This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json) Hash identifier: R0UKNvOGjk4uQglvFnwpcm0HbshMurveoRVHnzt279Q= Subject key identifier: 36:4C:52:7A:CD:48:86:D0:77:12:3D:0C:85:5A:87:80:5D:71:FE:77 Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Certificate serial: 019B64309D03E5FABCB8D7726106D21AE358 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft Manifest number: 1197 Signing time: Sun 28 Dec 2025 09:01:06 +0000 Manifest this update: Sun 28 Dec 2025 09:01:06 +0000 Manifest next update: Mon 29 Dec 2025 09:01:06 +0000 Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: YzViZlFESPjCs0xI4z0h5wr3MArYYu//NCkYpDhUlx8=) 2: yQMt2r0-C951BN6h68fRFJDbCC8.roa (hash: tYqh+1wBm4KwmsyhvHbFDKO/UGyJb2eTnTj9n8iYekw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:64:30:9d:03:e5:fa:bc:b8:d7:72:61:06:d2:1a:e3:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Validity Not Before: Dec 28 09:01:06 2025 GMT Not After : Dec 29 09:01:06 2025 GMT Subject: CN=364c527acd4886d077123d0c855a87805d71fe77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:13:d2:e5:c6:eb:05:c2:07:64:54:11:98:65: 28:00:83:54:64:02:e5:c2:e4:74:67:bd:e4:09:24: bc:2d:43:3c:f3:58:04:72:89:b3:44:66:32:10:b1: 80:69:0d:bd:ff:f4:6c:37:8e:17:cf:36:bb:1f:a1: 4b:8a:32:97:92:96:00:e0:96:6c:ac:21:30:fb:3f: 05:07:5f:33:c6:87:db:9a:8d:ef:20:f5:ae:2d:c3: 22:cd:d1:21:61:34:2e:40:e4:32:03:6b:d2:ff:09: 47:73:67:38:19:e5:b5:45:fe:f3:8d:9b:36:76:3f: ca:dd:6b:14:8c:a1:31:c0:d0:24:c6:6e:be:79:0f: 8c:8d:14:74:4e:dc:74:6c:73:82:f6:b5:02:63:73: 0b:a6:9d:10:53:26:ea:ad:fd:80:96:ab:18:d0:8a: 55:74:2b:1a:44:23:6b:36:94:fd:94:77:eb:be:08: e8:7b:a1:b1:ba:a2:4f:77:f5:fc:6d:00:0f:f9:25: df:f6:93:87:af:6d:b6:b5:21:8b:8e:63:82:f2:66: 0d:ab:ff:c1:92:91:ed:3d:c0:9a:20:13:96:17:0e: da:2d:c0:4b:ea:07:70:27:8a:09:02:ec:11:cd:d8: 0e:99:81:47:a4:fc:9d:61:aa:8a:7b:0d:7a:28:66: 1d:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:4C:52:7A:CD:48:86:D0:77:12:3D:0C:85:5A:87:80:5D:71:FE:77 X509v3 Authority Key Identifier: keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:c6:56:8c:1d:36:72:fe:1f:1f:6c:f5:f4:ec:4f:f1:2f:58: 48:34:1d:19:a0:94:48:73:cf:e7:b4:02:cd:46:5f:6f:24:cb: 35:4e:29:f0:cf:1f:0e:65:5e:2c:3c:4e:90:f5:58:4b:91:82: a6:2e:cf:15:68:38:46:2e:c5:d2:b4:cd:4d:96:c8:5f:ab:90: 9b:16:6d:2f:d2:7f:e4:92:c9:d9:3f:23:bd:62:23:16:72:de: 64:23:01:17:ae:90:2d:57:ae:17:de:91:3a:d2:90:34:58:87: 89:01:f5:d0:12:38:bf:33:05:4c:27:98:68:71:1e:c7:1e:25: 13:9e:44:d0:77:8c:3e:26:46:f5:09:09:75:09:d3:6e:02:8d: c6:64:16:56:b3:59:c8:91:a2:b9:7e:86:ba:b5:43:87:ca:3f: 69:99:65:48:c4:03:b3:1b:5b:15:f9:27:e0:ca:bc:f2:3e:d9: b7:31:c9:88:27:da:fa:68:85:b1:82:1e:b7:06:6b:42:e0:3c: 93:62:44:97:9b:89:23:c5:6b:ea:44:ba:49:3f:62:0b:69:79: 80:3d:64:47:bd:47:0d:c6:95:ef:40:ff:50:97:f5:d3:26:63: 91:53:d3:fe:13:34:16:64:07:b5:71:b5:05:db:66:f2:dc:7c: 7f:d9:5f:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtkMJ0D5fq8uNdyYQbSGuNYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw ZDNkYWIwHhcNMjUxMjI4MDkwMTA2WhcNMjUxMjI5MDkwMTA2WjAzMTEwLwYDVQQD EygzNjRjNTI3YWNkNDg4NmQwNzcxMjNkMGM4NTVhODc4MDVkNzFmZTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xPS5cbrBcIHZFQRmGUoAINUZALl wuR0Z73kCSS8LUM881gEcomzRGYyELGAaQ29//RsN44Xzza7H6FLijKXkpYA4JZs rCEw+z8FB18zxofbmo3vIPWuLcMizdEhYTQuQOQyA2vS/wlHc2c4GeW1Rf7zjZs2 dj/K3WsUjKExwNAkxm6+eQ+MjRR0Ttx0bHOC9rUCY3MLpp0QUybqrf2AlqsY0IpV dCsaRCNrNpT9lHfrvgjoe6GxuqJPd/X8bQAP+SXf9pOHr222tSGLjmOC8mYNq//B kpHtPcCaIBOWFw7aLcBL6gdwJ4oJAuwRzdgOmYFHpPydYaqKew16KGYdlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZMUnrNSIbQdxI9DIVah4Bdcf53MB8GA1UdIwQY MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4 LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxsZWjB02 cv4fH2z19OxP8S9YSDQdGaCUSHPP57QCzUZfbyTLNU4p8M8fDmVeLDxOkPVYS5GC pi7PFWg4Ri7F0rTNTZbIX6uQmxZtL9J/5JLJ2T8jvWIjFnLeZCMBF66QLVeuF96R OtKQNFiHiQH10BI4vzMFTCeYaHEexx4lE55E0HeMPiZG9QkJdQnTbgKNxmQWVrNZ yJGiuX6GurVDh8o/aZllSMQDsxtbFfkn4Mq88j7ZtzHJiCfa+miFsYIetwZrQuA8 k2JEl5uJI8Vr6kS6ST9iC2l5gD1kR71HDcaV70D/UJf10yZjkVPT/hM0FmQHtXG1 Bdtm8tx8f9lfjA== -----END CERTIFICATE-----Generated at Sun Dec 28 11:23:44 2025 by rpki-client