This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft File: X8IN7HFLtUY7Fk4VpfihOYolUF0.mft (raw, json) Hash identifier: sbHTE/gTjdehLyRP4jQA3sm3L1ASLAEzOw5J4r0S3Jo= Subject key identifier: FD:E1:E0:5B:3E:5F:38:AA:BB:E7:F7:6B:2E:B2:08:D8:B4:0E:73:8D Authority key identifier: 5F:C2:0D:EC:71:4B:B5:46:3B:16:4E:15:A5:F8:A1:39:8A:25:50:5D Certificate issuer: /CN=5fc20dec714bb5463b164e15a5f8a1398a25505d Certificate serial: 019B3DFE6FAF4FC9F78363407D4535C392B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft Manifest number: 0481 Signing time: Sat 20 Dec 2025 23:00:43 +0000 Manifest this update: Sat 20 Dec 2025 23:00:43 +0000 Manifest next update: Sun 21 Dec 2025 23:00:43 +0000 Files and hashes: 1: VYOhWlm2y2YZ6EHcFnibmzsOVGY.roa (hash: GJjtJqaW4pHP1Y4i0oHxZvwkAfFAfi2jd3zkxgKT3N8=) 2: X8IN7HFLtUY7Fk4VpfihOYolUF0.crl (hash: rkOD5k18YuTZRDjWmuUtwGS+ArIjbzoW3AM3qgXsbqc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 23:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:6f:af:4f:c9:f7:83:63:40:7d:45:35:c3:92:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fc20dec714bb5463b164e15a5f8a1398a25505d Validity Not Before: Dec 20 23:00:43 2025 GMT Not After : Dec 21 23:00:43 2025 GMT Subject: CN=fde1e05b3e5f38aabbe7f76b2eb208d8b40e738d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8e:35:1d:bf:ff:f6:66:f3:e7:ee:d1:9d:2b: f7:ae:de:a6:6a:61:5b:1c:d0:72:20:83:22:74:9d: e7:3f:de:ec:34:b8:8c:e4:23:5b:e9:88:a8:21:ed: fa:d8:75:a5:e7:68:4e:fc:64:37:f5:85:49:50:33: 69:d2:9e:cc:3d:69:92:fd:a9:75:3d:e9:bf:5b:6d: df:6e:85:a9:fd:dc:5c:af:57:a6:07:06:10:27:2f: 11:83:2b:e5:c2:af:21:38:f6:72:8a:22:45:34:26: 12:a0:6e:9d:7b:60:bf:5c:5e:9a:33:f6:a8:28:30: a5:dc:fe:b4:8e:62:c1:24:52:57:7a:81:3e:ae:c5: e8:27:e9:4c:fc:19:e9:e6:d4:f7:33:5e:ce:30:64: b4:8a:e6:d2:44:63:de:46:f5:90:ac:77:cc:5a:d5: 7c:31:dd:a2:4e:51:43:49:07:7e:57:82:57:5c:38: fe:c2:8e:9c:5c:d2:7b:fe:4b:22:9d:9d:65:df:53: 44:6e:d2:2b:62:7e:e0:f8:eb:4b:fe:41:5a:3d:a5: a8:e5:9c:68:80:03:af:e7:b4:44:04:a2:6e:d5:37: 6c:ad:d1:db:44:0d:f7:8c:88:b9:59:00:00:7c:f8: bd:d0:ea:16:b7:38:6d:7b:10:cd:55:54:e8:a6:fc: 04:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:E1:E0:5B:3E:5F:38:AA:BB:E7:F7:6B:2E:B2:08:D8:B4:0E:73:8D X509v3 Authority Key Identifier: