This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json) Hash identifier: 2zk8aeXNFWJ5TWB8G4bMDlGKgBOZ5JONNgUvAiAop8k= Subject key identifier: A4:03:5B:8F:24:44:F2:97:D3:E8:AB:76:F0:45:B2:DB:E6:F5:2E:27 Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5 Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5 Certificate serial: 019B397D805EB2BB42685A1BE299A25701C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft Manifest number: 0BBE Signing time: Sat 20 Dec 2025 02:01:24 +0000 Manifest this update: Sat 20 Dec 2025 02:01:24 +0000 Manifest next update: Sun 21 Dec 2025 02:01:24 +0000 Files and hashes: 1: IzmeYXYlO_xmlW74WeQyL7gffpE.roa (hash: Z5XX/V/bAHCE8fRhzNUzhUtEMOMQ14B1YoCinHSL1lM=) 2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: xcv0NAPSr80GsXzx4n8KWArPVr9r+4mGhnltglADcCU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:80:5e:b2:bb:42:68:5a:1b:e2:99:a2:57:01:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5 Validity Not Before: Dec 20 02:01:24 2025 GMT Not After : Dec 21 02:01:24 2025 GMT Subject: CN=a4035b8f2444f297d3e8ab76f045b2dbe6f52e27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cf:41:a4:09:11:b8:e1:08:9a:d1:c1:d9:34: ea:11:ad:b6:04:63:cd:1a:27:e1:ad:9c:d2:ab:33: 83:0a:44:e2:72:5a:fd:30:3e:45:be:e2:4b:71:b6: 90:88:a9:18:fb:b6:56:6c:f1:68:52:5b:78:29:81: f3:89:c9:1e:23:5f:94:26:53:d1:1c:28:b2:99:af: 5b:86:c0:03:03:38:06:9c:00:bb:a2:a1:aa:28:81: 15:58:b1:cf:be:23:85:af:75:e1:37:24:3b:77:e0: b6:09:52:7e:19:25:84:cf:f1:3f:ed:c3:c6:db:d2: 49:43:70:d6:33:88:85:31:fa:15:64:48:8e:8d:89: 23:a2:ca:cf:ea:a7:fa:cc:ca:4e:89:99:1e:46:cd: 51:2c:f3:65:fe:00:4d:98:58:e7:d5:b0:ed:b9:90: 70:87:1c:4c:42:fb:18:f2:74:7e:31:60:5e:94:f4: 7f:40:1f:d9:14:85:56:c7:e5:bb:87:f1:39:f3:ce: 56:10:d9:79:08:e4:4e:44:69:2d:cc:ee:7f:30:eb: 5f:da:01:b7:57:16:07:65:4a:0a:48:8f:a9:21:10: a2:d0:c7:06:a1:94:ad:0c:18:ff:65:db:4b:4e:0c: d2:31:bb:12:b4:10:22:5d:7d:ef:5f:d5:94:e1:b1: 3f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:03:5B:8F:24:44:F2:97:D3:E8:AB:76:F0:45:B2:DB:E6:F5:2E:27 X509v3 Authority Key Identifier: keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:ff:4b:49:d7:50:25:ec:f3:84:6a:d9:c2:e3:8b:49:61:0c: 0c:55:9c:ba:9d:29:76:29:31:5d:4a:1a:30:2d:50:90:8e:5c: 3a:87:91:11:89:99:64:10:e7:f4:5d:87:13:e4:ed:11:87:c9: d4:ae:14:9d:77:3c:44:63:9e:2a:43:43:3c:20:8f:ff:b9:3e: 1a:a0:00:44:ce:09:e5:a3:f7:d4:1c:95:25:df:16:bc:c1:cd: 00:78:c2:3f:90:1a:a7:00:f4:51:ba:a1:a3:97:6f:a8:18:33: 44:2e:64:15:8c:51:2e:2a:68:03:af:8f:c7:89:fc:85:df:9f: 2a:d1:22:f4:f0:eb:d0:b2:8a:db:b1:c3:9c:5d:90:4e:5a:84: 2a:96:1c:32:f9:a1:40:aa:e4:6c:ff:31:2e:57:22:59:fc:99: a3:15:53:f9:6b:96:1f:e6:46:1d:eb:f8:ca:b9:f7:5a:48:c7: 22:cb:93:e7:e0:06:ea:ba:e1:c0:2c:9e:bb:82:7d:50:d7:d2: db:8e:81:30:77:7a:c8:09:20:89:8d:ae:6e:f6:97:26:5c:ce: 36:cf:0d:0c:f0:1b:9e:1b:8c:29:c5:d5:7c:73:55:2c:63:0b: 71:6c:8e:6f:ca:cd:6a:2f:9b:d3:f9:d2:d8:73:b8:34:ad:0c: 20:f2:9b:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fYBesrtCaFob4pmiVwHFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky MThlZjUwHhcNMjUxMjIwMDIwMTI0WhcNMjUxMjIxMDIwMTI0WjAzMTEwLwYDVQQD EyhhNDAzNWI4ZjI0NDRmMjk3ZDNlOGFiNzZmMDQ1YjJkYmU2ZjUyZTI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs9BpAkRuOEImtHB2TTqEa22BGPN GifhrZzSqzODCkTiclr9MD5FvuJLcbaQiKkY+7ZWbPFoUlt4KYHzickeI1+UJlPR HCiyma9bhsADAzgGnAC7oqGqKIEVWLHPviOFr3XhNyQ7d+C2CVJ+GSWEz/E/7cPG 29JJQ3DWM4iFMfoVZEiOjYkjosrP6qf6zMpOiZkeRs1RLPNl/gBNmFjn1bDtuZBw hxxMQvsY8nR+MWBelPR/QB/ZFIVWx+W7h/E5885WENl5CORORGktzO5/MOtf2gG3 VxYHZUoKSI+pIRCi0McGoZStDBj/ZdtLTgzSMbsStBAiXX3vX9WU4bE/IQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKQDW48kRPKX0+irdvBFstvm9S4nMB8GA1UdIwQY MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAev9LSddQ JezzhGrZwuOLSWEMDFWcup0pdikxXUoaMC1QkI5cOoeREYmZZBDn9F2HE+TtEYfJ 1K4UnXc8RGOeKkNDPCCP/7k+GqAARM4J5aP31ByVJd8WvMHNAHjCP5AapwD0Ubqh o5dvqBgzRC5kFYxRLipoA6+Px4n8hd+fKtEi9PDr0LKK27HDnF2QTlqEKpYcMvmh QKrkbP8xLlciWfyZoxVT+WuWH+ZGHev4yrn3WkjHIsuT5+AG6rrhwCyeu4J9UNfS 246BMHd6yAkgiY2ubvaXJlzONs8NDPAbnhuMKcXVfHNVLGMLcWyOb8rNai+b0/nS 2HO4NK0MIPKb0g== -----END CERTIFICATE-----Generated at Sat Dec 20 08:41:14 2025 by rpki-client