This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft File: _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json) Hash identifier: TiKR5o6SDPn5/GqB04zRhjrYwhzjGx6VKGpykUFYbdk= Subject key identifier: C1:31:35:0F:7D:A0:84:D8:F9:D3:75:01:CA:E8:F9:1E:95:A7:07:68 Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Certificate serial: 019B12037B702EE507DD95F8A560AC0EDE3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft Manifest number: 0CCA Signing time: Fri 12 Dec 2025 10:02:56 +0000 Manifest this update: Fri 12 Dec 2025 10:02:56 +0000 Manifest next update: Sat 13 Dec 2025 10:02:56 +0000 Files and hashes: 1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=) 2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: R1l+iQNEFOYr301JCQBqNjwVBTkxslvq0i7BgXmy6bs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 10:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:03:7b:70:2e:e5:07:dd:95:f8:a5:60:ac:0e:de:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Validity Not Before: Dec 12 10:02:56 2025 GMT Not After : Dec 13 10:02:56 2025 GMT Subject: CN=c131350f7da084d8f9d37501cae8f91e95a70768 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:67:45:93:df:c8:63:5c:ba:38:05:b0:31: 09:bc:38:38:7f:a4:43:4b:1a:e5:6f:97:0a:36:91: c2:a7:c9:e0:4d:78:43:d8:37:cc:35:6f:8a:89:87: 18:47:c7:f2:2f:26:79:fe:58:df:97:4c:17:ad:4e: f6:2b:69:85:a1:7f:d9:b1:83:6d:d3:4d:32:c1:56: 2c:d5:2b:0e:fd:61:46:f4:99:4c:cd:63:a1:ee:f5: dc:0f:5f:fb:1d:59:99:68:2f:42:00:26:f7:77:c9: 72:f8:08:fd:f8:79:ce:d4:a3:03:21:81:ba:3c:c9: 08:b3:5f:78:25:11:66:ca:35:93:1a:a8:10:3a:5a: 46:7f:e1:0c:63:05:5a:35:af:ed:54:f2:de:98:4a: a2:4e:76:2c:db:20:ec:2a:27:c6:0c:e2:8b:1c:b5: a9:6c:84:1d:81:bc:57:9e:ab:ec:7c:4a:8b:1e:ac: 8f:d1:98:24:7c:a7:a5:b1:54:7a:f3:fe:23:cd:a6: a4:9c:61:96:80:c6:b6:8b:9e:1c:75:38:ee:18:e4: a4:33:a2:f9:74:88:84:ad:d0:9f:17:1c:52:b8:f2: 18:f1:85:54:b2:36:19:09:69:e2:8c:79:c5:43:56: 06:c7:74:4a:79:88:8d:10:5d:2a:08:aa:a4:50:74: d1:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:31:35:0F:7D:A0:84:D8:F9:D3:75:01:CA:E8:F9:1E:95:A7:07:68 X509v3 Authority Key Identifier: keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:43:8f:57:02:2a:b9:67:94:59:28:c4:df:27:d6:70:2d:6f: 05:92:85:86:6d:b8:f2:70:f0:28:b2:56:9f:ff:40:37:06:e1: 35:e7:d8:32:af:bd:71:c1:4a:01:e0:8b:e6:3c:82:b4:cf:b3: 68:07:01:dd:42:d7:e6:9e:15:bb:62:0f:d9:8e:4c:73:d4:83: d3:be:5c:57:55:ce:d1:52:ad:f2:18:86:8d:ad:37:c2:24:34: c9:2d:00:68:4d:9e:0b:1d:d6:ab:d7:e7:da:86:70:ca:c2:6a: e8:9f:df:38:37:c5:48:8b:9c:3c:63:72:40:d9:d0:0e:cc:6c: 22:9c:15:61:18:e1:fb:60:19:70:96:e6:32:c5:e1:06:53:83: 11:51:9d:9a:9c:dc:b0:fc:99:b4:93:fd:38:ec:4a:73:7c:de: cd:24:a7:57:39:7c:12:b6:ef:dd:00:60:5f:d6:b9:83:50:aa: 98:f8:b2:00:5a:28:c3:e0:8c:a0:f7:20:c9:7e:21:7c:79:10: 73:b1:35:7e:ba:c8:ab:ba:d0:50:38:ff:c3:74:a7:95:9e:72: e6:db:6d:0d:76:87:fe:c7:01:a4:fe:50:0c:8b:b8:74:e6:4b: 5d:af:83:20:64:f7:86:58:a4:51:10:f6:11:ad:b3:48:4b:4e: 6c:55:92:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsSA3twLuUH3ZX4pWCsDt49MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz M2U1ZDgwHhcNMjUxMjEyMTAwMjU2WhcNMjUxMjEzMTAwMjU2WjAzMTEwLwYDVQQD EyhjMTMxMzUwZjdkYTA4NGQ4ZjlkMzc1MDFjYWU4ZjkxZTk1YTcwNzY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw11nRZPfyGNcujgFsDEJvDg4f6RD Sxrlb5cKNpHCp8ngTXhD2DfMNW+KiYcYR8fyLyZ5/ljfl0wXrU72K2mFoX/ZsYNt 000ywVYs1SsO/WFG9JlMzWOh7vXcD1/7HVmZaC9CACb3d8ly+Aj9+HnO1KMDIYG6 PMkIs194JRFmyjWTGqgQOlpGf+EMYwVaNa/tVPLemEqiTnYs2yDsKifGDOKLHLWp bIQdgbxXnqvsfEqLHqyP0ZgkfKelsVR68/4jzaaknGGWgMa2i54cdTjuGOSkM6L5 dIiErdCfFxxSuPIY8YVUsjYZCWnijHnFQ1YGx3RKeYiNEF0qCKqkUHTR6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMExNQ99oITY+dN1Acro+R6VpwdoMB8GA1UdIwQY MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2 LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEOPVwIq uWeUWSjE3yfWcC1vBZKFhm248nDwKLJWn/9ANwbhNefYMq+9ccFKAeCL5jyCtM+z aAcB3ULX5p4Vu2IP2Y5Mc9SD075cV1XO0VKt8hiGja03wiQ0yS0AaE2eCx3Wq9fn 2oZwysJq6J/fODfFSIucPGNyQNnQDsxsIpwVYRjh+2AZcJbmMsXhBlODEVGdmpzc sPyZtJP9OOxKc3zezSSnVzl8Erbv3QBgX9a5g1CqmPiyAFoow+CMoPcgyX4hfHkQ c7E1frrIq7rQUDj/w3SnlZ5y5tttDXaH/scBpP5QDIu4dOZLXa+DIGT3hlikURD2 Ea2zSEtObFWSFA== -----END CERTIFICATE-----Generated at Fri Dec 12 19:31:20 2025 by rpki-client