This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json) Hash identifier: x1pgXQkHrV+ec+4gw/kVnPxNq39z+4HqwQiw6iksjoc= Subject key identifier: B6:31:70:0B:02:7F:2E:1E:0B:02:E1:AD:C3:38:C2:FE:7B:AE:9E:13 Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4 Certificate serial: 019B53AAC4AF0602D79841A97EF1713D3830 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft Manifest number: 12A3 Signing time: Thu 25 Dec 2025 04:00:58 +0000 Manifest this update: Thu 25 Dec 2025 04:00:58 +0000 Manifest next update: Fri 26 Dec 2025 04:00:58 +0000 Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=) 2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: 2iPR07Rre8muUe1HMrbgpzwisQifRqIb09BgZ2cR7do=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:aa:c4:af:06:02:d7:98:41:a9:7e:f1:71:3d:38:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4 Validity Not Before: Dec 25 04:00:58 2025 GMT Not After : Dec 26 04:00:58 2025 GMT Subject: CN=b631700b027f2e1e0b02e1adc338c2fe7bae9e13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d5:d3:ab:27:cb:4c:ce:73:26:e7:53:2c:c8: 4f:d3:aa:00:1e:d8:dc:6c:d8:08:79:eb:48:88:1c: d4:8c:2d:82:bd:26:0d:34:48:76:4c:09:10:fd:1a: 59:7d:4c:c4:ce:75:fb:54:0c:97:9c:2a:fd:c4:76: d7:da:ea:18:11:e1:9a:56:4c:06:a7:c9:45:63:2d: ab:7c:9b:d9:a0:e4:c8:b6:c1:b7:44:fd:eb:e0:c5: 37:33:60:54:a7:e9:a6:d0:66:1e:1e:84:94:c3:6e: bb:57:5f:92:b1:1b:54:14:3b:32:6f:4c:a4:cf:e5: c7:40:c2:a8:3a:31:66:61:4d:b4:07:c4:ed:29:54: e5:5c:91:ac:71:97:e4:5a:fb:ba:5b:1c:53:68:2d: 63:df:58:0e:2c:ae:8b:ac:1b:3b:b2:e3:64:4b:c7: 89:11:b5:4a:d9:24:d5:de:e4:97:da:59:a2:6e:8a: 58:4a:ed:17:a7:14:b3:93:4b:33:86:26:9a:2c:47: 6b:d6:08:c2:3d:90:b6:09:f7:94:00:6f:0b:91:e9: 58:6d:d5:5b:b9:6d:a0:47:6a:f4:f1:d9:2b:01:dd: 90:06:24:bd:0a:61:a4:1d:c9:81:b0:bc:27:8d:91: 0d:d6:2c:37:62:3f:72:0a:5c:f5:3f:ee:73:d9:9f: ee:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:31:70:0B:02:7F:2E:1E:0B:02:E1:AD:C3:38:C2:FE:7B:AE:9E:13 X509v3 Authority Key Identifier: keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:4b:43:fc:a8:d3:fb:67:4f:43:ad:f9:99:d8:ba:ff:3b:8b: 8c:53:6a:3e:2a:bc:6b:5c:ca:c9:ee:14:d0:67:2a:bd:69:11: bc:f9:83:dd:b9:53:00:99:a6:b4:9d:59:e6:c0:14:da:49:bb: 4e:f3:82:f7:29:dc:b6:e8:b2:50:cf:92:74:a2:10:4f:49:dc: 3a:08:19:be:09:54:40:5b:8b:16:28:9c:9a:2f:7f:7e:15:21: 78:d8:c9:60:e1:14:d7:31:bf:9d:65:eb:7c:c0:f9:88:fc:9e: 66:21:91:72:83:ce:07:7b:fb:dd:94:7e:f4:73:a5:74:25:7a: 90:8b:d9:56:0f:17:60:22:f3:f8:f1:36:22:6f:b2:d2:1e:7f: 3d:c3:0f:61:3e:c2:f1:c2:06:1f:d5:2a:ab:7b:39:dc:6f:b0: 08:d5:03:13:77:d6:14:54:24:e7:69:9b:68:2f:6e:15:76:2d: 7d:79:69:1b:cd:67:4b:20:1c:67:e6:32:39:49:14:4e:76:5e: f0:f9:82:43:dc:e8:c7:47:ad:94:d8:a2:59:5b:dc:89:bf:a4: c0:90:6a:65:51:bc:13:ae:88:51:e0:cc:d4:78:e7:8d:83:16: 56:72:04:65:e0:3d:2f:2f:1c:34:c7:27:ee:fc:66:d7:4e:c0: 50:98:d5:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTqsSvBgLXmEGpfvFxPTgwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz ZTIwZTQwHhcNMjUxMjI1MDQwMDU4WhcNMjUxMjI2MDQwMDU4WjAzMTEwLwYDVQQD EyhiNjMxNzAwYjAyN2YyZTFlMGIwMmUxYWRjMzM4YzJmZTdiYWU5ZTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNXTqyfLTM5zJudTLMhP06oAHtjc bNgIeetIiBzUjC2CvSYNNEh2TAkQ/RpZfUzEznX7VAyXnCr9xHbX2uoYEeGaVkwG p8lFYy2rfJvZoOTItsG3RP3r4MU3M2BUp+mm0GYeHoSUw267V1+SsRtUFDsyb0yk z+XHQMKoOjFmYU20B8TtKVTlXJGscZfkWvu6WxxTaC1j31gOLK6LrBs7suNkS8eJ EbVK2STV3uSX2lmibopYSu0XpxSzk0szhiaaLEdr1gjCPZC2CfeUAG8LkelYbdVb uW2gR2r08dkrAd2QBiS9CmGkHcmBsLwnjZEN1iw3Yj9yClz1P+5z2Z/ulwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYxcAsCfy4eCwLhrcM4wv57rp4TMB8GA1UdIwQY MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMEtD/KjT +2dPQ635mdi6/zuLjFNqPiq8a1zKye4U0GcqvWkRvPmD3blTAJmmtJ1Z5sAU2km7 TvOC9ynctuiyUM+SdKIQT0ncOggZvglUQFuLFiicmi9/fhUheNjJYOEU1zG/nWXr fMD5iPyeZiGRcoPOB3v73ZR+9HOldCV6kIvZVg8XYCLz+PE2Im+y0h5/PcMPYT7C 8cIGH9Uqq3s53G+wCNUDE3fWFFQk52mbaC9uFXYtfXlpG81nSyAcZ+YyOUkUTnZe 8PmCQ9zox0etlNiiWVvcib+kwJBqZVG8E66IUeDM1HjnjYMWVnIEZeA9Ly8cNMcn 7vxm107AUJjVBQ== -----END CERTIFICATE-----Generated at Thu Dec 25 08:22:21 2025 by rpki-client