This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json) Hash identifier: gsMN8oG8yePbeSLotMGFhcm6lNB1sHdZdggRNHF6N7k= Subject key identifier: D9:32:72:4E:A0:E8:68:7A:B1:68:F4:19:90:46:23:B6:38:0B:20:DA Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d Certificate serial: 019B65E882E7B01AA3EF51D1AA8C3EED9E0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft Manifest number: 172F Signing time: Sun 28 Dec 2025 17:01:35 +0000 Manifest this update: Sun 28 Dec 2025 17:01:35 +0000 Manifest next update: Mon 29 Dec 2025 17:01:35 +0000 Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=) 2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: E0oqFDtahvUhc4gDfWmiztQs3FBBqctriRVtOrcddkI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 17:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:e8:82:e7:b0:1a:a3:ef:51:d1:aa:8c:3e:ed:9e:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d Validity Not Before: Dec 28 17:01:35 2025 GMT Not After : Dec 29 17:01:35 2025 GMT Subject: CN=d932724ea0e8687ab168f419904623b6380b20da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:12:45:11:3c:b7:fe:42:a5:d1:5d:14:49:8f: 95:d9:99:f5:b9:48:04:ad:35:ea:d4:18:de:dd:3a: 04:2d:7e:cc:d5:b6:43:de:38:0c:86:25:c1:51:8a: 5f:12:ea:5c:59:fe:85:3f:f2:61:2a:34:fc:8b:63: 29:f7:dd:9c:67:78:6f:43:fd:0e:b7:5a:fd:c4:c5: 58:c0:9b:c3:5b:79:3b:af:3c:05:9e:99:ed:df:be: 8f:4b:91:22:9b:46:99:30:59:06:93:80:66:d4:53: a1:f2:23:e5:b7:47:f3:c4:4c:0a:d6:2d:33:2b:fc: 3f:d5:6b:24:db:18:f3:2f:b1:c6:47:15:49:8c:de: 21:fb:6d:ef:f1:77:91:1b:02:04:8c:f6:c0:d1:30: 17:37:f3:47:d6:ec:1f:76:90:b7:3a:38:dd:36:91: 0b:74:39:84:56:c6:bb:95:10:1e:5a:c1:cd:0e:ac: bf:e6:3c:e6:61:72:d3:32:9b:72:f9:bf:e2:25:0b: 60:47:cd:14:30:d7:c0:d5:f5:38:35:64:96:72:47: fb:c0:55:b3:cc:65:bd:97:43:56:1a:18:a6:cc:7e: e7:2e:ef:40:5e:4c:a9:32:43:17:4a:f8:f2:6b:c1: a9:64:59:86:61:c4:d0:b0:77:59:a5:6c:7c:5d:b2: 77:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:32:72:4E:A0:E8:68:7A:B1:68:F4:19:90:46:23:B6:38:0B:20:DA X509v3 Authority Key Identifier: keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:09:c4:e7:ef:ae:bb:dd:ae:da:1b:58:8e:82:d7:14:3d:25: 64:15:15:5d:e7:78:c2:bd:60:04:31:04:1c:4e:9d:bc:c9:48: f8:4c:21:fc:d8:ce:96:0a:a3:9e:a9:95:8c:fb:da:42:2c:11: a2:02:52:fd:4d:cd:dd:c2:5a:7c:32:9e:03:0c:65:1b:09:b3: aa:96:09:2c:c0:b5:24:1b:b5:08:62:93:6f:37:9a:e4:ee:e5: cf:c0:96:f5:c9:50:b0:e3:e8:d3:bb:02:fe:19:c9:5d:34:6b: c3:3b:20:04:25:d8:c0:5b:ef:8e:4f:57:4a:de:a3:5c:a6:53: 86:2c:5c:da:66:b2:78:c9:90:bd:47:98:50:53:45:7c:65:66: 7c:ce:b8:e0:84:f1:45:5f:f9:fd:26:3c:d4:89:11:97:cc:4d: d3:9f:0a:4b:e3:b5:c1:01:c8:2b:6a:b8:f9:c4:71:09:83:20: a2:dc:36:54:6f:58:70:15:76:e1:fe:20:53:4b:c6:b5:53:9e: f4:67:32:22:14:58:0c:a9:6a:a8:c3:d0:86:b0:62:2d:ae:9e: 71:40:2f:5e:07:05:fd:72:ed:ea:0d:6f:b4:a3:3b:33:4b:a5: 42:b8:38:e4:2a:bc:48:c2:6c:77:a1:c7:b9:89:db:a1:35:f7: 98:6c:87:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtl6ILnsBqj71HRqow+7Z4KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw MzA5NGQwHhcNMjUxMjI4MTcwMTM1WhcNMjUxMjI5MTcwMTM1WjAzMTEwLwYDVQQD EyhkOTMyNzI0ZWEwZTg2ODdhYjE2OGY0MTk5MDQ2MjNiNjM4MGIyMGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBJFETy3/kKl0V0USY+V2Zn1uUgE rTXq1Bje3ToELX7M1bZD3jgMhiXBUYpfEupcWf6FP/JhKjT8i2Mp992cZ3hvQ/0O t1r9xMVYwJvDW3k7rzwFnpnt376PS5Eim0aZMFkGk4Bm1FOh8iPlt0fzxEwK1i0z K/w/1Wsk2xjzL7HGRxVJjN4h+23v8XeRGwIEjPbA0TAXN/NH1uwfdpC3OjjdNpEL dDmEVsa7lRAeWsHNDqy/5jzmYXLTMpty+b/iJQtgR80UMNfA1fU4NWSWckf7wFWz zGW9l0NWGhimzH7nLu9AXkypMkMXSvjya8GpZFmGYcTQsHdZpWx8XbJ3eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNkyck6g6Gh6sWj0GZBGI7Y4CyDaMB8GA1UdIwQY MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2 LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgnE5++u u92u2htYjoLXFD0lZBUVXed4wr1gBDEEHE6dvMlI+Ewh/NjOlgqjnqmVjPvaQiwR ogJS/U3N3cJafDKeAwxlGwmzqpYJLMC1JBu1CGKTbzea5O7lz8CW9clQsOPo07sC /hnJXTRrwzsgBCXYwFvvjk9XSt6jXKZThixc2mayeMmQvUeYUFNFfGVmfM644ITx RV/5/SY81IkRl8xN058KS+O1wQHIK2q4+cRxCYMgotw2VG9YcBV24f4gU0vGtVOe 9GcyIhRYDKlqqMPQhrBiLa6ecUAvXgcF/XLt6g1vtKM7M0ulQrg45Cq8SMJsd6HH uYnboTX3mGyHWg== -----END CERTIFICATE-----Generated at Mon Dec 29 00:48:01 2025 by rpki-client