This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft File: xaL0JAfyHJ12kPsw_YzbK_320DA.mft (raw, json) Hash identifier: 2KuaNCCjuQWpcC4lmRoUHrjNfYciPQ+FmV/3CHDfBCw= Subject key identifier: F6:C7:73:28:0C:C6:18:21:9F:C0:EC:34:47:E0:6B:A9:35:43:B0:8D Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30 Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030 Certificate serial: 019B41DB1503B2FEAE2AAC9826FC63C8C1CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft Manifest number: 17A7 Signing time: Sun 21 Dec 2025 17:00:35 +0000 Manifest this update: Sun 21 Dec 2025 17:00:35 +0000 Manifest next update: Mon 22 Dec 2025 17:00:35 +0000 Files and hashes: 1: 5SYVUYrv8hryS3iXyQfidyzuW_I.roa (hash: 4C0zFn8Xp5N6KI8xu6BT4XHBH+KsxBWvvDXJcuwXp2A=) 2: xaL0JAfyHJ12kPsw_YzbK_320DA.crl (hash: ccgtUbC6ednzaZOISw3NvOl6fOtfRrkOTGODqi3jHlE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 17:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:db:15:03:b2:fe:ae:2a:ac:98:26:fc:63:c8:c1:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030 Validity Not Before: Dec 21 17:00:35 2025 GMT Not After : Dec 22 17:00:35 2025 GMT Subject: CN=f6c773280cc618219fc0ec3447e06ba93543b08d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:79:4e:d7:cc:d3:72:68:8f:c2:8e:0e:2c:f3: 33:f3:e5:2a:bb:76:5e:90:ca:f4:b4:b8:7a:f4:c2: bb:97:1f:28:d0:bf:cb:5b:c9:f7:64:b7:4c:dc:a5: eb:aa:85:a5:9c:71:8d:63:c3:2f:b7:d4:2d:f9:b6: 09:21:bc:72:97:60:bc:31:14:82:b9:a5:8d:34:df: 12:8d:fa:d6:e7:e9:68:31:78:61:16:29:dd:17:90: 40:1b:55:b5:9f:1e:ae:f3:a8:05:93:17:51:d9:4c: a4:3d:5f:c4:d3:f9:c5:06:a7:c8:5f:57:31:55:49: e2:d8:7c:f9:d2:83:ac:b4:b9:4a:b1:db:73:95:3a: c8:44:0e:bb:a9:b1:e5:0f:f4:f8:84:ef:4b:27:aa: 21:18:22:00:95:d3:f3:aa:20:5c:a5:15:c1:d5:ef: 63:df:90:ee:91:71:f6:de:3f:f5:d1:09:0e:f3:55: ef:01:05:00:9d:80:d5:9d:84:e6:c9:5b:1e:37:bf: 8b:53:cf:30:7f:3f:0d:a1:2e:c8:fe:7f:27:39:de: e1:b8:ed:66:f0:ea:c6:92:b1:2c:20:9e:62:f6:19: 15:ce:c6:1b:76:75:84:96:97:c3:cc:2e:b6:e4:80: 02:ef:55:bf:c0:18:d8:d2:c8:d7:7f:69:d9:eb:26: 66:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C7:73:28:0C:C6:18:21:9F:C0:EC:34:47:E0:6B:A9:35:43:B0:8D X509v3 Authority Key Identifier: keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:83:74:78:04:02:b0:bb:3c:da:bd:a8:00:f4:a3:84:99:00: 50:3d:fa:2f:97:d5:a8:bf:b5:07:3b:44:63:66:63:14:0c:82: 5a:48:78:8e:60:c4:c0:1b:b1:c3:55:63:5c:e6:45:57:7c:07: 0a:b8:40:23:c5:b5:52:11:57:fc:b3:62:90:af:cd:ed:f6:ec: 59:5e:c1:86:6e:d8:e0:ea:fa:97:49:ed:89:00:ad:f6:60:0d: 7c:c8:0f:70:c0:14:62:93:f8:25:20:94:ae:84:b1:55:7f:22: 09:ff:7a:ea:4f:d0:7e:55:31:23:4b:d1:1f:e6:5c:e0:39:b5: 80:77:ba:3e:ff:46:86:e1:e9:4b:ef:7d:06:ae:a1:43:d9:3d: 16:0b:3e:03:89:fc:68:bf:7f:ec:b1:c4:48:4d:a2:89:a3:c6: 6a:e7:63:70:28:f0:6b:73:29:7c:f2:90:f7:e4:de:2b:3b:41: 72:6d:7b:53:bf:17:cf:ab:16:71:dc:05:bb:5f:40:81:4c:b3: 6f:88:20:c8:e2:3c:db:fd:f6:ff:c0:2b:16:70:ae:9f:9b:23: 96:bf:91:0b:56:2b:ed:dd:4d:43:b6:52:f0:fa:2d:bf:32:61: 55:42:88:0a:2c:5a:04:bc:6a:12:16:33:74:6d:ac:3f:30:de: 43:5d:8b:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtB2xUDsv6uKqyYJvxjyMHKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm NmQwMzAwHhcNMjUxMjIxMTcwMDM1WhcNMjUxMjIyMTcwMDM1WjAzMTEwLwYDVQQD EyhmNmM3NzMyODBjYzYxODIxOWZjMGVjMzQ0N2UwNmJhOTM1NDNiMDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHlO18zTcmiPwo4OLPMz8+Uqu3Ze kMr0tLh69MK7lx8o0L/LW8n3ZLdM3KXrqoWlnHGNY8Mvt9Qt+bYJIbxyl2C8MRSC uaWNNN8SjfrW5+loMXhhFindF5BAG1W1nx6u86gFkxdR2UykPV/E0/nFBqfIX1cx VUni2Hz50oOstLlKsdtzlTrIRA67qbHlD/T4hO9LJ6ohGCIAldPzqiBcpRXB1e9j 35DukXH23j/10QkO81XvAQUAnYDVnYTmyVseN7+LU88wfz8NoS7I/n8nOd7huO1m 8OrGkrEsIJ5i9hkVzsYbdnWElpfDzC625IAC71W/wBjY0sjXf2nZ6yZmDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPbHcygMxhghn8DsNEfga6k1Q7CNMB8GA1UdIwQY MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt ZmI1YzYyZTQyZjZiLzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIN0eAQC sLs82r2oAPSjhJkAUD36L5fVqL+1BztEY2ZjFAyCWkh4jmDEwBuxw1VjXOZFV3wH CrhAI8W1UhFX/LNikK/N7fbsWV7Bhm7Y4Or6l0ntiQCt9mANfMgPcMAUYpP4JSCU roSxVX8iCf966k/QflUxI0vRH+Zc4Dm1gHe6Pv9GhuHpS+99Bq6hQ9k9Fgs+A4n8 aL9/7LHESE2iiaPGaudjcCjwa3MpfPKQ9+TeKztBcm17U78Xz6sWcdwFu19AgUyz b4ggyOI82/32/8ArFnCun5sjlr+RC1Yr7d1NQ7ZS8PotvzJhVUKICixaBLxqEhYz dG2sPzDeQ12LXw== -----END CERTIFICATE-----Generated at Mon Dec 22 03:22:55 2025 by rpki-client