This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft File: xHC41L-HFAS8pTx3gVME7y6k4co.mft (raw, json) Hash identifier: +M9YPE2otH240Kqpfug2IPx1Wpya2SERJUvNpH2GuLg= Subject key identifier: 75:6B:DA:4F:5D:6D:90:38:F9:1F:B8:DA:F0:F3:8F:22:A8:4E:6B:B4 Authority key identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA Certificate issuer: /CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Certificate serial: 019B22F54B0465A5AD65AFE08E2B26799B19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft Manifest number: 0160 Signing time: Mon 15 Dec 2025 17:00:59 +0000 Manifest this update: Mon 15 Dec 2025 17:00:59 +0000 Manifest next update: Tue 16 Dec 2025 17:00:59 +0000 Files and hashes: 1: N1QJr3d4xPAL0pWw7bMpfGQLYDw.roa (hash: bdncW/PZlPA4ydR5a6GdEoycfKMOIvrr26MW7cKXUvM=) 2: xHC41L-HFAS8pTx3gVME7y6k4co.crl (hash: moc7Y1ePy5EnZ/ay0QY5q138aAFSkmyytN8siSVR0IE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:f5:4b:04:65:a5:ad:65:af:e0:8e:2b:26:79:9b:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Validity Not Before: Dec 15 17:00:59 2025 GMT Not After : Dec 16 17:00:59 2025 GMT Subject: CN=756bda4f5d6d9038f91fb8daf0f38f22a84e6bb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:92:f5:fe:99:a6:15:0b:ca:64:50:e0:13:ce: 12:e9:50:8d:59:38:3a:73:cd:e7:77:48:15:9c:49: 91:62:a9:cd:66:6d:84:bc:79:ba:4c:16:ea:93:5e: 2a:1a:8b:7d:cc:cb:da:3f:e2:99:66:1f:b4:15:a4: ea:37:d9:61:8b:2f:13:76:14:63:95:6e:02:57:f3: b4:74:ee:b8:7b:1e:52:c4:40:75:fa:00:16:01:dd: 74:14:7b:c8:dd:50:f2:2f:5b:c0:64:d6:6d:c9:00: 95:f5:2d:29:a0:db:c0:fe:4d:d0:f6:a6:ae:4a:43: af:1e:f8:41:55:07:a1:f8:b2:8e:2e:2d:51:16:d5: 2a:f4:e1:cb:26:f5:a7:a2:05:69:11:bb:dd:e1:91: 88:69:ba:85:3c:d6:72:0f:68:ee:92:fc:36:df:85: 17:3a:59:8b:3d:9c:01:35:80:7e:ca:66:fc:54:c7: 33:77:09:d0:dd:bb:31:f3:08:d2:0a:4c:5a:1e:39: 9a:a5:f5:47:5e:7e:33:b2:a5:f5:26:d3:30:8f:b2: 92:31:6d:d9:7a:16:f4:59:dd:c4:c4:27:c8:f3:eb: d1:e4:5f:f0:4c:29:7c:6e:86:8d:c2:5f:01:47:1d: 4b:30:cb:86:05:10:c0:ed:7e:ce:d7:5e:6e:f2:e6: 6e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:6B:DA:4F:5D:6D:90:38:F9:1F:B8:DA:F0:F3:8F:22:A8:4E:6B:B4 X509v3 Authority Key Identifier: keyid:C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:68:20:bc:4d:61:82:df:4a:77:b5:e2:09:ea:ed:8d:41:e4: 7e:85:06:2d:fc:a8:12:82:86:46:f8:e9:f9:70:b7:ef:61:bf: 61:23:ff:a5:15:f6:81:89:f1:47:96:7e:6b:91:61:fe:8f:51: 9a:4c:cf:88:ad:b0:3f:29:c4:02:05:60:6f:b8:8e:da:e0:80: 29:a8:a3:7e:7b:db:1c:6d:85:9c:33:66:60:f5:fe:53:f1:43: 4b:3f:93:51:b8:ce:d8:55:29:86:91:42:b1:65:1c:82:d7:b1: 9d:25:32:bc:a6:fd:20:e7:b8:64:53:78:d5:34:9b:bd:41:d7: ab:78:ab:70:fc:fa:af:a3:9b:3e:f5:9b:00:bd:4b:1a:7f:04: 11:99:61:d1:da:56:d9:f3:52:5f:ed:9d:88:6e:3b:16:e2:5e: f3:81:ac:a8:9d:af:1c:56:dd:7e:97:d1:90:ca:72:3a:14:e0: a9:7e:e7:f2:10:4c:ee:d7:99:c8:02:30:a4:84:ff:ba:20:c5: d8:90:87:5d:19:c2:dd:3e:a0:f0:7b:dc:03:68:0f:6e:4b:ef: 57:de:6e:e2:58:a0:6e:4c:d1:e0:74:44:a0:55:5e:6f:cb:f4: d5:78:18:b0:fd:af:a8:ff:7a:96:f1:aa:d4:33:09:d4:70:c3: c0:c2:52:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsi9UsEZaWtZa/gjismeZsZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NzBiOGQ0YmY4NzE0MDRiY2E1M2M3NzgxNTMwNGVmMmVh NGUxY2EwHhcNMjUxMjE1MTcwMDU5WhcNMjUxMjE2MTcwMDU5WjAzMTEwLwYDVQQD Eyg3NTZiZGE0ZjVkNmQ5MDM4ZjkxZmI4ZGFmMGYzOGYyMmE4NGU2YmI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pL1/pmmFQvKZFDgE84S6VCNWTg6 c83nd0gVnEmRYqnNZm2EvHm6TBbqk14qGot9zMvaP+KZZh+0FaTqN9lhiy8TdhRj lW4CV/O0dO64ex5SxEB1+gAWAd10FHvI3VDyL1vAZNZtyQCV9S0poNvA/k3Q9qau SkOvHvhBVQeh+LKOLi1RFtUq9OHLJvWnogVpEbvd4ZGIabqFPNZyD2jukvw234UX OlmLPZwBNYB+ymb8VMczdwnQ3bsx8wjSCkxaHjmapfVHXn4zsqX1JtMwj7KSMW3Z ehb0Wd3ExCfI8+vR5F/wTCl8boaNwl8BRx1LMMuGBRDA7X7O115u8uZuSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHVr2k9dbZA4+R+42vDzjyKoTmu0MB8GA1UdIwQY MBaAFMRwuNS/hxQEvKU8d4FTBO8upOHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGIt ZjYyNGVkNWY0NmZlLzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGItZjYyNGVkNWY0NmZl LzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxmggvE1h gt9Kd7XiCertjUHkfoUGLfyoEoKGRvjp+XC372G/YSP/pRX2gYnxR5Z+a5Fh/o9R mkzPiK2wPynEAgVgb7iO2uCAKaijfnvbHG2FnDNmYPX+U/FDSz+TUbjO2FUphpFC sWUcgtexnSUyvKb9IOe4ZFN41TSbvUHXq3ircPz6r6ObPvWbAL1LGn8EEZlh0dpW 2fNSX+2diG47FuJe84GsqJ2vHFbdfpfRkMpyOhTgqX7n8hBM7teZyAIwpIT/uiDF 2JCHXRnC3T6g8HvcA2gPbkvvV95u4ligbkzR4HREoFVeb8v01XgYsP2vqP96lvGq 1DMJ1HDDwMJSAQ== -----END CERTIFICATE-----Generated at Tue Dec 16 01:11:38 2025 by rpki-client