This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: PLknGM1v1wv5kuTOLUAxH2xT+0FoETjyoWRsSTU+ap4= Subject key identifier: 78:03:DB:23:91:96:73:76:ED:5F:49:95:38:F8:82:52:13:EB:B5:30 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019B7F0325F1A34AF89EFD543696E0A99A81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 17C2 Signing time: Fri 02 Jan 2026 14:01:11 +0000 Manifest this update: Fri 02 Jan 2026 14:01:11 +0000 Manifest next update: Sat 03 Jan 2026 14:01:11 +0000 Files and hashes: 1: 1-dAYLfzEcuSnLWMiLXXSdIwT4rU.roa (hash: WhA4jtvtbE79AQa3IJODloRRuW4QHZIWAX/A32JL7m4=) 2: GOmV_75Dv1jwn9wiVioc2BSPZTo.roa (hash: pRTwblvRoqzlcA6ZsWJlwN1cr9uhPXOkl31rFqoTMf8=) 3: NklSIVNcNIWeMyDnmkM31BBhz1c.roa (hash: UKSW2BDTyMNTJDzhPRFU+Wzj1R5uLkgmHOPWx5CWEqQ=) 4: W4UHRrBQAt50eiIa0aXkDS2q-jI.roa (hash: wJtHrvfPjqzoQaYOzEJ/TBfUCsO/TaG3P+SEUHqq3Ig=) 5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: xRmISAVsuUy6S2g7p5YK3dIqdGUQOnme9YX7qTZiuvo=) 6: _5CTbNuX6fLN7jDqdj1oQp0kARc.roa (hash: Ha0LgykvjQP+9qGPn28IFIuJ0yQRLEpHe1bDMbGiuiE=) 7: _YOXL7ZxwGLyAFtXgmbGoGmsxw0.roa (hash: oYcEDHMjBaLjLdS2+cnHZQVD1ORy9f2L160BSTCgJ4c=) 8: lxIA5T6ig6P82Z6FpI76sa5r9Hk.roa (hash: 3LHUUi612Oq28/k9MVav0SeJK2Lmj7BOxrV2xdjlDis=) 9: szXceV_8JO0f_7ooL6S8iduW9xI.roa (hash: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4=) 10: xnSiVa_Qi8Hl5xGaTydyCAcB4Q4.roa (hash: SWwZIzY753Ls9csZNqAI1seyxm1jJEeEibvAi3lb+6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:03:25:f1:a3:4a:f8:9e:fd:54:36:96:e0:a9:9a:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Jan 2 14:01:11 2026 GMT Not After : Jan 3 14:01:11 2026 GMT Subject: CN=7803db2391967376ed5f499538f8825213ebb530 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f3:07:3f:45:c2:76:94:06:ad:7d:eb:9d:5a: 17:2e:65:28:8d:0b:1e:73:7c:ee:f0:95:3b:a0:9b: 47:eb:6f:24:65:66:62:3a:e7:9d:3c:b6:d1:b9:d8: f2:77:4e:47:b7:85:50:40:90:7d:e9:54:db:59:ed: 7d:6c:54:35:f4:e8:39:51:6f:db:4b:5f:3d:d0:f6: 6f:66:c7:60:42:42:7e:40:33:c0:2c:87:31:04:f0: 84:6c:88:63:f2:cf:a8:11:dd:55:6f:29:ba:85:7e: 34:65:f0:34:3c:15:fb:9d:91:71:92:9e:19:72:78: f9:73:fc:83:f8:69:e0:ec:93:ca:71:47:88:19:34: 43:c4:63:7c:84:a6:b0:62:b8:fe:f9:c9:5c:b8:a3: 99:a6:4a:ab:e4:7a:a7:3f:89:33:a0:73:7d:32:7b: bf:42:19:74:2f:04:ea:75:6f:45:af:d8:11:e8:a8: 09:3a:2f:cf:90:cb:84:ce:1a:a9:e4:2b:32:7b:88: 