This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json) Hash identifier: yOSawyj7cwuXEsQQbv865ITR3stY1h8o9magn9PNLzU= Subject key identifier: CD:56:D3:30:42:69:27:D7:C5:FD:9A:6B:17:2A:38:B7:B8:C8:DF:E2 Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440 Certificate serial: 019B41DBA84C1A2762D6F221A46A5CCF1EE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft Manifest number: 1598 Signing time: Sun 21 Dec 2025 17:01:13 +0000 Manifest this update: Sun 21 Dec 2025 17:01:13 +0000 Manifest next update: Mon 22 Dec 2025 17:01:13 +0000 Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=) 2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 8JBdjNGHXt/beD/dP10jQQWkYvKZ88fG5aPa+Mw8SHY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:db:a8:4c:1a:27:62:d6:f2:21:a4:6a:5c:cf:1e:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440 Validity Not Before: Dec 21 17:01:13 2025 GMT Not After : Dec 22 17:01:13 2025 GMT Subject: CN=cd56d330426927d7c5fd9a6b172a38b7b8c8dfe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:20:e6:03:20:02:07:b0:7c:96:f9:18:c3:9e: cd:45:37:7c:25:4a:1b:fa:66:8f:96:9c:79:13:b5: 76:5e:df:7c:fc:e3:1e:45:87:7e:2d:72:b7:21:0e: 8d:95:bf:ff:d4:10:24:d8:d0:e0:99:50:dc:73:cf: 25:05:5a:ea:fb:9a:d3:c9:38:ba:cf:8a:36:71:e4: 0f:37:87:ef:93:e0:33:4e:ce:72:c2:d3:6c:83:ae: 29:09:60:e2:92:d3:45:ae:f5:38:01:d9:e3:ae:3f: 14:ea:a5:fc:96:27:3c:0e:0c:b0:db:6d:a9:4a:79: f9:42:2a:8a:f3:42:0e:ac:40:15:54:2e:4a:92:cc: c5:75:a1:c1:e1:75:b3:ec:75:81:f1:32:21:54:9d: e6:e6:20:a7:2a:1d:a7:9b:d9:9c:fb:22:08:a5:e6: 24:f9:b2:8b:83:c9:1c:7a:48:ab:e3:c3:15:d3:e0: 9b:5b:cc:7d:73:70:b5:20:bc:c8:c8:de:76:2d:16: 5a:7d:33:fb:b1:f9:ca:64:59:97:06:42:a5:17:d7: 9b:96:4a:a1:af:a5:06:78:c9:e0:37:4a:b2:87:16: cf:ea:f1:fd:fd:47:eb:ac:af:73:15:b5:c7:11:a0: e1:40:80:6b:b7:52:61:25:b8:74:53:4d:0f:f1:71: e4:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:56:D3:30:42:69:27:D7:C5:FD:9A:6B:17:2A:38:B7:B8:C8:DF:E2 X509v3 Authority Key Identifier: keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:44:18:ae:34:06:a0:5c:5e:46:45:4c:f5:38:39:a8:20:78: 7e:47:b3:47:f7:e3:8c:fd:ee:45:3c:3a:f8:20:6b:d6:ec:58: 59:00:2e:8f:af:ed:79:40:87:89:48:3f:9b:26:4a:e7:9a:88: cc:28:93:fd:97:9d:f1:f3:bc:76:3a:2b:a0:b2:d4:22:d3:eb: b9:2a:52:bc:da:cb:eb:23:6f:1c:60:42:53:86:c4:05:54:c2: 69:59:4c:0e:b9:d4:e6:03:0a:12:b6:7a:28:b2:e0:88:fb:57: a6:d6:ce:c5:0d:b1:81:91:c2:ee:4b:17:30:78:48:50:50:b8: 9a:c1:80:c8:39:2e:a2:d0:a8:05:71:1d:2d:5e:f2:dd:69:6e: e1:ad:21:fc:1e:7b:49:a2:a8:a3:3e:da:3a:ce:1a:12:d4:05: e2:64:db:b4:ab:52:e9:64:58:5d:1a:40:6a:ba:65:41:a9:6f: 31:ed:91:9e:51:3f:e0:0d:cb:e3:ed:ea:11:3a:4e:15:84:0b: 9c:e7:21:f7:d0:c3:60:e7:ac:cf:ad:f0:ea:42:e2:62:03:2c: d2:88:1b:de:bb:34:39:65:a9:b3:cf:72:75:a8:a2:59:39:8b: a9:81:e5:6e:9e:1a:88:86:cc:a3:fd:53:20:74:d2:06:3d:15: 78:7c:2c:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtB26hMGidi1vIhpGpczx7lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl MzU0NDAwHhcNMjUxMjIxMTcwMTEzWhcNMjUxMjIyMTcwMTEzWjAzMTEwLwYDVQQD EyhjZDU2ZDMzMDQyNjkyN2Q3YzVmZDlhNmIxNzJhMzhiN2I4YzhkZmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriDmAyACB7B8lvkYw57NRTd8JUob +maPlpx5E7V2Xt98/OMeRYd+LXK3IQ6Nlb//1BAk2NDgmVDcc88lBVrq+5rTyTi6 z4o2ceQPN4fvk+AzTs5ywtNsg64pCWDiktNFrvU4Adnjrj8U6qX8lic8Dgyw222p Snn5QiqK80IOrEAVVC5KkszFdaHB4XWz7HWB8TIhVJ3m5iCnKh2nm9mc+yIIpeYk +bKLg8kcekir48MV0+CbW8x9c3C1ILzIyN52LRZafTP7sfnKZFmXBkKlF9eblkqh r6UGeMngN0qyhxbP6vH9/UfrrK9zFbXHEaDhQIBrt1JhJbh0U00P8XHkbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1W0zBCaSfXxf2aaxcqOLe4yN/iMB8GA1UdIwQY MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUQYrjQG oFxeRkVM9Tg5qCB4fkezR/fjjP3uRTw6+CBr1uxYWQAuj6/teUCHiUg/myZK55qI zCiT/Zed8fO8djoroLLUItPruSpSvNrL6yNvHGBCU4bEBVTCaVlMDrnU5gMKErZ6 KLLgiPtXptbOxQ2xgZHC7ksXMHhIUFC4msGAyDkuotCoBXEdLV7y3Wlu4a0h/B57 SaKooz7aOs4aEtQF4mTbtKtS6WRYXRpAarplQalvMe2RnlE/4A3L4+3qETpOFYQL nOch99DDYOesz63w6kLiYgMs0ogb3rs0OWWps89ydaiiWTmLqYHlbp4aiIbMo/1T IHTSBj0VeHwsHQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:17:22 2025 by rpki-client