This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft File: xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft (raw, json) Hash identifier: YV5ZCQ61xGjgXw9fuw6WzHkZGbqIN3nw1Ds23wfPBTw= Subject key identifier: 3D:58:BA:A2:F1:2A:46:5C:54:6F:A3:EE:82:7C:BC:BB:ED:4F:C2:C4 Authority key identifier: C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24 Certificate issuer: /CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24 Certificate serial: 019B299CA92CF6AC3F1913B0AC12A219E5CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft Manifest number: 15D3 Signing time: Wed 17 Dec 2025 00:01:31 +0000 Manifest this update: Wed 17 Dec 2025 00:01:31 +0000 Manifest next update: Thu 18 Dec 2025 00:01:31 +0000 Files and hashes: 1: xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl (hash: QUEgrPMCWvWavgciGN5ls56m7dQS9Ic5Af5ihlWnXHQ=) 2: zUVgbIXYeTGVKXvGEymmIIswak0.roa (hash: byi69vgfiULR5t5etKbYt0ap14VdTPxIUc5JBAXpbBM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 19:20:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:29:9c:a9:2c:f6:ac:3f:19:13:b0:ac:12:a2:19:e5:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24 Validity Not Before: Dec 17 00:01:31 2025 GMT Not After : Dec 18 00:01:31 2025 GMT Subject: CN=3d58baa2f12a465c546fa3ee827cbcbbed4fc2c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:44:9d:14:a2:70:bb:8d:75:a2:33:30:bc:49: 5f:f3:1a:d5:c6:0c:a9:88:bd:d2:9a:4b:da:0c:9c: 09:cc:d7:93:03:ba:aa:c5:d3:d0:1e:37:f5:88:80: cd:03:5d:87:ba:38:5b:f6:72:12:f9:ac:b5:d7:3f: 72:76:69:8c:88:c9:5b:45:17:80:fa:5e:f5:37:48: 89:84:5d:39:d7:dd:89:4b:68:f7:a9:e4:fe:75:fb: f0:52:98:0c:c9:11:9e:17:25:7a:92:9f:3f:c6:92: 8f:d4:44:db:22:86:be:b1:d3:cd:08:ca:79:68:de: db:1d:5f:6b:4c:bb:36:72:fa:f8:ee:e9:f4:55:09: 37:22:d6:bb:94:8e:93:a7:47:b9:2a:1a:74:e1:ec: 90:35:65:c9:1a:6c:a4:f9:01:11:aa:c8:45:c0:b0: 19:9d:2c:74:92:17:2e:fd:69:6f:83:4d:1c:15:32: 55:d8:60:a7:b3:7e:5a:c3:7a:9d:97:33:7c:b6:dd: 5d:2c:6e:50:61:f3:72:ab:0b:bc:de:06:59:e9:81: 7f:df:d5:2a:5b:98:55:99:17:50:5c:28:1b:d2:c1: 90:25:5c:37:95:6d:c1:02:08:f0:5e:5f:f0:8f:dd: 11:1f:ab:f3:0b:ac:be:ba:33:f4:80:2a:b2:b4:d1: 55:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:58:BA:A2:F1:2A:46:5C:54:6F:A3:EE:82:7C:BC:BB:ED:4F:C2:C4 X509v3 Authority Key Identifier: keyid:C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:85:b0:3d:92:5a:74:08:8f:57:36:79:25:3f:6d:b5:f4:e7: 79:92:a6:6a:ac:f4:84:3d:91:c0:1c:b8:9c:91:32:31:7a:d8: ec:1d:89:4f:44:8c:ab:50:3e:c2:31:b4:cf:90:95:43:f7:40: 6e:c6:c6:92:24:de:3d:7d:40:f4:b5:13:00:9b:b7:0c:51:e7: d9:1d:26:7c:94:d9:88:fe:f0:7e:80:b5:2f:fe:92:28:05:77: a9:d7:c7:f9:ea:c8:18:df:99:20:4a:8b:18:c4:e4:8d:dc:8c: c1:82:21:4c:cc:cb:99:09:d8:22:40:c9:08:a7:13:6a:92:24: 73:81:1f:d5:43:f1:12:3a:3f:6a:87:cd:e5:d2:33:3a:6c:d2: a9:6a:61:4b:2f:52:08:cc:55:3e:49:a9:01:2e:f2:9e:cd:a6: a8:88:91:a4:71:2e:dc:1c:03:ee:c4:aa:f3:e8:8a:92:2c:f6: 9d:d7:68:e7:63:96:2e:30:be:e7:8a:b8:e7:20:aa:b3:5d:1e: 1b:75:76:41:49:3e:7a:aa:8d:ac:33:a1:b9:37:95:48:7e:25: dd:7c:73:6c:8f:eb:25:c0:e6:c0:88:bb:7c:cc:9c:9c:51:aa: b6:13:9b:b5:c2:fe:49:0d:39:83:59:9d:d7:fe:c7:3e:3f:26: 82:23:7f:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZspnKks9qw/GROwrBKiGeXOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MTljYWQ5OTIyMTE1YmNmYTc0NTJiYTBhNmU0M2E2YWY0 ZTRjMjQwHhcNMjUxMjE3MDAwMTMxWhcNMjUxMjE4MDAwMTMxWjAzMTEwLwYDVQQD EygzZDU4YmFhMmYxMmE0NjVjNTQ2ZmEzZWU4MjdjYmNiYmVkNGZjMmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArESdFKJwu411ojMwvElf8xrVxgyp iL3SmkvaDJwJzNeTA7qqxdPQHjf1iIDNA12Hujhb9nIS+ay11z9ydmmMiMlbRReA +l71N0iJhF05192JS2j3qeT+dfvwUpgMyRGeFyV6kp8/xpKP1ETbIoa+sdPNCMp5 aN7bHV9rTLs2cvr47un0VQk3Ita7lI6Tp0e5Khp04eyQNWXJGmyk+QERqshFwLAZ nSx0khcu/Wlvg00cFTJV2GCns35aw3qdlzN8tt1dLG5QYfNyqwu83gZZ6YF/39Uq W5hVmRdQXCgb0sGQJVw3lW3BAgjwXl/wj90RH6vzC6y+ujP0gCqytNFVHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1YuqLxKkZcVG+j7oJ8vLvtT8LEMB8GA1UdIwQY MBaAFMcZytmSIRW8+nRSugpuQ6avTkwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEt N2MyYzA4YjVlZTQ5LzEveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEtN2MyYzA4YjVlZTQ5 LzEveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwIWwPZJa dAiPVzZ5JT9ttfTneZKmaqz0hD2RwBy4nJEyMXrY7B2JT0SMq1A+wjG0z5CVQ/dA bsbGkiTePX1A9LUTAJu3DFHn2R0mfJTZiP7wfoC1L/6SKAV3qdfH+erIGN+ZIEqL GMTkjdyMwYIhTMzLmQnYIkDJCKcTapIkc4Ef1UPxEjo/aofN5dIzOmzSqWphSy9S CMxVPkmpAS7yns2mqIiRpHEu3BwD7sSq8+iKkiz2nddo52OWLjC+54q45yCqs10e G3V2QUk+eqqNrDOhuTeVSH4l3XxzbI/rJcDmwIi7fMycnFGqthObtcL+SQ05g1md 1/7HPj8mgiN/Rg== -----END CERTIFICATE-----Generated at Wed Dec 17 04:22:09 2025 by rpki-client