4e:6f:80:1d:40:3f:7d:83:75:c7:e5:0a:a3:61:2c: 0f:5a:9f:0e:0f:7a:90:b3:a2:35:80:98:08:d7:87: 75:02:0f:45:60:fb:f8:3b:6f:5c:8d:ff:95:ff:6d: fd:f8:cb:9e:86:82:2f:59:3c:eb:0f:b0:89:68:d8: a7:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:03:DB:23:91:96:73:76:ED:5F:49:95:38:F8:82:52:13:EB:B5:30 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:47:e5:e0:fe:17:99:c3:30:ac:11:e6:12:a2:0a:21:fc:24: 50:c0:f4:be:ee:bd:a3:06:07:93:7b:70:ac:17:af:5c:d4:d1: f2:8f:b6:fd:9f:59:6c:9c:fb:8b:c9:d0:c2:ac:34:12:91:7a: be:f5:7d:03:fb:40:76:4f:3e:52:6c:02:d8:8b:e1:e0:11:26: b5:07:d5:86:d9:43:26:31:94:71:ac:1b:55:4d:87:5e:0c:35: 54:9c:f4:ac:96:7b:56:df:21:7f:2b:38:16:65:7d:db:e1:63: ea:4f:b5:17:c8:10:2b:48:c1:01:3f:6b:e8:1c:87:34:b7:a1: 39:fa:fd:94:db:ce:0b:47:04:09:9e:37:eb:72:11:2a:91:a6: e6:1e:c2:67:c9:c1:4b:af:0b:66:02:aa:34:30:37:47:66:48: 0d:84:19:2e:30:51:14:03:5b:b8:a5:03:2c:f6:e9:58:7a:bf: 93:b0:ef:6c:d5:97:2d:25:a1:78:43:be:01:e4:46:36:71:98: ab:fe:17:fc:05:e0:1f:f1:22:2a:35:ea:67:66:dc:c4:26:85: f0:29:6a:de:5a:d5:e8:53:d8:bb:e3:7b:02:64:01:d2:a9:9b: 73:3b:df:52:44:5a:d4:78:4e:02:45:a6:2f:57:96:95:16:62: 0c:d4:69:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt/AyXxo0r4nv1UNpbgqZqBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwMTAyMTQwMTExWhcNMjYwMTAzMTQwMTExWjAzMTEwLwYDVQQD Eyg3ODAzZGIyMzkxOTY3Mzc2ZWQ1ZjQ5OTUzOGY4ODI1MjEzZWJiNTMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/MHP0XCdpQGrX3rnVoXLmUojQse c3zu8JU7oJtH628kZWZiOuedPLbRudjyd05Ht4VQQJB96VTbWe19bFQ19Og5UW/b S1890PZvZsdgQkJ+QDPALIcxBPCEbIhj8s+oEd1Vbym6hX40ZfA0PBX7nZFxkp4Z cnj5c/yD+Gng7JPKcUeIGTRDxGN8hKawYrj++clcuKOZpkqr5HqnP4kzoHN9Mnu/ Qhl0LwTqdW9Fr9gR6KgJOi/PkMuEzhqp5Csye4hOb4AdQD99g3XH5QqjYSwPWp8O D3qQs6I1gJgI14d1Ag9FYPv4O29cjf+V/239+MuehoIvWTzrD7CJaNineQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHgD2yORlnN27V9JlTj4glIT67UwMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkfl4P4X mcMwrBHmEqIKIfwkUMD0vu69owYHk3twrBevXNTR8o+2/Z9ZbJz7i8nQwqw0EpF6 vvV9A/tAdk8+UmwC2Ivh4BEmtQfVhtlDJjGUcawbVU2HXgw1VJz0rJZ7Vt8hfys4 FmV92+Fj6k+1F8gQK0jBAT9r6ByHNLehOfr9lNvOC0cECZ4363IRKpGm5h7CZ8nB S68LZgKqNDA3R2ZIDYQZLjBRFANbuKUDLPbpWHq/k7DvbNWXLSWheEO+AeRGNnGY q/4X/AXgH/EiKjXqZ2bcxCaF8Clq3lrV6FPYu+N7AmQB0qmbczvfUkRa1HhOAkWm L1eWlRZiDNRpsQ== -----END CERTIFICATE-----Generated at Fri Jan 2 16:29:21 2026 by rpki-client