This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.mft File: XLtvfRHev55LqLH2nDg7j8PErhI.mft (raw, json) Hash identifier: 1ietRWKeyBdZ0FoKtr/QCTVu4iniooxh5xCkIUdnpho= Subject key identifier: 9A:B3:A7:68:F1:ED:6C:06:24:7A:AC:C8:3F:08:3F:A4:82:A4:CD:EA Authority key identifier: 5C:BB:6F:7D:11:DE:BF:9E:4B:A8:B1:F6:9C:38:3B:8F:C3:C4:AE:12 Certificate issuer: /CN=5cbb6f7d11debf9e4ba8b1f69c383b8fc3c4ae12 Certificate serial: 019B416D56D94F6679DF77A77CED4D4FED4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLtvfRHev55LqLH2nDg7j8PErhI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.mft Manifest number: 0BB0 Signing time: Sun 21 Dec 2025 15:00:43 +0000 Manifest this update: Sun 21 Dec 2025 15:00:43 +0000 Manifest next update: Mon 22 Dec 2025 15:00:43 +0000 Files and hashes: 1: GeKBRab06m2Sa_WEDlm2vrbqt80.roa (hash: rshNYrEYAk6Ccd9rs6FmkxFoBRIeaz8vJy7lI8MW13k=) 2: XLtvfRHev55LqLH2nDg7j8PErhI.crl (hash: EN1w/+7K/7JumcpuVSlsGqZ1y+fJ4F22uE5XX10c3bs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.mft rsync://rpki.ripe.net/repository/DEFAULT/XLtvfRHev55LqLH2nDg7j8PErhI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:56:d9:4f:66:79:df:77:a7:7c:ed:4d:4f:ed:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cbb6f7d11debf9e4ba8b1f69c383b8fc3c4ae12 Validity Not Before: Dec 21 15:00:43 2025 GMT Not After : Dec 22 15:00:43 2025 GMT Subject: CN=9ab3a768f1ed6c06247aacc83f083fa482a4cdea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:82:cc:90:63:bf:b8:ee:e4:00:d2:3d:a7:83: 80:fe:1e:43:f8:71:b1:6e:8e:e9:db:5a:1e:af:b4: c5:ec:38:81:2d:51:18:1c:de:d8:3a:44:43:b0:f2: 43:fb:7d:8b:ec:c2:5e:9e:33:40:61:7d:ce:c0:70: ad:4f:b4:32:77:0b:71:3f:9d:3f:6f:f6:9d:4f:80: c0:e1:56:8e:51:7f:52:31:f7:ad:74:e3:3e:99:55: 5b:e3:2e:77:7c:30:b3:a4:e4:73:c6:de:69:fb:3d: d8:cb:5b:46:65:59:7d:48:3e:e7:2e:a4:47:10:93: 88:61:a7:17:92:f7:c6:21:e2:8a:39:46:84:f2:a7: 65:18:f5:cc:ff:87:98:86:bd:cf:ea:a4:0c:21:99: 67:5b:48:69:b4:50:74:f3:f9:4e:bd:4d:c2:fa:e2: 8a:88:ff:82:57:a3:1a:31:42:eb:83:26:89:b6:5f: a7:cc:53:1f:41:c4:44:d1:3c:24:7e:61:e1:d0:b0: 72:a9:60:65:0a:8d:4d:17:70:e1:7b:b3:5d:04:f1: 7a:ce:3f:53:12:50:52:35:d7:bf:96:ad:ff:91:94: c0:62:80:a6:42:d1:b2:20:91:15:53:e1:98:6f:f1: 17:1b:03:41:29:36:fe:81:95:7b:b3:2a:03:b4:16: 67:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:B3:A7:68:F1:ED:6C:06:24:7A:AC:C8:3F:08:3F:A4:82:A4:CD:EA X509v3 Authority Key Identifier: