 GMT Subject: CN=3d11c9c9ba5755d01059b90a9f5cc56ff0c59309 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7c:fc:5f:09:45:d6:e5:b6:48:de:15:59:27: e8:9a:59:64:e2:49:35:d1:b2:b0:3d:68:b1:7d:e8: 70:c0:03:8c:28:73:8a:e4:67:8d:10:e1:a0:7b:1b: f5:d2:fc:5e:5a:c4:c5:e7:0f:89:92:e1:fa:c8:42: 09:ba:66:be:b8:a3:33:f0:75:fd:f0:c0:fc:f9:79: 4c:ba:2f:df:71:90:c3:81:02:d8:86:0d:8f:c2:cb: e2:29:d1:cd:29:02:3a:e7:0c:e5:c5:8d:b7:df:f3: c2:08:2f:e1:e5:6d:11:de:e2:09:d4:97:d1:37:46: d0:5e:83:d9:e2:7c:5e:02:4f:cf:e7:60:3d:75:57: 4d:4d:18:af:ca:60:16:55:b5:e7:bd:36:fa:7c:32: f5:fe:e4:82:99:17:fa:8d:43:3c:ce:8a:40:79:54: c1:15:b9:18:ec:be:f6:c6:22:82:0d:b1:71:1b:22: a0:9c:cd:b1:51:53:bd:2c:79:66:87:68:f9:42:9c: 58:5a:eb:06:4a:d2:f2:73:aa:aa:75:15:3a:30:5b: 7d:e9:68:14:df:be:ab:55:64:ff:13:8f:63:a0:39: 0a:07:5b:66:59:07:5d:d5:88:62:2f:51:82:54:50: 04:07:fa:a2:8a:66:1e:13:ba:4b:2e:d3:6a:96:47: d9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:11:C9:C9:BA:57:55:D0:10:59:B9:0A:9F:5C:C5:6F:F0:C5:93:09 X509v3 Authority Key Identifier: keyid:5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:ce:c6:2f:4d:05:d7:e2:19:73:df:6a:5d:e1:15:af:b3:06: 5c:30:cd:0c:f0:28:e7:ce:d8:75:56:7d:39:67:49:8c:f8:e2: ca:4f:f1:0a:cd:3f:b4:81:3a:3f:2a:fc:7f:69:1c:46:f3:08: b2:ec:53:d1:ab:af:f4:a8:b1:7a:1e:ba:ad:11:b4:6a:3c:5c: 4f:69:b4:bb:bd:b5:25:f7:73:32:18:3f:a4:1d:00:39:fd:f3: 09:19:87:5a:74:b9:a6:fd:b0:26:7c:01:f5:a8:11:47:bd:d0: d2:3c:5c:2e:a3:38:4a:15:ca:b3:22:de:d6:6c:9a:23:1c:24: d1:a7:46:dd:cb:e7:31:25:88:c3:22:de:05:e1:7c:58:87:ef: ed:e6:f9:d7:c9:c3:50:12:bc:80:31:de:98:79:5b:32:b8:71: f7:72:f2:8d:9c:1d:a9:3e:fc:b4:ac:74:6c:92:f6:4c:79:c5: 40:97:88:77:cf:df:dc:af:92:ae:40:97:01:d3:4c:d5:de:72: c7:ca:11:03:23:c8:41:88:ea:4e:cb:72:7c:84:8a:39:3b:f3: 71:ce:31:0b:90:73:d9:cd:e8:5b:59:09:e3:06:45:41:49:b6: 57:b9:86:ea:d1:83:f3:53:31:1e:78:87:a7:7d:30:30:20:26: 61:1a:13:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdlQMrtSwcLYBCwjDrEpQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMzFkOTc5YjcxMGVkZTIwNjg4MjM4ODFhYTYxMWFkMTNh ZjU0NTkwHhcNMjUxMjI2MDcwMTI1WhcNMjUxMjI3MDcwMTI1WjAzMTEwLwYDVQQD EygzZDExYzljOWJhNTc1NWQwMTA1OWI5MGE5ZjVjYzU2ZmYwYzU5MzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3z8XwlF1uW2SN4VWSfomllk4kk1 0bKwPWixfehwwAOMKHOK5GeNEOGgexv10vxeWsTF5w+JkuH6yEIJuma+uKMz8HX9 8MD8+XlMui/fcZDDgQLYhg2PwsviKdHNKQI65wzlxY233/PCCC/h5W0R3uIJ1JfR N0bQXoPZ4nxeAk/P52A9dVdNTRivymAWVbXnvTb6fDL1/uSCmRf6jUM8zopAeVTB FbkY7L72xiKCDbFxGyKgnM2xUVO9LHlmh2j5QpxYWusGStLyc6qqdRU6MFt96WgU 376rVWT/E49joDkKB1tmWQdd1YhiL1GCVFAEB/qiimYeE7pLLtNqlkfZsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD0Rycm6V1XQEFm5Cp9cxW/wxZMJMB8GA1UdIwQY MBaAFF8x2Xm3EO3iBogjiBqmEa0Tr1RZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMt NDFjNjY0NThkZDczLzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMtNDFjNjY0NThkZDcz LzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS87GL00F 1+IZc99qXeEVr7MGXDDNDPAo587YdVZ9OWdJjPjiyk/xCs0/tIE6Pyr8f2kcRvMI suxT0auv9Kixeh66rRG0ajxcT2m0u721JfdzMhg/pB0AOf3zCRmHWnS5pv2wJnwB 9agRR73Q0jxcLqM4ShXKsyLe1myaIxwk0adG3cvnMSWIwyLeBeF8WIfv7eb518nD UBK8gDHemHlbMrhx93LyjZwdqT78tKx0bJL2THnFQJeId8/f3K+SrkCXAdNM1d5y x8oRAyPIQYjqTstyfISKOTvzcc4xC5Bz2c3oW1kJ4wZFQUm2V7mG6tGD81MxHniH p30wMCAmYRoTNw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:29 2025 by rpki-client