This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft File: XM97P9h86bzpn5ALZBmdYGvxYGk.mft (raw, json) Hash identifier: Z8Ge6H57cG8R4c6EkzQ1VupE28yRTzAFK2dD6ltCsnU= Subject key identifier: A4:A0:BB:32:7A:59:13:DA:2A:63:DB:FF:F2:C3:8B:00:21:09:3E:D7 Authority key identifier: 5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69 Certificate issuer: /CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069 Certificate serial: 019B454AC6F077F4B21444571A89CC80319C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft Manifest number: 171F Signing time: Mon 22 Dec 2025 09:01:27 +0000 Manifest this update: Mon 22 Dec 2025 09:01:27 +0000 Manifest next update: Tue 23 Dec 2025 09:01:27 +0000 Files and hashes: 1: KOB0vwmJ7cfgZ_1WOb_Xx7LqG6U.roa (hash: a7bo8HXeX2LyPkuCveHxDVKdqnbGHzPDqS6LymzXHUs=) 2: XM97P9h86bzpn5ALZBmdYGvxYGk.crl (hash: bErmZ67qpEvIDYRF0dYhMd9tByP+KaqIEiOUIz74W0U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.crl rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 09:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:4a:c6:f0:77:f4:b2:14:44:57:1a:89:cc:80:31:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069 Validity Not Before: Dec 22 09:01:27 2025 GMT Not After : Dec 23 09:01:27 2025 GMT Subject: CN=a4a0bb327a5913da2a63dbfff2c38b0021093ed7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:32:d2:14:ca:57:a5:db:02:1a:e2:56:e0:9e: bf:7d:d4:3d:20:ed:f8:6a:14:1e:eb:72:7e:6e:c2: 67:42:f3:c8:f5:b4:e9:f9:b4:a5:9e:2c:81:5d:c9: 54:17:d0:b1:91:b3:0e:7a:ea:73:76:33:35:a5:14: d8:42:e8:b8:22:93:de:e6:cd:e6:2f:66:fb:57:88: 4d:a2:18:ed:55:79:23:a1:a9:86:dc:b9:e5:d6:01: d1:90:b7:53:05:24:93:e4:8f:f5:8e:88:00:b7:01: 1a:b3:9c:08:5e:ea:aa:49:45:9b:3d:35:41:72:62: 09:5c:41:e5:1a:5d:f1:3a:cb:c9:07:bf:42:9a:94: ae:67:84:37:21:93:c4:ce:50:67:d9:4c:e3:b2:57: 12:02:bc:04:f5:18:22:fc:b0:01:0b:31:db:19:50: 59:8f:cd:c4:d1:7b:e0:30:4d:25:cb:ea:fb:55:30: 29:47:cf:ec:e2:84:bc:06:17:10:56:70:c3:d5:1d: 34:eb:fb:c3:9e:76:ba:5a:3f:2e:4e:f6:05:1e:ba: 52:1f:27:34:ea:77:99:c6:aa:ec:89:ce:a9:50:50: ee:15:b3:29:5f:0c:7a:e6:43:e3:22:cd:d4:14:6a: 69:91:15:15:a6:53:9f:82:6f:0b:13:a2:cc:cc:15: 1a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:A0:BB:32:7A:59:13:DA:2A:63:DB:FF:F2:C3:8B:00:21:09:3E:D7 X509v3 Authority Key Identifier: keyid:5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:86:db:2e:0a:51:98:fc:48:96:7c:c7:a5:d0:c1:8b:26:d6: 1c:d9:54:79:46:44:a6:8f:ae:34:30:df:4b:f3:70:0e:11:10: 15:d9:ec:c1:64:cf:e9:22:dd:dd:06:4f:ed:99:79:4a:f5:c0: b2:37:80:17:f2:d6:ff:45:57:a2:19:3a:02:0d:ff:28:ed:2f: cd:79:24:3d:99:5d:e0:8d:9d:f9:37:8f:e2:8a:83:8d:f1:e4: f1:45:21:36:46:9c:38:f7:4f:3b:a5:80:08:35:0a:e5:32:30: be:1d:1d:23:90:00:d1:e8:c3:43:33:b0:12:d4:02:13:13:c1: cf:4c:b7:a1:f8:a6:a1:18:b5:fd:29:a3:76:98:a7:5d:e8:7b: 87:6f:90:d6:cb:3c:a4:b8:5f:d3:a3:83:67:60:de:7d:5e:40: 33:2c:f1:44:f5:6f:78:03:3c:63:61:c8:8c:b6:c4:d0:19:04: 3d:76:ee:6d:cb:e4:29:0d:c7:04:ce:57:ad:9c:4a:20:72:e3: 72:61:21:7c:6c:3a:f6:5f:96:f2:ae:19:46:0d:2d:92:31:1d: 49:a8:50:19:7d:b8:80:c4:0e:c5:2e:e5:fd:b1:71:3d:b9:52: 95:4c:d3:86:23:ba:87:d4:18:e0:f7:6b:55:a7:0c:52:68:e4: 41:b3:c7:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFSsbwd/SyFERXGonMgDGcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjY2Y3YjNmZDg3Y2U5YmNlOTlmOTAwYjY0MTk5ZDYwNmJm MTYwNjkwHhcNMjUxMjIyMDkwMTI3WhcNMjUxMjIzMDkwMTI3WjAzMTEwLwYDVQQD EyhhNGEwYmIzMjdhNTkxM2RhMmE2M2RiZmZmMmMzOGIwMDIxMDkzZWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzLSFMpXpdsCGuJW4J6/fdQ9IO34 ahQe63J+bsJnQvPI9bTp+bSlniyBXclUF9CxkbMOeupzdjM1pRTYQui4IpPe5s3m L2b7V4hNohjtVXkjoamG3Lnl1gHRkLdTBSST5I/1jogAtwEas5wIXuqqSUWbPTVB cmIJXEHlGl3xOsvJB79CmpSuZ4Q3IZPEzlBn2UzjslcSArwE9Rgi/LABCzHbGVBZ j83E0XvgME0ly+r7VTApR8/s4oS8BhcQVnDD1R006/vDnna6Wj8uTvYFHrpSHyc0 6neZxqrsic6pUFDuFbMpXwx65kPjIs3UFGppkRUVplOfgm8LE6LMzBUaFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKSguzJ6WRPaKmPb//LDiwAhCT7XMB8GA1UdIwQY MBaAFFzPez/YfOm86Z+QC2QZnWBr8WBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgt OGNmOWU2ZjhhYjQ1LzEvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgtOGNmOWU2ZjhhYjQ1 LzEvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArobbLgpR mPxIlnzHpdDBiybWHNlUeUZEpo+uNDDfS/NwDhEQFdnswWTP6SLd3QZP7Zl5SvXA sjeAF/LW/0VXohk6Ag3/KO0vzXkkPZld4I2d+TeP4oqDjfHk8UUhNkacOPdPO6WA CDUK5TIwvh0dI5AA0ejDQzOwEtQCExPBz0y3ofimoRi1/SmjdpinXeh7h2+Q1ss8 pLhf06ODZ2DefV5AMyzxRPVveAM8Y2HIjLbE0BkEPXbubcvkKQ3HBM5XrZxKIHLj cmEhfGw69l+W8q4ZRg0tkjEdSahQGX24gMQOxS7l/bFxPblSlUzThiO6h9QY4Pdr VacMUmjkQbPH7g== -----END CERTIFICATE-----Generated at Mon Dec 22 13:55:21 2025 by rpki-client