This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json) Hash identifier: rr6d5jPf7p4zHKQH6Ol4PXXVVFm3diGAFt9TP2iJLJI= Subject key identifier: 9D:46:C5:29:40:CD:22:91:65:8C:62:F8:6A:EE:84:90:83:95:45:43 Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Certificate serial: 019B5719AFA36305694ECFBB77DEF5A4C893 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft Manifest number: 1729 Signing time: Thu 25 Dec 2025 20:00:59 +0000 Manifest this update: Thu 25 Dec 2025 20:00:59 +0000 Manifest next update: Fri 26 Dec 2025 20:00:59 +0000 Files and hashes: 1: Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa (hash: gPTOZ/QwaGNzYqcGskaYm0Q9CUgsB/kmTCxE6lNVoV8=) 2: GkWtiMh4Kekgq83feCXLfv_pub8.roa (hash: UboiG7GPy5Vm4OyfuuuEVh7hhcZoHsmQQgbXPLJ/4ug=) 3: ScP8kW7fVZKKIlJqtoPhrGG1uQo.roa (hash: kBK8cN2i6ByxK8RJnTQxES9FzgvOd8FoOcnJVY/e4Bc=) 4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: ZrGRmmOhGMwqenk+r7qAoaLEIVgdSmZ6admZzLD9qSY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:57:19:af:a3:63:05:69:4e:cf:bb:77:de:f5:a4:c8:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Validity Not Before: Dec 25 20:00:59 2025 GMT Not After : Dec 26 20:00:59 2025 GMT Subject: CN=9d46c52940cd2291658c62f86aee849083954543 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8d:71:a4:53:89:86:25:84:66:fa:c5:f4:0e: fa:58:99:92:f3:1a:8d:c8:e3:6a:b5:17:12:3b:bc: e0:be:81:e6:03:17:5c:f5:13:4b:ed:eb:92:20:30: e4:39:50:86:39:82:0f:5c:5f:b2:d6:c1:61:9e:77: 16:ff:a3:97:33:9c:06:4a:24:fc:3b:b0:56:64:c0: 56:5d:e7:0d:71:7b:1d:ee:94:d9:73:71:de:a1:5a: eb:2c:f2:b9:48:f3:3c:6c:97:b9:6e:48:b1:9e:36: 16:89:90:7a:cc:e9:ea:9b:5c:a6:2b:7a:74:77:f1: 5b:94:44:76:2f:cd:0e:06:cd:4e:ea:a2:ed:de:58: c0:2b:27:72:8a:4c:20:6b:08:3d:88:43:0e:84:be: ce:01:ac:db:e6:1a:21:3b:e2:d3:24:28:ef:72:58: 2b:ae:54:21:37:8c:3c:16:00:9e:60:27:14:5b:8c: 6c:37:e0:78:91:e7:9d:1b:5d:db:6a:6c:3c:e5:61: ff:a0:91:ed:2e:e7:c4:64:d6:65:7d:90:92:2f:41: a9:d4:22:74:ca:31:33:a1:3c:fb:80:86:cf:1f:36: df:61:27:6b:fe:04:77:7f:11:74:6e:8d:cd:cf:71: 81:c6:eb:21:b5:a5:26:9b:ee:b6:80:5c:e7:9d:e6: 01:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:46:C5:29:40:CD:22:91:65:8C:62:F8:6A:EE:84:90:83:95:45:43 X509v3 Authority Key Identifier: keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:19:95:63:20:82:f7:63:ce:6a:70:de:6f:58:e4:8d:af:25: 0d:8c:8f:f5:dd:3b:06:e4:22:5e:15:21:4d:3e:48:11:56:df: 37:84:56:3d:e5:73:8b:48:6d:86:4a:41:38:68:4c:c6:81:38: a5:78:6c:3a:32:98:39:a0:8f:fa:c6:ad:cb:65:06:3e:8c:97: 6f:38:40:91:ff:ea:b0:64:d7:a3:ec:94:02:ce:46:f8:25:f7: 28:6b:94:1a:eb:e9:2d:d3:cc:f3:a0:b3:5e:fd:fb:80:9f:56: 10:b0:86:92:44:36:0c:ab:e1:d2:59:4e:5b:8c:5f:90:37:12: a8:e7:bb:a1:05:56:f7:e6:61:e7:50:ed:51:59:d6:d0:24:8a: ab:71:d2:dd:0d:d7:54:09:79:18:4b:52:54:95:08:8f:e8:40: 7e:f9:ac:67:75:ea:d3:df:16:33:1d:00:22:b4:b1:39:00:93: 32:db:91:64:cf:f6:09:76:52:a2:d9:db:95:50:6c:51:5e:6d: 6b:cb:3b:3f:9c:c7:c8:b6:ad:8b:b0:d1:d8:89:39:ae:64:1c: 12:bb:26:e3:95:89:93:44:8c:c5:cb:6c:ca:aa:b6:e7:34:9e: b8:94:ec:94:24:4b:1c:c8:97:9a:ee:ba:5f:1a:ef:77:8b:73: c4:37:2c:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtXGa+jYwVpTs+7d971pMiTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi N2ExMDEwHhcNMjUxMjI1MjAwMDU5WhcNMjUxMjI2MjAwMDU5WjAzMTEwLwYDVQQD Eyg5ZDQ2YzUyOTQwY2QyMjkxNjU4YzYyZjg2YWVlODQ5MDgzOTU0NTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv41xpFOJhiWEZvrF9A76WJmS8xqN yONqtRcSO7zgvoHmAxdc9RNL7euSIDDkOVCGOYIPXF+y1sFhnncW/6OXM5wGSiT8 O7BWZMBWXecNcXsd7pTZc3HeoVrrLPK5SPM8bJe5bkixnjYWiZB6zOnqm1ymK3p0 d/FblER2L80OBs1O6qLt3ljAKydyikwgawg9iEMOhL7OAazb5hohO+LTJCjvclgr rlQhN4w8FgCeYCcUW4xsN+B4keedG13bamw85WH/oJHtLufEZNZlfZCSL0Gp1CJ0 yjEzoTz7gIbPHzbfYSdr/gR3fxF0bo3Nz3GBxushtaUmm+62gFznneYB+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ1GxSlAzSKRZYxi+GruhJCDlUVDMB8GA1UdIwQY MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBmVYyCC 92POanDeb1jkja8lDYyP9d07BuQiXhUhTT5IEVbfN4RWPeVzi0hthkpBOGhMxoE4 pXhsOjKYOaCP+saty2UGPoyXbzhAkf/qsGTXo+yUAs5G+CX3KGuUGuvpLdPM86Cz Xv37gJ9WELCGkkQ2DKvh0llOW4xfkDcSqOe7oQVW9+Zh51DtUVnW0CSKq3HS3Q3X VAl5GEtSVJUIj+hAfvmsZ3Xq098WMx0AIrSxOQCTMtuRZM/2CXZSotnblVBsUV5t a8s7P5zHyLati7DR2Ik5rmQcErsm45WJk0SMxctsyqq25zSeuJTslCRLHMiXmu66 Xxrvd4tzxDcsTQ== -----END CERTIFICATE-----Generated at Thu Dec 25 23:04:05 2025 by rpki-client