This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: dk3tt4CtbdKsxQh6e2QGIjvYXPmAclhGJzKrov4Op1Y= Subject key identifier: 4C:9E:69:D6:83:67:8B:58:DB:A1:7F:54:E7:A9:B0:1A:4B:40:5C:41 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B3C7F0A4D7FECC8F8094236949B574791 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 171B Signing time: Sat 20 Dec 2025 16:01:57 +0000 Manifest this update: Sat 20 Dec 2025 16:01:57 +0000 Manifest next update: Sun 21 Dec 2025 16:01:57 +0000 Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: m1fJ42lbTwx/9ARZraqf8xhMBMYYWXt0RkuxEBQ5e28=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:0a:4d:7f:ec:c8:f8:09:42:36:94:9b:57:47:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Dec 20 16:01:57 2025 GMT Not After : Dec 21 16:01:57 2025 GMT Subject: CN=4c9e69d683678b58dba17f54e7a9b01a4b405c41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:69:23:b8:aa:3d:9b:df:52:a4:1f:5a:29:b5: e4:e1:bf:bb:e8:5b:ae:dc:47:18:49:e0:3d:93:52: 40:0c:fa:c6:9b:f4:8c:8f:80:db:01:e1:57:2a:6a: be:8e:0e:f0:10:e0:0c:14:b3:f1:af:54:24:29:dc: b4:66:c5:7b:e2:2f:e5:6e:1b:11:88:3f:83:4c:23: a3:bf:cb:e8:a9:21:6d:8b:61:79:3b:53:96:98:3e: d1:cf:ad:60:6d:3c:7d:5a:73:5d:86:90:0c:40:d4: 57:53:78:12:f3:a6:eb:df:12:3b:2e:a5:9c:c8:db: 35:4e:f1:40:cb:29:e3:7b:52:2f:20:78:e0:fd:ca: 01:c9:d5:03:1c:dd:7f:f4:7a:94:a2:54:92:67:23: cb:aa:0a:f3:9d:97:41:b4:fb:4e:3d:98:f6:39:13: e4:62:6a:67:45:4b:c9:4f:00:73:a5:6e:f3:23:45: 74:4d:ab:3d:91:0d:99:69:f8:d7:7b:81:bb:1e:74: 7f:e6:77:62:9c:58:d1:0c:ce:73:ec:34:b7:eb:4c: 27:c6:65:7c:05:44:4f:1b:c3:b8:e9:9b:0b:2d:d8: ab:b5:f4:4c:55:60:76:4b:17:a5:85:9e:0b:8f:0a: bd:27:cd:56:98:3e:f8:e9:65:3d:b2:cf:78:6f:a3: 1f:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:9E:69:D6:83:67:8B:58:DB:A1:7F:54:E7:A9:B0:1A:4B:40:5C:41 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:22:b6:50:e7:59:4c:7a:9c:01:3b:0b:3e:45:f1:86:64:24: 7b:fd:f1:a1:47:18:ab:4f:8c:50:9e:ed:4b:c2:e4:8e:bb:7c: e2:1b:ba:cd:5e:27:c4:bb:ea:f5:63:fe:fc:a7:a4:c5:bf:c2: 2e:fd:91:20:f4:75:83:d5:66:6f:5b:79:3e:19:99:35:d0:64: b5:1e:4b:07:96:11:ad:c3:75:02:7f:6e:a4:79:0b:35:89:e2: 01:df:13:23:3a:d7:b4:f8:2a:85:4d:5f:6c:60:80:2b:45:94: 22:1f:64:4d:a5:2e:ef:3f:8d:e7:52:d8:cc:51:2a:c0:3b:05: c0:0c:81:f3:1c:5e:b2:5a:44:e6:53:77:e6:2d:cd:8f:f5:a0: 5f:78:68:4e:a8:d3:5e:0a:c5:01:68:f4:48:a9:c9:eb:15:c1: 76:c2:d9:ee:1f:fc:cc:3e:0f:3b:9b:64:19:75:b3:ad:1f:ff: 9e:2c:30:4c:c5:94:93:44:b0:27:1e:12:9b:e8:b1:db:e5:ce: 31:70:cd:e4:93:9c:2e:88:be:3e:2b:2f:9a:ec:da:db:e6:73: bc:c8:0b:ed:a6:96:c6:f8:a9:01:cc:9c:90:0b:0b:81:8f:14: cf:4b:34:41:b0:9a:52:65:8a:23:e2:eb:06:26:bc:7f:58:f6: 9a:ab:ab:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fwpNf+zI+AlCNpSbV0eRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjUxMjIwMTYwMTU3WhcNMjUxMjIxMTYwMTU3WjAzMTEwLwYDVQQD Eyg0YzllNjlkNjgzNjc4YjU4ZGJhMTdmNTRlN2E5YjAxYTRiNDA1YzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGkjuKo9m99SpB9aKbXk4b+76Fuu 3EcYSeA9k1JADPrGm/SMj4DbAeFXKmq+jg7wEOAMFLPxr1QkKdy0ZsV74i/lbhsR iD+DTCOjv8voqSFti2F5O1OWmD7Rz61gbTx9WnNdhpAMQNRXU3gS86br3xI7LqWc yNs1TvFAyynje1IvIHjg/coBydUDHN1/9HqUolSSZyPLqgrznZdBtPtOPZj2ORPk YmpnRUvJTwBzpW7zI0V0Tas9kQ2ZafjXe4G7HnR/5ndinFjRDM5z7DS360wnxmV8 BURPG8O46ZsLLdirtfRMVWB2SxelhZ4Ljwq9J81WmD746WU9ss94b6Mf5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEyeadaDZ4tY26F/VOepsBpLQFxBMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGSK2UOdZ THqcATsLPkXxhmQke/3xoUcYq0+MUJ7tS8Lkjrt84hu6zV4nxLvq9WP+/Kekxb/C Lv2RIPR1g9Vmb1t5PhmZNdBktR5LB5YRrcN1An9upHkLNYniAd8TIzrXtPgqhU1f bGCAK0WUIh9kTaUu7z+N51LYzFEqwDsFwAyB8xxeslpE5lN35i3Nj/WgX3hoTqjT XgrFAWj0SKnJ6xXBdsLZ7h/8zD4PO5tkGXWzrR//niwwTMWUk0SwJx4Sm+ix2+XO MXDN5JOcLoi+Pisvmuza2+ZzvMgL7aaWxvipAcyckAsLgY8Uz0s0QbCaUmWKI+Lr Bia8f1j2mqurrA== -----END CERTIFICATE-----Generated at Sat Dec 20 22:40:31 2025 by rpki-client