This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json) Hash identifier: lYmvBi5cl5scTfD2HsBWwrZel0OFOjfNaUvZLvve9zw= Subject key identifier: F8:E1:AB:CA:25:1A:3D:DE:A0:1D:FA:88:6C:78:6B:EF:4D:7F:8E:D8 Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33 Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733 Certificate serial: 019B34570A8C275EC921C064A6DBFCD8C635 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft Manifest number: 1008 Signing time: Fri 19 Dec 2025 02:01:17 +0000 Manifest this update: Fri 19 Dec 2025 02:01:17 +0000 Manifest next update: Sat 20 Dec 2025 02:01:17 +0000 Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=) 2: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: YLbe4MzZnZHy2vzXFc5gpTNk7iPz1MZdxqPCXa6H9c0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 02:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:57:0a:8c:27:5e:c9:21:c0:64:a6:db:fc:d8:c6:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733 Validity Not Before: Dec 19 02:01:17 2025 GMT Not After : Dec 20 02:01:17 2025 GMT Subject: CN=f8e1abca251a3ddea01dfa886c786bef4d7f8ed8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b4:73:0e:eb:99:0c:03:60:b9:90:b3:35:3a: b9:27:80:12:2e:0d:5a:ad:5e:53:0d:35:44:c0:99: d5:55:41:39:9d:43:60:49:12:33:b3:d3:b1:1d:be: 31:71:d2:98:77:e3:0a:79:39:bb:84:2b:89:45:03: 0c:94:b4:13:02:c9:01:51:cb:a8:29:d2:1f:44:4f: 87:9f:4e:5d:4a:55:7e:fa:54:04:e5:4d:5f:1c:7e: a3:bc:52:b4:a6:64:54:3f:3f:99:49:91:80:f2:f6: a6:1a:15:03:a8:d9:68:46:b9:e0:c5:29:06:19:20: 29:32:60:34:19:f1:c5:c1:d7:4c:8f:98:27:56:2c: 4b:1e:1e:2b:d1:ce:6f:90:61:11:c9:cc:e3:a1:ee: c4:02:9a:7f:a1:9b:9f:f1:e8:25:66:8d:5a:63:87: 09:55:cd:5f:cf:1c:3e:cc:b3:d0:20:cd:a4:6b:9f: f1:98:c0:ac:89:c4:1a:31:e8:6d:3b:3f:ef:19:83: 4a:b7:8a:7d:95:11:13:11:87:0f:3b:43:93:89:d3: 4a:16:0c:f6:65:bc:8e:b7:4b:5d:c1:9f:67:24:ba: 18:0c:03:f0:58:0e:81:cf:11:4d:89:b9:f9:0b:52: f6:3b:7b:69:65:14:32:74:1c:fe:b1:a0:56:cc:51: 89:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:E1:AB:CA:25:1A:3D:DE:A0:1D:FA:88:6C:78:6B:EF:4D:7F:8E:D8 X509v3 Authority Key Identifier: keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:d2:39:f2:a8:8e:92:db:37:48:8d:6a:48:c2:04:42:80:7a: cf:bb:96:31:68:c4:94:05:04:a8:6d:12:99:dc:4e:ae:93:5f: f0:ad:30:34:0a:d4:5d:d9:e2:75:1d:98:6a:f9:4d:e5:47:70: a5:f0:a8:c0:65:4c:76:b9:54:ea:66:05:96:be:6d:0d:08:b3: 19:c9:f7:a6:81:80:28:89:66:5e:d5:8a:fa:19:d2:89:50:77: 0a:38:43:80:de:50:46:d8:5b:58:8a:44:f4:b7:bf:aa:a6:5a: da:e0:68:d8:02:0a:ca:e0:23:91:43:86:7a:c2:9c:1b:25:4b: e9:ad:90:6b:3a:6b:9a:da:cc:fd:42:d1:91:f7:14:03:2d:bf: 9b:4a:99:0e:15:f9:8d:f2:f6:11:d3:35:3c:83:bd:3a:92:58: 90:90:b4:81:b4:94:cf:b5:b2:30:7d:b0:62:59:b8:48:e3:c3: 48:cc:7b:71:19:fe:f2:99:90:94:a2:ac:f5:35:19:09:e7:f6: fa:da:cf:51:f9:fd:cf:f3:ef:69:61:71:b5:43:b7:19:a2:e7: c6:36:8a:a3:63:47:02:2c:08:cd:9b:8b:cc:ed:ae:98:b6:f0: f7:f1:0d:9b:a6:91:86:32:80:fe:c3:12:50:ec:bc:1c:85:f4: fb:c6:f8:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0VwqMJ17JIcBkptv82MY1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh NzA3MzMwHhcNMjUxMjE5MDIwMTE3WhcNMjUxMjIwMDIwMTE3WjAzMTEwLwYDVQQD EyhmOGUxYWJjYTI1MWEzZGRlYTAxZGZhODg2Yzc4NmJlZjRkN2Y4ZWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbRzDuuZDANguZCzNTq5J4ASLg1a rV5TDTVEwJnVVUE5nUNgSRIzs9OxHb4xcdKYd+MKeTm7hCuJRQMMlLQTAskBUcuo KdIfRE+Hn05dSlV++lQE5U1fHH6jvFK0pmRUPz+ZSZGA8vamGhUDqNloRrngxSkG GSApMmA0GfHFwddMj5gnVixLHh4r0c5vkGERyczjoe7EApp/oZuf8eglZo1aY4cJ Vc1fzxw+zLPQIM2ka5/xmMCsicQaMehtOz/vGYNKt4p9lRETEYcPO0OTidNKFgz2 ZbyOt0tdwZ9nJLoYDAPwWA6BzxFNibn5C1L2O3tpZRQydBz+saBWzFGJ3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPjhq8olGj3eoB36iGx4a+9Nf47YMB8GA1UdIwQY MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9I58qiO kts3SI1qSMIEQoB6z7uWMWjElAUEqG0SmdxOrpNf8K0wNArUXdnidR2YavlN5Udw pfCowGVMdrlU6mYFlr5tDQizGcn3poGAKIlmXtWK+hnSiVB3CjhDgN5QRthbWIpE 9Le/qqZa2uBo2AIKyuAjkUOGesKcGyVL6a2QazprmtrM/ULRkfcUAy2/m0qZDhX5 jfL2EdM1PIO9OpJYkJC0gbSUz7WyMH2wYlm4SOPDSMx7cRn+8pmQlKKs9TUZCef2 +trPUfn9z/PvaWFxtUO3GaLnxjaKo2NHAiwIzZuLzO2umLbw9/ENm6aRhjKA/sMS UOy8HIX0+8b4+g== -----END CERTIFICATE-----Generated at Fri Dec 19 10:53:08 2025 by rpki-client