keyid:5C:BB:6F:7D:11:DE:BF:9E:4B:A8:B1:F6:9C:38:3B:8F:C3:C4:AE:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLtvfRHev55LqLH2nDg7j8PErhI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ca8125-5477-4222-b055-bbeb4550d9e6/1/XLtvfRHev55LqLH2nDg7j8PErhI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:a3:8d:47:6a:90:fd:a6:f8:8a:7b:cc:86:dc:06:59:b0:07: b0:47:52:6d:9f:dd:67:c0:80:1e:99:93:5f:40:37:6b:fb:b9: 68:f2:66:cc:f7:8f:68:87:01:f9:b2:66:0c:1f:38:7b:1e:86: 35:c1:e5:9e:e1:cf:ad:43:99:86:72:31:a3:5c:b5:61:f6:36: 1b:28:67:43:18:da:eb:83:6e:a1:71:fa:f8:79:72:d7:d1:9c: 0d:aa:7f:c2:71:43:48:4d:f8:7f:67:8a:7a:d2:27:ab:e8:33: 49:ed:23:da:2d:ae:b7:83:7a:13:08:6a:c9:af:f6:b9:d5:2b: 09:ef:69:98:0d:d4:af:8e:05:ab:55:dc:b0:fc:a1:cb:ab:d2: bf:47:d7:b2:df:70:68:4b:1e:7d:b3:b7:3f:54:13:3c:73:5d: c7:ff:89:cb:e1:e9:6f:26:88:8e:41:f0:d0:1c:1c:2d:5d:8c: 97:77:ba:1e:8c:6d:29:d3:83:ba:3d:68:80:7f:e0:35:95:a7: 30:b3:88:e1:02:07:db:1a:8d:c2:3c:a8:2f:f4:e2:96:22:5e: 6e:00:ef:00:b9:3b:65:2a:1a:87:23:fd:e0:c8:f5:0d:e0:43: 96:73:40:04:0f:ad:60:6a:8f:1e:a0:a1:84:b5:de:4c:51:4a: 5f:04:f8:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbVbZT2Z533enfO1NT+1MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYmI2ZjdkMTFkZWJmOWU0YmE4YjFmNjljMzgzYjhmYzNj NGFlMTIwHhcNMjUxMjIxMTUwMDQzWhcNMjUxMjIyMTUwMDQzWjAzMTEwLwYDVQQD Eyg5YWIzYTc2OGYxZWQ2YzA2MjQ3YWFjYzgzZjA4M2ZhNDgyYTRjZGVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4LMkGO/uO7kANI9p4OA/h5D+HGx bo7p21oer7TF7DiBLVEYHN7YOkRDsPJD+32L7MJenjNAYX3OwHCtT7QydwtxP50/ b/adT4DA4VaOUX9SMfetdOM+mVVb4y53fDCzpORzxt5p+z3Yy1tGZVl9SD7nLqRH EJOIYacXkvfGIeKKOUaE8qdlGPXM/4eYhr3P6qQMIZlnW0hptFB08/lOvU3C+uKK iP+CV6MaMULrgyaJtl+nzFMfQcRE0TwkfmHh0LByqWBlCo1NF3Dhe7NdBPF6zj9T ElBSNde/lq3/kZTAYoCmQtGyIJEVU+GYb/EXGwNBKTb+gZV7syoDtBZn4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJqzp2jx7WwGJHqsyD8IP6SCpM3qMB8GA1UdIwQY MBaAFFy7b30R3r+eS6ix9pw4O4/DxK4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEx0dmZSSGV2NTVMcUxIMm5EZzdqOFBFcmhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jYTgxMjUtNTQ3Ny00MjIyLWIwNTUt YmJlYjQ1NTBkOWU2LzEvWEx0dmZSSGV2NTVMcUxIMm5EZzdqOFBFcmhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9jYTgxMjUtNTQ3Ny00MjIyLWIwNTUtYmJlYjQ1NTBkOWU2 LzEvWEx0dmZSSGV2NTVMcUxIMm5EZzdqOFBFcmhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHaONR2qQ /ab4invMhtwGWbAHsEdSbZ/dZ8CAHpmTX0A3a/u5aPJmzPePaIcB+bJmDB84ex6G NcHlnuHPrUOZhnIxo1y1YfY2GyhnQxja64NuoXH6+Hly19GcDap/wnFDSE34f2eK etInq+gzSe0j2i2ut4N6Ewhqya/2udUrCe9pmA3Ur44Fq1XcsPyhy6vSv0fXst9w aEsefbO3P1QTPHNdx/+Jy+HpbyaIjkHw0BwcLV2Ml3e6HoxtKdODuj1ogH/gNZWn MLOI4QIH2xqNwjyoL/TiliJebgDvALk7ZSoahyP94Mj1DeBDlnNABA+tYGqPHqCh hLXeTFFKXwT43w== -----END CERTIFICATE-----Generated at Sun Dec 21 17:00:36 2025 by rpki-client