This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: SJTPsm0DvXveeo2hfKn24WM1A5YXUwwKe8dpeKkHqNg= Subject key identifier: 12:A9:FE:BB:2D:72:03:92:15:79:77:36:2E:36:61:C6:00:B6:0D:2D Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019B8A9943944B81DC9682756852B118569F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1744 Signing time: Sun 04 Jan 2026 20:00:58 +0000 Manifest this update: Sun 04 Jan 2026 20:00:58 +0000 Manifest next update: Mon 05 Jan 2026 20:00:58 +0000 Files and hashes: 1: a3vqBzTeMihaLI7nX3YXTwT9QXM.roa (hash: YtcSgTlR3L7xs2ulbON7vgzLF5ftnMrGCR+z8FjX7OE=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: JtKtDtPZtghdnYCX4RVzHnlfa+ktzEYyuuBm0KGngrE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8a:99:43:94:4b:81:dc:96:82:75:68:52:b1:18:56:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Jan 4 20:00:58 2026 GMT Not After : Jan 5 20:00:58 2026 GMT Subject: CN=12a9febb2d720392157977362e3661c600b60d2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d6:72:d1:1b:0d:26:13:16:fb:2a:35:1e:f5: 00:92:72:85:d6:3e:56:81:28:4b:d9:0a:3b:e4:51: a8:ec:d6:64:16:27:29:c9:8d:d0:dd:52:e6:79:ca: 59:0a:5a:b0:1e:0b:e0:57:56:c3:d4:a3:23:db:10: dc:eb:f9:41:8e:31:83:4b:a5:c7:ee:2d:5d:8d:3e: 74:3e:2b:02:56:87:02:8a:c9:32:c5:d8:be:3c:62: 3f:9a:55:fd:de:4d:8b:64:2a:5b:88:2e:2f:22:34: 1f:6c:f1:74:43:ee:08:1e:10:e8:5b:d4:cd:71:bc: f1:0b:2f:1a:43:1a:ca:46:fd:70:8f:6e:d3:48:ec: 55:7d:4e:16:5f:f7:29:3d:e3:fe:af:fc:b7:a3:4f: e7:49:31:ba:fc:ff:8a:e3:0e:bb:e1:61:54:3d:a7: 69:d0:a9:84:30:e4:c3:89:8e:93:62:42:3a:5b:b2: 0a:dc:95:8d:a6:66:30:43:64:42:b2:f8:7d:c8:f4: 91:5e:30:10:d4:5d:a7:2c:18:d7:d3:75:80:7b:3b: 6a:86:70:4e:99:00:65:c7:b1:07:90:3e:ad:72:55: a8:44:7d:91:9e:91:0a:c6:66:5d:88:44:2d:ec:a9: 81:01:de:86:c8:62:9c:35:4b:dd:03:b9:93:7a:53: a8:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:A9:FE:BB:2D:72:03:92:15:79:77:36:2E:36:61:C6:00:B6:0D:2D X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:74:bd:b6:f9:87:04:d5:b9:85:b7:14:bc:79:02:f1:a0:9d: a7:4d:20:66:36:a3:c6:5f:f3:30:44:5d:70:96:0a:99:a1:7a: 1d:ff:7d:1b:84:5b:61:86:95:e0:7d:9f:18:15:20:a0:6c:aa: 2e:2f:c7:fc:08:6d:f4:3d:be:04:26:76:dd:1d:e3:6a:4d:68: 92:66:68:24:48:f2:f9:df:4e:eb:37:86:63:0e:ab:2f:4b:ac: 1f:a8:da:6e:58:e4:9a:f6:f1:14:c5:34:ee:69:ff:f4:80:15: 12:fa:f0:2c:52:f1:a3:ab:e5:9b:e1:af:e4:de:f6:9f:23:26: 19:7e:e7:4e:78:87:40:23:75:f9:2d:5f:85:07:25:3b:f8:e6: 9c:ed:b0:d7:a5:70:85:b6:13:3c:2b:54:9e:ac:8e:6b:d9:ec: d2:27:7c:3b:78:13:79:76:95:d7:1c:55:d3:7c:ca:7f:5d:45: 93:b8:ce:44:29:4c:d3:f2:e5:f4:2f:21:b2:26:45:b0:d4:41: 0f:fe:05:10:71:79:38:61:4c:89:ca:75:32:2b:96:41:0b:30: 32:4e:86:65:fb:c2:62:35:e0:2a:40:0b:95:b1:6c:a5:6e:65: 0a:12:77:f4:a7:06:d0:f0:21:c5:2d:14:5f:42:db:d3:6a:6b: 40:f9:c3:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuKmUOUS4HcloJ1aFKxGFafMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjYwMTA0MjAwMDU4WhcNMjYwMTA1MjAwMDU4WjAzMTEwLwYDVQQD EygxMmE5ZmViYjJkNzIwMzkyMTU3OTc3MzYyZTM2NjFjNjAwYjYwZDJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNZy0RsNJhMW+yo1HvUAknKF1j5W gShL2Qo75FGo7NZkFicpyY3Q3VLmecpZClqwHgvgV1bD1KMj2xDc6/lBjjGDS6XH 7i1djT50PisCVocCiskyxdi+PGI/mlX93k2LZCpbiC4vIjQfbPF0Q+4IHhDoW9TN cbzxCy8aQxrKRv1wj27TSOxVfU4WX/cpPeP+r/y3o0/nSTG6/P+K4w674WFUPadp 0KmEMOTDiY6TYkI6W7IK3JWNpmYwQ2RCsvh9yPSRXjAQ1F2nLBjX03WAeztqhnBO mQBlx7EHkD6tclWoRH2RnpEKxmZdiEQt7KmBAd6GyGKcNUvdA7mTelOoKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBKp/rstcgOSFXl3Ni42YcYAtg0tMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnS9tvmH BNW5hbcUvHkC8aCdp00gZjajxl/zMERdcJYKmaF6Hf99G4RbYYaV4H2fGBUgoGyq Li/H/Aht9D2+BCZ23R3jak1okmZoJEjy+d9O6zeGYw6rL0usH6jabljkmvbxFMU0 7mn/9IAVEvrwLFLxo6vlm+Gv5N72nyMmGX7nTniHQCN1+S1fhQclO/jmnO2w16Vw hbYTPCtUnqyOa9ns0id8O3gTeXaV1xxV03zKf11Fk7jORClM0/Ll9C8hsiZFsNRB D/4FEHF5OGFMicp1MiuWQQswMk6GZfvCYjXgKkALlbFspW5lChJ39KcG0PAhxS0U X0Lb02prQPnD4g== -----END CERTIFICATE-----Generated at Mon Jan 5 03:06:10 2026 by rpki-client