This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft File: XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json) Hash identifier: 3UqBc0zH5Hxxc3LgBRU7NOHCuP2XcNb5qh/pXVIqkyY= Subject key identifier: 3D:6A:04:B0:64:66:60:75:DA:0A:44:81:6D:69:C2:C2:C9:AE:AD:DF Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E Certificate issuer: /CN=5dba263214a1170551980ee91719f8d88c626b5e Certificate serial: 019B5C3FD70B92EF742DDFCCA0C45D0B1DDA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft Manifest number: 1303 Signing time: Fri 26 Dec 2025 20:00:46 +0000 Manifest this update: Fri 26 Dec 2025 20:00:46 +0000 Manifest next update: Sat 27 Dec 2025 20:00:46 +0000 Files and hashes: 1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: u3L3a6FvH4SNQRnSzT4AXIrfczeuPaAJwTTYtBethiw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:3f:d7:0b:92:ef:74:2d:df:cc:a0:c4:5d:0b:1d:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e Validity Not Before: Dec 26 20:00:46 2025 GMT Not After : Dec 27 20:00:46 2025 GMT Subject: CN=3d6a04b064666075da0a44816d69c2c2c9aeaddf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0e:b1:ee:79:cc:0d:ad:37:ac:1f:02:da:02: 74:f0:3b:b5:13:7c:0a:ea:40:b2:3d:f6:ad:73:57: 65:63:72:16:55:e7:16:fc:78:b7:ec:49:8c:92:d6: 27:9e:16:8c:c4:1a:07:b2:05:ee:0d:b3:bb:3c:37: 86:bc:38:f1:d4:71:93:db:11:6b:02:ba:99:10:68: 15:19:ae:7b:0d:5e:fd:96:8b:88:cd:f5:9d:21:6c: 7b:f7:06:c4:0a:e1:ca:12:65:a9:29:4a:b5:23:34: d3:19:47:a3:83:fb:b8:a9:2f:f4:7c:f7:27:7f:3a: 60:15:73:d2:d3:66:65:2f:98:7f:2e:ac:0f:39:53: a8:40:4c:e8:31:04:b8:cb:0c:92:3f:f2:c6:6f:cc: 1f:af:6c:a7:b8:48:85:21:e9:87:4b:0f:bd:3a:f3: 84:49:0f:80:ca:41:f5:74:cb:b4:d3:bb:61:6c:e1: 07:16:85:66:2b:f9:6a:9a:36:a8:f7:a7:34:59:a4: 79:60:dc:ba:9c:a6:32:33:72:b9:c7:69:c0:1d:99: 4b:3e:d7:42:26:ee:91:d2:cf:31:0e:1c:0b:98:0c: ac:1e:05:36:45:43:96:82:ba:e8:d3:f5:3c:94:2e: ee:94:49:f4:50:d8:72:0e:c0:b5:af:9e:05:2c:c7: 19:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:6A:04:B0:64:66:60:75:DA:0A:44:81:6D:69:C2:C2:C9:AE:AD:DF X509v3 Authority Key Identifier: keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:f3:d0:6c:d4:9e:a9:1c:a2:e5:f6:80:ce:0f:27:da:e8:4e: 42:84:14:4b:94:fc:6a:4f:72:0d:2a:23:82:a2:b6:c9:ec:93: 09:16:04:3b:55:ca:ac:dc:d2:6e:13:b8:e7:77:30:3b:f7:ba: 81:81:2d:6e:c4:80:0f:6e:b4:33:a5:c8:f1:9f:dd:22:dc:ec: 28:6e:aa:22:99:11:9d:8e:35:76:5f:44:2a:5f:6f:71:4c:fa: 8e:9d:b1:2f:42:41:96:88:2a:d2:da:ae:59:12:a4:0d:0c:01: 76:a5:6e:c0:c1:8b:d2:f2:17:86:92:c1:e4:59:90:b8:0c:44: 21:12:8c:82:ff:b1:ef:b3:44:e2:a0:56:60:8f:9d:72:e6:47: 76:02:d6:ef:03:86:7c:63:31:c8:2d:c0:e0:50:fb:03:c4:a8: e2:d0:86:86:a6:ad:a3:1c:30:d6:1a:e3:66:d8:ec:35:71:e5: 3b:20:61:49:07:aa:d9:04:d8:3a:36:24:7a:54:4e:4c:ae:4f: 15:9f:33:2d:71:2c:8a:78:e2:50:86:72:f7:67:17:1b:13:2a: f4:c5:cd:1a:cf:ac:cd:01:b0:7c:53:2a:c4:55:6c:a9:99:cf: 8a:88:eb:ea:b9:09:52:4d:78:6e:8c:f4:73:d9:b0:cf:be:35: 46:7e:be:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcP9cLku90Ld/MoMRdCx3aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2 MjZiNWUwHhcNMjUxMjI2MjAwMDQ2WhcNMjUxMjI3MjAwMDQ2WjAzMTEwLwYDVQQD EygzZDZhMDRiMDY0NjY2MDc1ZGEwYTQ0ODE2ZDY5YzJjMmM5YWVhZGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg6x7nnMDa03rB8C2gJ08Du1E3wK 6kCyPfatc1dlY3IWVecW/Hi37EmMktYnnhaMxBoHsgXuDbO7PDeGvDjx1HGT2xFr ArqZEGgVGa57DV79louIzfWdIWx79wbECuHKEmWpKUq1IzTTGUejg/u4qS/0fPcn fzpgFXPS02ZlL5h/LqwPOVOoQEzoMQS4ywySP/LGb8wfr2ynuEiFIemHSw+9OvOE SQ+AykH1dMu007thbOEHFoVmK/lqmjao96c0WaR5YNy6nKYyM3K5x2nAHZlLPtdC Ju6R0s8xDhwLmAysHgU2RUOWgrro0/U8lC7ulEn0UNhyDsC1r54FLMcZdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1qBLBkZmB12gpEgW1pwsLJrq3fMB8GA1UdIwQY MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPPQbNSe qRyi5faAzg8n2uhOQoQUS5T8ak9yDSojgqK2yeyTCRYEO1XKrNzSbhO453cwO/e6 gYEtbsSAD260M6XI8Z/dItzsKG6qIpkRnY41dl9EKl9vcUz6jp2xL0JBlogq0tqu WRKkDQwBdqVuwMGL0vIXhpLB5FmQuAxEIRKMgv+x77NE4qBWYI+dcuZHdgLW7wOG fGMxyC3A4FD7A8So4tCGhqatoxww1hrjZtjsNXHlOyBhSQeq2QTYOjYkelROTK5P FZ8zLXEsinjiUIZy92cXGxMq9MXNGs+szQGwfFMqxFVsqZnPiojr6rkJUk14boz0 c9mwz741Rn6+rQ== -----END CERTIFICATE-----Generated at Sat Dec 27 02:36:11 2025 by rpki-client