This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft File: xJkOwgER9C-2LzmoHHOSqSGVW_I.mft (raw, json) Hash identifier: 4orMN6ZRTwBeGOrLODaturEZOMqc62880nSrfH9lTxc= Subject key identifier: 16:B9:71:86:FB:D6:D7:A7:B5:A7:6C:DE:39:4C:60:97:15:7A:0F:4F Authority key identifier: C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2 Certificate issuer: /CN=c4990ec20111f42fb62f39a81c7392a921955bf2 Certificate serial: 019B59E3C2EA4D65D7A870545B62F52F456D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft Manifest number: 03F8 Signing time: Fri 26 Dec 2025 09:00:57 +0000 Manifest this update: Fri 26 Dec 2025 09:00:57 +0000 Manifest next update: Sat 27 Dec 2025 09:00:57 +0000 Files and hashes: 1: S6SgkEKXXupg9NGyg85ew2MKuNo.roa (hash: Ccy6wkPiSmvGfzLUcrIC/arlCjWDtB/tLTVQ150opBk=) 2: xJkOwgER9C-2LzmoHHOSqSGVW_I.crl (hash: EQq9NMv/HgFMHxmFwqGDbNqhR97sVDaWEt9lipKnh5c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:c2:ea:4d:65:d7:a8:70:54:5b:62:f5:2f:45:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4990ec20111f42fb62f39a81c7392a921955bf2 Validity Not Before: Dec 26 09:00:57 2025 GMT Not After : Dec 27 09:00:57 2025 GMT Subject: CN=16b97186fbd6d7a7b5a76cde394c6097157a0f4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f0:7c:99:19:d6:d6:00:69:ee:9e:43:fc:f0: 3f:a2:89:ec:d1:17:ea:ff:4e:4e:48:97:21:ef:d3: 6c:8d:13:1d:27:7c:18:b8:ea:ee:c6:d7:5d:f5:d9: 21:d9:1c:70:fd:a4:23:b1:68:e4:c2:94:b7:a9:58: b9:1d:5f:47:1a:25:8c:04:a4:0f:df:21:f3:03:be: a1:e5:03:8f:4f:fe:9c:a2:b4:0b:60:ee:3b:23:db: 02:6d:af:d3:5e:b3:4c:02:5d:09:30:93:15:59:9f: 65:46:78:fb:74:2d:74:59:b9:63:2e:7c:5f:a9:d6: f0:e0:26:40:30:75:cb:95:13:a8:ab:43:a8:ed:c5: ad:0c:ad:7d:bb:bb:45:8b:dc:ce:dd:1c:ad:ea:20: 1f:83:00:28:96:79:f6:67:03:87:72:de:e5:9a:82: 13:f6:7c:31:76:dd:b3:ae:65:1a:5a:65:dc:55:5b: ac:73:27:1a:ba:66:b9:b5:bc:b6:13:a1:ae:ce:eb: 20:a9:77:0b:cb:39:ff:30:64:2f:73:6f:96:60:45: a7:01:43:08:21:35:5f:4e:be:83:58:42:65:5c:c0: 75:c6:d9:01:aa:ac:25:c9:c1:bf:96:b6:ae:d0:c5: 6b:cd:73:c3:b2:b3:4b:59:1f:b4:2b:0d:f2:7c:c6: 8d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:B9:71:86:FB:D6:D7:A7:B5:A7:6C:DE:39:4C:60:97:15:7A:0F:4F X509v3 Authority Key Identifier: keyid:C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:43:01:f0:f6:e0:cf:6b:02:65:73:4e:80:f7:50:33:b0:0d: 16:7d:30:bc:0f:0e:e8:a8:0b:4a:c9:3a:16:00:d5:23:1b:e1: b6:a6:ee:4a:c8:f7:53:31:df:cc:94:80:b5:d5:3d:a4:be:bf: 8c:62:10:84:0f:31:76:8c:3f:55:79:e3:5e:ed:21:f8:25:26: cb:2d:4e:00:93:25:dd:86:b9:07:5c:f1:75:4e:a2:6d:a5:49: 8b:1e:88:8e:5c:7d:55:c8:ee:f7:38:b7:c2:32:a7:bf:2e:ee: 49:9d:04:18:71:66:58:9d:6e:ad:21:67:38:e8:e9:20:84:0a: 75:d8:57:c5:e9:1b:d8:35:c3:a3:26:dd:d6:28:ab:f3:ec:41: 8f:fb:48:6a:b7:21:5a:92:3e:4d:71:fa:f7:bf:e7:1e:2b:87: 9a:34:16:e6:b3:8c:54:25:68:dd:58:7d:19:92:4e:6f:61:0a: 10:2d:d7:67:1a:1f:a6:f3:c3:fe:a4:5f:c6:2a:7f:d7:41:7d: 86:7a:e4:81:97:47:06:d0:16:c9:ab:cf:44:90:50:a1:f9:56: 54:ed:e7:39:dd:b6:98:12:a3:98:a9:bb:9e:15:01:d4:f4:e5: 66:29:4a:d1:54:0c:74:eb:80:d8:8c:b6:d3:f1:5d:43:87:44: f0:b4:2c:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ48LqTWXXqHBUW2L1L0VtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0OTkwZWMyMDExMWY0MmZiNjJmMzlhODFjNzM5MmE5MjE5 NTViZjIwHhcNMjUxMjI2MDkwMDU3WhcNMjUxMjI3MDkwMDU3WjAzMTEwLwYDVQQD EygxNmI5NzE4NmZiZDZkN2E3YjVhNzZjZGUzOTRjNjA5NzE1N2EwZjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvB8mRnW1gBp7p5D/PA/oons0Rfq /05OSJch79NsjRMdJ3wYuOruxtdd9dkh2Rxw/aQjsWjkwpS3qVi5HV9HGiWMBKQP 3yHzA76h5QOPT/6corQLYO47I9sCba/TXrNMAl0JMJMVWZ9lRnj7dC10WbljLnxf qdbw4CZAMHXLlROoq0Oo7cWtDK19u7tFi9zO3Ryt6iAfgwAolnn2ZwOHct7lmoIT 9nwxdt2zrmUaWmXcVVuscycauma5tby2E6GuzusgqXcLyzn/MGQvc2+WYEWnAUMI ITVfTr6DWEJlXMB1xtkBqqwlycG/lrau0MVrzXPDsrNLWR+0Kw3yfMaNVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBa5cYb71tentads3jlMYJcVeg9PMB8GA1UdIwQY MBaAFMSZDsIBEfQvti85qBxzkqkhlVvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAt YjBmZTkyMjFlZmI3LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAtYjBmZTkyMjFlZmI3 LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmEMB8Pbg z2sCZXNOgPdQM7ANFn0wvA8O6KgLSsk6FgDVIxvhtqbuSsj3UzHfzJSAtdU9pL6/ jGIQhA8xdow/VXnjXu0h+CUmyy1OAJMl3Ya5B1zxdU6ibaVJix6Ijlx9Vcju9zi3 wjKnvy7uSZ0EGHFmWJ1urSFnOOjpIIQKddhXxekb2DXDoybd1iir8+xBj/tIarch WpI+TXH697/nHiuHmjQW5rOMVCVo3Vh9GZJOb2EKEC3XZxofpvPD/qRfxip/10F9 hnrkgZdHBtAWyavPRJBQoflWVO3nOd22mBKjmKm7nhUB1PTlZilK0VQMdOuA2Iy2 0/FdQ4dE8LQsEg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:19 2025 by rpki-client