This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft File: 1XfOFDQjLYCBldDKcKs5HfsHry0.mft (raw, json) Hash identifier: ArEQggkfN4zrPFyLLsGv+k239mtW6cWyqFAbkoi7eSE= Subject key identifier: 18:00:5B:65:65:BF:AB:59:D7:1C:45:CC:A8:40:D2:65:4E:1A:D7:DA Authority key identifier: D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D Certificate issuer: /CN=d577ce1434232d808195d0ca70ab391dfb07af2d Certificate serial: 019B5A1AC4E790551A7243F58C73873B6C4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft Manifest number: 1798 Signing time: Fri 26 Dec 2025 10:01:02 +0000 Manifest this update: Fri 26 Dec 2025 10:01:02 +0000 Manifest next update: Sat 27 Dec 2025 10:01:02 +0000 Files and hashes: 1: 1XfOFDQjLYCBldDKcKs5HfsHry0.crl (hash: JFt9BcRVVTcXZKwK2xbVMragTvcMkFYLHDQJSPEbsCA=) 2: HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa (hash: zRQPtKl4Mi8+zyT9yY1R1Qmmn1wM9W5eQbvQLliU+lY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:c4:e7:90:55:1a:72:43:f5:8c:73:87:3b:6c:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d577ce1434232d808195d0ca70ab391dfb07af2d Validity Not Before: Dec 26 10:01:02 2025 GMT Not After : Dec 27 10:01:02 2025 GMT Subject: CN=18005b6565bfab59d71c45cca840d2654e1ad7da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:6a:81:2b:90:50:3d:32:d1:d5:f3:3e:32:05: a1:b0:41:25:74:da:f6:50:d1:95:8c:a1:34:9c:3f: 64:91:20:f7:a6:39:ea:36:89:93:ed:cc:b4:3a:07: 99:42:da:eb:b0:0c:3c:41:2e:a7:b1:db:8f:18:d6: 73:ce:9c:80:30:ef:06:9a:b2:1b:fd:08:43:c7:35: d9:0f:89:cf:b8:82:54:a5:cf:d9:41:03:f2:02:a3: 31:40:9b:37:d2:fe:60:ce:c1:7b:e4:4c:45:48:cb: cb:c3:63:ab:6c:4d:54:3e:23:9e:37:e7:a9:99:8b: 8b:30:82:47:72:e5:3f:4f:78:7f:b1:47:69:96:f1: 2b:1a:4d:1e:51:16:a4:c7:dc:fa:fe:3b:a8:32:57: 4d:29:de:3c:13:70:0a:6b:ae:75:0b:10:67:8c:21: 36:1a:13:49:79:9f:94:b0:82:1d:d5:3b:50:8d:26: a5:37:31:a5:00:b7:e8:d8:d9:c4:1e:f4:a1:7c:4d: 56:2a:9e:cb:b6:4f:1f:9f:45:00:6d:54:2e:a3:89: 48:f6:5f:d2:57:bd:11:82:ba:db:4f:18:85:d0:9c: 1b:8e:68:c9:a7:7f:d6:e1:99:53:e1:8b:4b:6c:e1: 20:eb:41:04:f5:70:08:36:f4:ce:0c:d4:c5:37:5e: e5:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:00:5B:65:65:BF:AB:59:D7:1C:45:CC:A8:40:D2:65:4E:1A:D7:DA X509v3 Authority Key Identifier: keyid:D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:8f:ad:40:45:94:ef:2f:06:d1:ce:93:b9:08:b4:3f:6c:42: e0:13:1b:40:f9:43:90:35:cf:45:e6:78:ef:17:1c:8f:df:ab: b7:70:92:fc:de:d1:1d:ab:99:49:5d:c6:b7:78:f7:70:d5:9d: 12:98:c1:51:ff:61:7e:2a:cf:a5:c5:07:be:b1:22:e9:87:9c: a2:54:33:d6:57:60:96:21:28:00:08:f8:7d:2b:8d:a2:64:a6: d1:d3:44:98:9b:c7:3b:da:13:30:d5:1c:ab:72:c5:62:cc:a0: 47:b6:a9:74:f9:d3:db:02:9b:8b:48:24:9e:b3:82:a0:07:e0: 47:70:af:63:2c:86:21:09:b9:38:94:e8:7a:41:9d:24:42:2c: 75:63:0a:95:6c:3b:ee:f2:92:52:3d:b6:fb:37:35:30:cb:bf: 8b:ab:17:52:15:55:18:28:5f:cb:04:61:db:26:96:09:4f:58: 1c:5a:dd:63:fc:02:bf:76:68:5f:a3:93:e6:8a:30:f7:1a:53: 96:fa:ac:79:85:ce:dd:22:b8:4c:b2:4d:51:7a:0f:72:8b:e9: db:3e:f0:5c:a2:e8:13:32:ab:87:0c:a5:7a:96:39:27:83:53: 79:fc:b5:e2:b2:7d:e8:c4:77:cd:06:e6:b8:44:ac:1c:d1:84: 83:c9:40:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGsTnkFUackP1jHOHO2xLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1NzdjZTE0MzQyMzJkODA4MTk1ZDBjYTcwYWIzOTFkZmIw N2FmMmQwHhcNMjUxMjI2MTAwMTAyWhcNMjUxMjI3MTAwMTAyWjAzMTEwLwYDVQQD EygxODAwNWI2NTY1YmZhYjU5ZDcxYzQ1Y2NhODQwZDI2NTRlMWFkN2RhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2qBK5BQPTLR1fM+MgWhsEEldNr2 UNGVjKE0nD9kkSD3pjnqNomT7cy0OgeZQtrrsAw8QS6nsduPGNZzzpyAMO8GmrIb /QhDxzXZD4nPuIJUpc/ZQQPyAqMxQJs30v5gzsF75ExFSMvLw2OrbE1UPiOeN+ep mYuLMIJHcuU/T3h/sUdplvErGk0eURakx9z6/juoMldNKd48E3AKa651CxBnjCE2 GhNJeZ+UsIId1TtQjSalNzGlALfo2NnEHvShfE1WKp7Ltk8fn0UAbVQuo4lI9l/S V70RgrrbTxiF0JwbjmjJp3/W4ZlT4YtLbOEg60EE9XAINvTODNTFN17lcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBgAW2Vlv6tZ1xxFzKhA0mVOGtfaMB8GA1UdIwQY MBaAFNV3zhQ0Iy2AgZXQynCrOR37B68tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMt NjBlNmIxNDhkMjhiLzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMtNjBlNmIxNDhkMjhi LzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQo+tQEWU 7y8G0c6TuQi0P2xC4BMbQPlDkDXPReZ47xccj9+rt3CS/N7RHauZSV3Gt3j3cNWd EpjBUf9hfirPpcUHvrEi6YecolQz1ldgliEoAAj4fSuNomSm0dNEmJvHO9oTMNUc q3LFYsygR7apdPnT2wKbi0gknrOCoAfgR3CvYyyGIQm5OJToekGdJEIsdWMKlWw7 7vKSUj22+zc1MMu/i6sXUhVVGChfywRh2yaWCU9YHFrdY/wCv3ZoX6OT5oow9xpT lvqseYXO3SK4TLJNUXoPcovp2z7wXKLoEzKrhwylepY5J4NTefy14rJ96MR3zQbm uESsHNGEg8lA3A== -----END CERTIFICATE-----Generated at Fri Dec 26 14:09:06 2025 by rpki-client