This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft File: XzHZebcQ7eIGiCOIGqYRrROvVFk.mft (raw, json) Hash identifier: BSZmF02D/G2DItxg3VyqZamKNlkz0FiETo//lmLGOwc= Subject key identifier: F9:FA:FF:0C:EA:18:A2:5C:72:AA:9D:C0:50:BF:77:78:A6:7C:71:58 Authority key identifier: 5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 Certificate issuer: /CN=5f31d979b710ede2068823881aa611ad13af5459 Certificate serial: 019B3A90927E5002661637B526596874BF66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft Manifest number: 0D3C Signing time: Sat 20 Dec 2025 07:01:51 +0000 Manifest this update: Sat 20 Dec 2025 07:01:51 +0000 Manifest next update: Sun 21 Dec 2025 07:01:51 +0000 Files and hashes: 1: 7VePb56Lb2mDp_DoHqAJOVOs_T8.roa (hash: V7IpcMoqQADg7SX3r725vYH2jPknDmi+ikdfBjQyP5c=) 2: XzHZebcQ7eIGiCOIGqYRrROvVFk.crl (hash: 4ReQFF2pCk9ncFdxZHpkzOPkicnBLvDg6K0W8tRgWHY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:92:7e:50:02:66:16:37:b5:26:59:68:74:bf:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f31d979b710ede2068823881aa611ad13af5459 Validity Not Before: Dec 20 07:01:51 2025 GMT Not After : Dec 21 07:01:51 2025 GMT Subject: CN=f9faff0cea18a25c72aa9dc050bf7778a67c7158 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:64:fe:32:de:d3:35:5c:b0:b7:43:2c:3a:20: f1:03:56:3a:3e:b7:66:cb:4e:d1:b4:73:9a:74:ad: c5:24:2e:3b:de:74:0f:e3:b5:11:9c:53:ba:e9:b2: c8:bd:20:2d:ce:a2:c8:5c:e4:ef:8d:b9:7b:85:d7: c8:e4:fa:2b:4a:f7:90:85:ed:cb:79:ea:b0:5f:44: 3a:8d:96:12:8a:03:e1:90:fe:75:32:2a:47:93:80: a4:98:a1:0f:80:b1:38:ef:00:fc:7b:7b:5a:d9:04: 27:75:63:79:f1:90:db:49:2a:c2:35:7b:45:a5:14: d2:d1:56:e8:c0:82:da:ef:ec:35:0a:06:bc:3f:1f: d9:9a:ac:65:c7:7e:f1:5c:88:7e:3b:97:66:67:ec: 4d:6c:c0:ca:c9:e4:38:c4:17:f0:14:11:66:db:78: 9d:2d:b5:26:78:b7:2d:2d:38:f4:95:77:27:94:cf: 1d:cc:24:12:23:87:de:73:ea:87:ab:7a:49:d0:6f: a7:38:98:ae:df:a9:56:35:4f:2e:d0:49:b4:ef:de: a9:dd:f1:39:81:f2:bd:a2:77:cd:0d:bc:04:71:07: 0b:8f:e9:f6:85:dd:aa:b2:37:8c:b6:62:1a:5b:da: 21:48:59:fe:67:8b:a3:22:b0:8c:32:d8:77:bb:3e: b0:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:FA:FF:0C:EA:18:A2:5C:72:AA:9D:C0:50:BF:77:78:A6:7C:71:58 X509v3 Authority Key Identifier: keyid:5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:cc:81:45:87:ac:db:9f:e4:a6:7a:38:3d:07:15:99:27:40: c4:7a:09:30:dc:03:56:ab:d1:00:6c:fa:c1:c3:50:40:aa:a3: 61:8c:94:0e:c8:4a:44:a0:9e:f0:1e:ba:bc:8e:4f:e7:b7:b6: 6c:b8:99:0f:7a:c3:aa:d2:f7:c8:e4:25:73:1e:cf:85:51:e0: ea:23:31:56:cf:03:14:96:83:e8:e2:a9:d1:7f:c3:03:cb:7b: 23:87:27:c1:d3:cb:07:50:b3:f3:40:92:7f:e5:a6:d0:37:13: 7c:e2:94:7a:f3:b0:1d:4c:be:0b:b6:13:5b:ad:7f:c3:c4:b6: 75:50:20:93:09:c8:34:08:0b:77:1f:a6:0c:60:b3:bf:e0:2e: ae:8e:53:88:d5:c2:8d:62:71:4a:31:70:35:1e:b0:c1:db:14: 9e:bf:8b:a0:44:b2:d5:2b:13:59:dc:15:1c:90:cf:c5:20:8d: 29:8d:e7:c8:45:3f:3f:88:8c:f6:4c:42:41:69:aa:2e:a7:4d: 47:d4:68:86:e1:fe:22:49:54:2f:bb:b8:5b:ba:ea:6f:11:c4: 59:22:e2:a5:a3:ed:d5:64:ea:f3:aa:10:30:99:9c:6a:ce:d9: 32:c5:79:c8:92:20:43:44:56:c0:c7:2e:f2:64:9f:d7:cc:8b: 2b:4f:17:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kJJ+UAJmFje1JllodL9mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMzFkOTc5YjcxMGVkZTIwNjg4MjM4ODFhYTYxMWFkMTNh ZjU0NTkwHhcNMjUxMjIwMDcwMTUxWhcNMjUxMjIxMDcwMTUxWjAzMTEwLwYDVQQD EyhmOWZhZmYwY2VhMThhMjVjNzJhYTlkYzA1MGJmNzc3OGE2N2M3MTU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWT+Mt7TNVywt0MsOiDxA1Y6Prdm y07RtHOadK3FJC473nQP47URnFO66bLIvSAtzqLIXOTvjbl7hdfI5PorSveQhe3L eeqwX0Q6jZYSigPhkP51MipHk4CkmKEPgLE47wD8e3ta2QQndWN58ZDbSSrCNXtF pRTS0VbowILa7+w1Cga8Px/Zmqxlx37xXIh+O5dmZ+xNbMDKyeQ4xBfwFBFm23id LbUmeLctLTj0lXcnlM8dzCQSI4fec+qHq3pJ0G+nOJiu36lWNU8u0Em0796p3fE5 gfK9onfNDbwEcQcLj+n2hd2qsjeMtmIaW9ohSFn+Z4ujIrCMMth3uz6wSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPn6/wzqGKJccqqdwFC/d3imfHFYMB8GA1UdIwQY MBaAFF8x2Xm3EO3iBogjiBqmEa0Tr1RZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMt NDFjNjY0NThkZDczLzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMtNDFjNjY0NThkZDcz LzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGMyBRYes 25/kpno4PQcVmSdAxHoJMNwDVqvRAGz6wcNQQKqjYYyUDshKRKCe8B66vI5P57e2 bLiZD3rDqtL3yOQlcx7PhVHg6iMxVs8DFJaD6OKp0X/DA8t7I4cnwdPLB1Cz80CS f+Wm0DcTfOKUevOwHUy+C7YTW61/w8S2dVAgkwnINAgLdx+mDGCzv+Auro5TiNXC jWJxSjFwNR6wwdsUnr+LoESy1SsTWdwVHJDPxSCNKY3nyEU/P4iM9kxCQWmqLqdN R9RohuH+IklUL7u4W7rqbxHEWSLipaPt1WTq86oQMJmcas7ZMsV5yJIgQ0RWwMcu 8mSf18yLK08XOA== -----END CERTIFICATE-----Generated at Sat Dec 20 12:18:23 2025 by rpki-client