This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft File: XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json) Hash identifier: TdLWgJ0kEm5tfnlbEP5kUPnzYfnfksJHdS6OYIEmGQA= Subject key identifier: A9:00:83:0D:3F:D5:6C:59:4E:B1:5E:95:74:A9:4B:6B:5A:88:66:FF Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Certificate serial: 019B5A520B165B2F8A1203AC59ADF6BA76F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft Manifest number: 0F14 Signing time: Fri 26 Dec 2025 11:01:24 +0000 Manifest this update: Fri 26 Dec 2025 11:01:24 +0000 Manifest next update: Sat 27 Dec 2025 11:01:24 +0000 Files and hashes: 1: 1-EeSCCOFCUoz0VplGP1Lo0h-9As.roa (hash: ZLnUsrTQcRzljBuufN+eacOU/oxAjJXf2wRzESRepgg=) 2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: gS3fYenvdnHWKQMVK76hmqn5w7is4aPI6gZ+U+Z5wR4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:0b:16:5b:2f:8a:12:03:ac:59:ad:f6:ba:76:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Validity Not Before: Dec 26 11:01:24 2025 GMT Not After : Dec 27 11:01:24 2025 GMT Subject: CN=a900830d3fd56c594eb15e9574a94b6b5a8866ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:57:dc:9a:58:d3:9f:72:6d:da:98:7b:8e:32: 60:d1:46:c9:8d:7b:b3:0d:4b:fe:e0:98:45:ab:65: e1:d6:69:d0:4b:4a:2c:18:51:23:a6:76:00:ab:0e: 52:87:72:c1:a6:61:86:8e:f3:2e:6e:9e:a8:e4:87: 21:c8:60:0c:18:d5:cc:e9:bc:8e:9f:12:93:a4:4e: 2c:d1:7a:cb:a1:b3:e0:38:76:dd:5b:5c:24:be:3b: e7:e4:c4:79:71:bb:78:33:6a:12:dc:54:22:cb:5a: ac:6d:0d:c4:19:4a:0c:fe:45:50:f3:5e:53:b7:33: 45:a8:af:1d:88:c4:9d:52:b1:77:ea:42:46:83:b9: f2:2f:e6:48:ad:1e:39:36:61:f9:ba:cb:6f:e9:83: 0d:c7:7d:e3:fc:c3:4b:70:5d:c0:2a:f1:0c:29:05: 8c:72:bd:3c:66:9c:42:94:b0:ad:98:dc:d7:2b:a3: 5a:9a:58:bb:8f:02:ce:b5:ac:b9:24:62:37:c1:27: 5e:cb:de:02:b6:35:f9:91:63:06:4f:f8:4d:b9:2e: 12:b8:22:56:2b:f9:7f:52:e8:7d:f8:61:52:36:83: ca:48:43:2d:4b:b5:79:87:c8:0b:65:b1:90:21:dd: 42:03:fe:7e:f3:45:74:75:55:2c:7d:a4:59:44:98: 48:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:00:83:0D:3F:D5:6C:59:4E:B1:5E:95:74:A9:4B:6B:5A:88:66:FF X509v3 Authority Key Identifier: keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:1b:e6:e1:2d:a7:ea:f3:82:49:49:84:5b:5a:61:37:9b:2f: e2:88:e0:b1:cb:e4:3a:dd:54:a4:29:fd:3c:d8:b1:a1:ac:7d: ea:28:21:b8:6d:67:eb:9a:af:f8:3a:6a:b8:d3:21:2b:17:be: d9:77:25:e3:d7:d8:13:20:0c:6c:0e:3a:75:fc:78:ed:f2:ca: a4:5b:90:d1:c8:f9:cc:6a:05:89:81:93:0d:24:5e:31:91:74: 9b:63:45:88:e7:c5:96:2c:a7:9c:d0:28:1c:93:a4:3b:a4:d3: bc:7f:69:b2:85:b7:fb:45:6d:14:c3:f6:02:c7:86:7a:61:bc: 7d:bf:9d:c6:c7:b5:e7:b6:f0:28:a1:35:69:6d:12:54:4d:fb: 18:97:16:33:af:9d:77:e6:a4:1c:4e:99:27:13:a5:8a:1d:b6: dc:02:16:96:96:7a:a4:c2:df:d6:64:bb:7e:14:66:40:ed:db: fc:32:1a:fb:eb:e4:de:27:c0:01:9a:32:37:fd:06:d0:7c:7f: 9f:9e:c7:72:b7:22:ae:26:30:fe:0f:7b:02:37:c0:bd:ce:63: 82:75:da:4d:eb:20:d6:32:bb:26:85:81:fd:4f:cc:a9:bf:f7: 01:10:7e:1a:87:95:12:e4:8b:26:6b:ee:b8:d2:28:e4:ee:94: e2:82:c9:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUgsWWy+KEgOsWa32unb3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz ZThjMDMwHhcNMjUxMjI2MTEwMTI0WhcNMjUxMjI3MTEwMTI0WjAzMTEwLwYDVQQD EyhhOTAwODMwZDNmZDU2YzU5NGViMTVlOTU3NGE5NGI2YjVhODg2NmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFfcmljTn3Jt2ph7jjJg0UbJjXuz DUv+4JhFq2Xh1mnQS0osGFEjpnYAqw5Sh3LBpmGGjvMubp6o5IchyGAMGNXM6byO nxKTpE4s0XrLobPgOHbdW1wkvjvn5MR5cbt4M2oS3FQiy1qsbQ3EGUoM/kVQ815T tzNFqK8diMSdUrF36kJGg7nyL+ZIrR45NmH5ustv6YMNx33j/MNLcF3AKvEMKQWM cr08ZpxClLCtmNzXK6Namli7jwLOtay5JGI3wSdey94CtjX5kWMGT/hNuS4SuCJW K/l/Uuh9+GFSNoPKSEMtS7V5h8gLZbGQId1CA/5+80V0dVUsfaRZRJhILQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKkAgw0/1WxZTrFelXSpS2taiGb/MB8GA1UdIwQY MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJRvm4S2n 6vOCSUmEW1phN5sv4ojgscvkOt1UpCn9PNixoax96ighuG1n65qv+DpquNMhKxe+ 2Xcl49fYEyAMbA46dfx47fLKpFuQ0cj5zGoFiYGTDSReMZF0m2NFiOfFliynnNAo HJOkO6TTvH9psoW3+0VtFMP2AseGemG8fb+dxse157bwKKE1aW0SVE37GJcWM6+d d+akHE6ZJxOlih223AIWlpZ6pMLf1mS7fhRmQO3b/DIa++vk3ifAAZoyN/0G0Hx/ n57HcrciriYw/g97AjfAvc5jgnXaTesg1jK7JoWB/U/Mqb/3ARB+GoeVEuSLJmvu uNIo5O6U4oLJAQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:08:50 2025 by rpki-client