This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft File: _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json) Hash identifier: bPg/LowOQ9Zt+ZkbIxXBcncmK7cy/1SA154ZPguyj7Q= Subject key identifier: 8C:17:DC:A4:8E:27:99:0B:E3:15:FB:C6:47:F3:1A:0A:A4:83:13:C1 Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Certificate serial: 019B424A70C565763FE964020F8A46AF9C85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft Manifest number: 0CE3 Signing time: Sun 21 Dec 2025 19:02:13 +0000 Manifest this update: Sun 21 Dec 2025 19:02:13 +0000 Manifest next update: Mon 22 Dec 2025 19:02:13 +0000 Files and hashes: 1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=) 2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: iDxgo1T64d7Jmrl0A7PuF++2o80NRxf9hLtmn+CWtwk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:02:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:70:c5:65:76:3f:e9:64:02:0f:8a:46:af:9c:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Validity Not Before: Dec 21 19:02:13 2025 GMT Not After : Dec 22 19:02:13 2025 GMT Subject: CN=8c17dca48e27990be315fbc647f31a0aa48313c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:02:bc:85:0d:b5:24:96:b7:b3:30:4a:22:99: 55:c0:bb:cf:a3:90:14:f8:c0:1f:4e:1a:27:af:77: 38:20:76:63:7f:aa:92:a1:5c:f3:b0:67:66:1a:22: 6d:b3:4c:b6:82:8b:ce:ce:8a:27:45:d0:16:4c:d3: 62:d6:ce:ff:ce:6f:86:c5:ef:d8:1e:b7:83:ad:be: c6:a5:b7:5d:7f:d8:ca:ee:e0:fa:ff:fb:00:34:00: e3:34:0e:3e:10:c4:3c:d3:e8:6b:47:8b:6f:d9:48: 0c:99:41:f7:2b:bf:ec:eb:8a:1e:fb:68:58:60:ad: 64:a2:68:9e:9d:54:68:1e:6c:41:75:8c:21:62:6a: 81:5a:d9:a5:d1:66:65:24:00:22:fc:69:f0:b8:de: ec:2a:71:68:4d:0e:fb:4b:f7:9b:d4:e1:05:76:ee: 8f:31:51:f1:6b:9b:fd:48:df:b8:9b:ce:2a:da:27: ac:8e:50:3a:27:df:99:ad:9a:a8:59:fa:a8:d5:c8: 9a:68:cf:15:3f:7f:a5:5c:63:92:c3:23:82:14:b1: 7f:53:50:8e:82:86:1b:f0:70:92:26:7e:6f:62:53: 28:85:ee:9d:a9:e0:fd:89:c2:40:62:b6:df:d8:bc: f4:29:47:a9:53:4c:e1:0f:4c:ca:d9:67:76:2c:0b: 73:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:17:DC:A4:8E:27:99:0B:E3:15:FB:C6:47:F3:1A:0A:A4:83:13:C1 X509v3 Authority Key Identifier: keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:3e:7b:b6:f9:1f:5a:e5:2b:2d:76:6f:77:8f:8f:0a:51:74: 97:e0:67:48:52:1a:02:99:17:0a:f9:54:37:64:78:66:4d:a0: cc:19:27:d0:6e:f9:a4:84:b2:fc:0b:52:a8:15:ee:9f:99:75: d0:db:51:60:f8:9e:7d:43:c8:fc:95:1b:c9:43:f1:fa:73:a0: d7:29:33:c9:e6:25:7c:3d:7c:b9:b5:fa:e8:94:db:d9:9d:48: 05:4c:9e:ab:76:0e:97:52:1a:9a:03:31:a4:2b:52:7a:2e:71: ad:1c:4e:2c:6a:86:8a:13:4d:d1:7a:dc:83:31:1a:52:e4:f0: c9:ed:e5:f5:ee:6e:19:0e:22:e1:3f:2a:d0:48:8e:c0:a5:b4: e7:9f:56:12:52:e0:ac:c1:e5:f3:07:71:36:70:eb:bc:72:2c: ea:63:24:51:7d:42:15:02:15:53:b9:2d:54:32:ea:0c:f3:a5: c4:84:68:f1:52:88:c1:78:33:b8:55:69:ff:2d:81:ea:82:89: 85:b9:21:c8:f6:63:f5:20:da:c5:9f:40:52:9e:47:20:c2:c2: c6:e0:b9:20:00:7a:c2:a9:17:0e:0f:02:3d:dd:a7:55:c1:db: f5:4f:10:5c:e6:89:7f:2a:87:a8:5f:b6:eb:f1:ca:3f:f4:f2: a4:5e:c4:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSnDFZXY/6WQCD4pGr5yFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz M2U1ZDgwHhcNMjUxMjIxMTkwMjEzWhcNMjUxMjIyMTkwMjEzWjAzMTEwLwYDVQQD Eyg4YzE3ZGNhNDhlMjc5OTBiZTMxNWZiYzY0N2YzMWEwYWE0ODMxM2MxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAK8hQ21JJa3szBKIplVwLvPo5AU +MAfThonr3c4IHZjf6qSoVzzsGdmGiJts0y2govOzoonRdAWTNNi1s7/zm+Gxe/Y HreDrb7Gpbddf9jK7uD6//sANADjNA4+EMQ80+hrR4tv2UgMmUH3K7/s64oe+2hY YK1komienVRoHmxBdYwhYmqBWtml0WZlJAAi/GnwuN7sKnFoTQ77S/eb1OEFdu6P MVHxa5v9SN+4m84q2iesjlA6J9+ZrZqoWfqo1ciaaM8VP3+lXGOSwyOCFLF/U1CO goYb8HCSJn5vYlMohe6dqeD9icJAYrbf2Lz0KUepU0zhD0zK2Wd2LAtz9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIwX3KSOJ5kL4xX7xkfzGgqkgxPBMB8GA1UdIwQY MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2 LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkz57tvkf WuUrLXZvd4+PClF0l+BnSFIaApkXCvlUN2R4Zk2gzBkn0G75pISy/AtSqBXun5l1 0NtRYPiefUPI/JUbyUPx+nOg1ykzyeYlfD18ubX66JTb2Z1IBUyeq3YOl1IamgMx pCtSei5xrRxOLGqGihNN0XrcgzEaUuTwye3l9e5uGQ4i4T8q0EiOwKW0559WElLg rMHl8wdxNnDrvHIs6mMkUX1CFQIVU7ktVDLqDPOlxIRo8VKIwXgzuFVp/y2B6oKJ hbkhyPZj9SDaxZ9AUp5HIMLCxuC5IAB6wqkXDg8CPd2nVcHb9U8QXOaJfyqHqF+2 6/HKP/TypF7ECA== -----END CERTIFICATE-----Generated at Mon Dec 22 02:21:24 2025 by rpki-client