This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json) Hash identifier: /WdQVjapIgXm7GAwzZoOzxxQBUG1aVx3YOdsn6djP+k= Subject key identifier: 97:93:EB:6D:EF:A3:D1:37:F1:CC:99:56:1A:5F:77:F3:BD:F0:7A:C9 Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440 Certificate serial: 019B3FED187729AFE9467383D86A8DD12F30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft Manifest number: 1597 Signing time: Sun 21 Dec 2025 08:01:01 +0000 Manifest this update: Sun 21 Dec 2025 08:01:01 +0000 Manifest next update: Mon 22 Dec 2025 08:01:01 +0000 Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=) 2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 257BK3z0MLd6p0mehRC8iZOf10xBdM9VRpaRtDmu9KA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 08:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ed:18:77:29:af:e9:46:73:83:d8:6a:8d:d1:2f:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440 Validity Not Before: Dec 21 08:01:01 2025 GMT Not After : Dec 22 08:01:01 2025 GMT Subject: CN=9793eb6defa3d137f1cc99561a5f77f3bdf07ac9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:cf:2e:bb:99:ec:ab:f5:3d:99:91:c6:08:45: 71:3d:06:7c:7a:b5:65:5d:5c:1c:c0:a4:e7:4a:fb: 80:2e:f4:68:57:3d:a3:19:e3:9c:4d:35:19:8d:04: 67:b8:e3:c3:9f:43:d2:35:a0:7a:49:ca:7d:0d:07: 34:cf:2c:f5:a4:83:90:e7:0d:0f:3c:45:f8:cb:49: 87:db:08:f1:87:79:f9:a8:ff:e2:66:24:7e:67:b4: 73:54:1b:66:94:93:89:a9:f4:88:b6:e2:83:3c:dc: 9e:ef:f6:d0:76:03:fb:ef:0b:53:12:a9:19:85:98: 2b:e7:4f:d1:b4:bc:1a:bb:4b:3a:62:16:fc:67:9a: d7:64:ec:8d:10:83:b4:9b:f7:fe:2a:29:6e:58:54: 7b:e3:fa:33:cb:9b:f1:e7:79:32:68:1c:49:d3:3f: 5d:1b:c0:65:96:aa:b9:28:c0:e0:91:1b:1d:23:12: cd:ed:83:5e:f8:55:15:b2:75:e7:2b:73:46:24:f3: 5d:9b:3f:4c:c0:a1:2f:f2:32:43:f6:74:ff:b0:4e: 83:b2:a1:ff:65:34:12:43:d3:18:bc:7f:c9:e1:33: 91:b8:b2:30:48:ab:5a:ad:f8:3a:76:85:75:a8:d8: 06:93:3c:38:b2:02:2d:59:1b:53:83:a1:78:71:88: 02:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:93:EB:6D:EF:A3:D1:37:F1:CC:99:56:1A:5F:77:F3:BD:F0:7A:C9 X509v3 Authority Key Identifier: keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:6f:b7:1b:ab:24:47:b6:c5:ab:02:d3:e5:54:8b:df:d8:50: f4:d7:43:cb:70:59:86:ea:1e:31:2d:83:fe:3d:81:83:78:62: a1:f3:16:ee:52:ed:5f:fa:f5:36:c0:85:f2:52:d6:cc:61:a3: 74:cf:1c:4d:a0:6d:e6:5d:e3:9a:93:8a:86:7e:c4:46:59:8e: f6:8e:1e:24:ef:98:e8:a0:1f:fa:aa:06:c8:07:6c:54:aa:24: 6d:92:0e:82:5b:2a:89:f4:6a:59:b2:f4:0d:44:9e:42:b5:75: 13:90:3f:83:db:a7:8d:e1:75:a2:2d:41:1b:73:5f:f4:66:1c: 60:7d:32:3b:4b:13:ea:33:44:f7:52:f4:03:3f:19:c9:d6:60: 92:cf:58:fb:e8:65:90:99:90:3e:21:c1:02:fb:45:94:a1:c8: 25:4b:1e:6c:58:16:2d:5d:01:6d:b8:ab:11:04:e9:3d:03:fa: e3:57:3f:81:f0:9b:69:d2:e4:d9:42:7d:79:3d:74:56:3c:73: 15:08:68:13:69:55:d8:ad:33:3b:c5:45:18:27:d5:bd:e2:2a: a4:f3:ef:03:c3:30:40:f1:51:a0:07:85:ec:e5:2c:e5:85:5e: 31:11:da:f5:95:f0:da:ce:99:63:da:51:73:9c:da:df:b9:d6: 79:8d:94:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7Rh3Ka/pRnOD2GqN0S8wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl MzU0NDAwHhcNMjUxMjIxMDgwMTAxWhcNMjUxMjIyMDgwMTAxWjAzMTEwLwYDVQQD Eyg5NzkzZWI2ZGVmYTNkMTM3ZjFjYzk5NTYxYTVmNzdmM2JkZjA3YWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM8uu5nsq/U9mZHGCEVxPQZ8erVl XVwcwKTnSvuALvRoVz2jGeOcTTUZjQRnuOPDn0PSNaB6Scp9DQc0zyz1pIOQ5w0P PEX4y0mH2wjxh3n5qP/iZiR+Z7RzVBtmlJOJqfSItuKDPNye7/bQdgP77wtTEqkZ hZgr50/RtLwau0s6Yhb8Z5rXZOyNEIO0m/f+KiluWFR74/ozy5vx53kyaBxJ0z9d G8Bllqq5KMDgkRsdIxLN7YNe+FUVsnXnK3NGJPNdmz9MwKEv8jJD9nT/sE6DsqH/ ZTQSQ9MYvH/J4TORuLIwSKtarfg6doV1qNgGkzw4sgItWRtTg6F4cYgCMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJeT623vo9E38cyZVhpfd/O98HrJMB8GA1UdIwQY MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOG+3G6sk R7bFqwLT5VSL39hQ9NdDy3BZhuoeMS2D/j2Bg3hiofMW7lLtX/r1NsCF8lLWzGGj dM8cTaBt5l3jmpOKhn7ERlmO9o4eJO+Y6KAf+qoGyAdsVKokbZIOglsqifRqWbL0 DUSeQrV1E5A/g9unjeF1oi1BG3Nf9GYcYH0yO0sT6jNE91L0Az8ZydZgks9Y++hl kJmQPiHBAvtFlKHIJUsebFgWLV0BbbirEQTpPQP641c/gfCbadLk2UJ9eT10Vjxz FQhoE2lV2K0zO8VFGCfVveIqpPPvA8MwQPFRoAeF7OUs5YVeMRHa9ZXw2s6ZY9pR c5za37nWeY2Udg== -----END CERTIFICATE-----Generated at Sun Dec 21 17:28:09 2025 by rpki-client