keyid:5F:C2:0D:EC:71:4B:B5:46:3B:16:4E:15:A5:F8:A1:39:8A:25:50:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:4a:e5:d7:5b:1e:e3:93:d7:39:af:da:78:ec:e4:44:83:dc: 47:4c:75:c5:0e:dd:ca:89:b4:98:96:73:65:ca:e1:d7:99:fd: a3:c2:d3:4b:81:e9:51:07:00:e5:de:2e:ac:dc:c6:22:2e:2d: c3:96:bc:32:4d:2c:04:1e:a7:c8:fe:0f:23:91:c7:0d:94:d9: e8:14:be:63:7b:a3:c5:79:c6:81:a9:5b:1d:86:8c:f4:38:3b: 50:0f:4b:63:be:54:2f:69:b4:7a:f5:76:07:da:65:bf:71:cf: 90:ad:9e:f1:96:dd:5f:67:6a:9c:65:03:a2:8a:de:48:0a:2b: 33:b6:57:a7:39:24:c2:80:ef:b0:5e:95:e9:3c:69:60:86:3f: a5:19:7e:e1:33:b5:1d:8f:f9:06:9d:78:c3:03:b2:e0:45:08: f8:3d:4f:98:ad:7f:34:a2:8d:b6:98:3e:3a:89:0d:75:cc:70: 07:b2:6d:f6:8a:b6:ae:c4:44:70:d6:5f:75:4b:ab:12:a6:62: 18:f5:8c:b6:49:d7:e6:50:9b:db:cd:a7:6b:31:da:16:d8:0d: 63:ce:4d:88:e8:93:2a:77:ce:b2:f2:4c:53:d6:82:7a:7f:6c: d3:86:0d:b0:fb:8e:67:db:57:43:43:9c:05:cd:20:a7:82:f0: 95:57:c9:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/m+vT8n3g2NAfUU1w5K0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYzIwZGVjNzE0YmI1NDYzYjE2NGUxNWE1ZjhhMTM5OGEy NTUwNWQwHhcNMjUxMjIwMjMwMDQzWhcNMjUxMjIxMjMwMDQzWjAzMTEwLwYDVQQD EyhmZGUxZTA1YjNlNWYzOGFhYmJlN2Y3NmIyZWIyMDhkOGI0MGU3MzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y41Hb//9mbz5+7RnSv3rt6mamFb HNByIIMidJ3nP97sNLiM5CNb6YioIe362HWl52hO/GQ39YVJUDNp0p7MPWmS/al1 Pem/W23fboWp/dxcr1emBwYQJy8Rgyvlwq8hOPZyiiJFNCYSoG6de2C/XF6aM/ao KDCl3P60jmLBJFJXeoE+rsXoJ+lM/Bnp5tT3M17OMGS0iubSRGPeRvWQrHfMWtV8 Md2iTlFDSQd+V4JXXDj+wo6cXNJ7/ksinZ1l31NEbtIrYn7g+OtL/kFaPaWo5Zxo gAOv57REBKJu1TdsrdHbRA33jIi5WQAAfPi90OoWtzhtexDNVVTopvwE2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP3h4Fs+Xziqu+f3ay6yCNi0DnONMB8GA1UdIwQY MBaAFF/CDexxS7VGOxZOFaX4oTmKJVBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82Nzk3YTUtNTQxMC00YzBkLWI5Yjct ZDk5YjlmNDhkMGRjLzEvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS82Nzk3YTUtNTQxMC00YzBkLWI5YjctZDk5YjlmNDhkMGRj LzEvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkrl11se 45PXOa/aeOzkRIPcR0x1xQ7dyom0mJZzZcrh15n9o8LTS4HpUQcA5d4urNzGIi4t w5a8Mk0sBB6nyP4PI5HHDZTZ6BS+Y3ujxXnGgalbHYaM9Dg7UA9LY75UL2m0evV2 B9plv3HPkK2e8ZbdX2dqnGUDooreSAorM7ZXpzkkwoDvsF6V6TxpYIY/pRl+4TO1 HY/5Bp14wwOy4EUI+D1PmK1/NKKNtpg+OokNdcxwB7Jt9oq2rsREcNZfdUurEqZi GPWMtknX5lCb282nazHaFtgNY85NiOiTKnfOsvJMU9aCen9s04YNsPuOZ9tXQ0Oc Bc0gp4LwlVfJjg== -----END CERTIFICATE-----Generated at Sun Dec 21 08:58:15 2025 by rpki-client