This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft File: XzHZebcQ7eIGiCOIGqYRrROvVFk.mft (raw, json) Hash identifier: SUiFA71E/wm9b/bO6Z8tHhAIuIFEaoYjGJdJk1Ngmqo= Subject key identifier: 42:30:C9:C5:C2:0C:9B:CC:C9:F1:0A:CE:BE:ED:F6:96:6F:46:6B:B8 Authority key identifier: 5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 Certificate issuer: /CN=5f31d979b710ede2068823881aa611ad13af5459 Certificate serial: 019B2D0BD950916C2901625903E62FDF9F12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft Manifest number: 0D35 Signing time: Wed 17 Dec 2025 16:01:49 +0000 Manifest this update: Wed 17 Dec 2025 16:01:49 +0000 Manifest next update: Thu 18 Dec 2025 16:01:49 +0000 Files and hashes: 1: 7VePb56Lb2mDp_DoHqAJOVOs_T8.roa (hash: V7IpcMoqQADg7SX3r725vYH2jPknDmi+ikdfBjQyP5c=) 2: XzHZebcQ7eIGiCOIGqYRrROvVFk.crl (hash: mpryUd1ITLgItBwWRhjTpzDFBrmUT34iO8Wi15aZ0S8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 16:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:d9:50:91:6c:29:01:62:59:03:e6:2f:df:9f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f31d979b710ede2068823881aa611ad13af5459 Validity Not Before: Dec 17 16:01:49 2025 GMT Not After : Dec 18 16:01:49 2025 GMT Subject: CN=4230c9c5c20c9bccc9f10acebeedf6966f466bb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a7:53:ae:46:7f:c5:69:d0:26:5e:17:d4:ff: 6a:dd:8f:ab:1b:38:d0:55:bf:6d:00:c7:64:8a:ef: db:c0:27:8f:7e:4b:ec:8b:39:38:48:bc:32:e4:93: f9:26:d1:e7:c9:65:3b:0f:67:d5:d5:95:03:3a:f5: cb:52:18:ae:13:d8:7b:af:e0:18:a5:0d:ee:26:05: 45:db:12:32:9c:b1:71:48:c7:01:d9:25:7d:99:27: 2a:e3:73:5f:3a:38:fd:a5:05:32:f4:65:03:74:1d: c5:f2:50:6c:03:46:fa:6a:e6:6e:ff:ba:de:99:c4: 39:e7:05:b0:38:65:ea:ec:6d:12:41:a8:7f:fd:fd: 84:56:e7:bb:90:05:9a:4f:14:8e:fc:73:19:80:cd: 37:65:49:26:d9:42:c7:10:08:33:6f:29:10:5b:73: 23:4e:09:d4:da:09:d2:bd:89:a4:a3:3a:46:a4:4a: fb:14:64:81:55:06:a1:66:34:fb:b3:03:56:22:46: 3b:20:c6:64:24:95:cc:7d:4d:0d:13:6b:5a:b3:d8: 1b:0f:9e:3e:02:fd:f0:3f:cc:1c:f4:6c:37:b8:14: 05:44:66:b4:2e:64:36:46:71:6a:8d:50:22:14:65: 49:3f:2c:57:78:82:4b:85:74:87:b3:db:46:41:66: 2e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:30:C9:C5:C2:0C:9B:CC:C9:F1:0A:CE:BE:ED:F6:96:6F:46:6B:B8 X509v3 Authority Key Identifier: keyid:5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:0d:57:d1:8a:ae:80:e8:31:17:11:27:8d:7b:c9:05:46:85: cb:c3:69:27:0d:4d:0f:f5:e0:cf:eb:45:38:c4:f0:ca:de:1f: df:40:2e:f5:7d:83:ba:d4:ad:ca:c5:47:5b:ec:83:9a:c9:a5: ff:2c:2a:48:4e:63:26:c3:fb:8e:35:40:a5:df:27:15:52:30: 15:22:59:8e:87:f9:23:40:25:d0:4c:2e:d7:5b:37:59:20:02: af:9d:f0:2b:ba:59:df:79:ce:46:85:65:0d:20:ba:64:ab:61: 7f:4f:70:8e:11:4d:cd:8b:7d:e2:c1:05:62:69:42:a7:5a:35: d4:8b:a6:39:5f:5f:76:ee:ab:0e:5a:6c:ff:71:03:d3:b9:db: e3:b6:67:0f:a7:2a:3e:59:9d:10:ec:96:f6:a6:75:73:db:4b: a8:6e:fc:85:32:46:51:28:f2:7a:89:74:dc:2a:6f:eb:9a:3f: 6a:54:56:b2:f2:a2:f9:cc:e9:be:09:95:07:45:15:12:ff:45: f3:80:0e:7e:1f:d0:01:36:a0:c7:28:68:57:6f:12:e6:52:b3: 1e:21:0f:54:fb:94:e6:6f:dd:34:46:c5:cd:ed:d4:ce:3e:61: c8:1d:03:5b:30:79:15:ba:35:04:cd:93:93:45:f0:f5:d1:cf: 32:bb:cf:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC9lQkWwpAWJZA+Yv358SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMzFkOTc5YjcxMGVkZTIwNjg4MjM4ODFhYTYxMWFkMTNh ZjU0NTkwHhcNMjUxMjE3MTYwMTQ5WhcNMjUxMjE4MTYwMTQ5WjAzMTEwLwYDVQQD Eyg0MjMwYzljNWMyMGM5YmNjYzlmMTBhY2ViZWVkZjY5NjZmNDY2YmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06dTrkZ/xWnQJl4X1P9q3Y+rGzjQ Vb9tAMdkiu/bwCePfkvsizk4SLwy5JP5JtHnyWU7D2fV1ZUDOvXLUhiuE9h7r+AY pQ3uJgVF2xIynLFxSMcB2SV9mScq43NfOjj9pQUy9GUDdB3F8lBsA0b6auZu/7re mcQ55wWwOGXq7G0SQah//f2EVue7kAWaTxSO/HMZgM03ZUkm2ULHEAgzbykQW3Mj TgnU2gnSvYmkozpGpEr7FGSBVQahZjT7swNWIkY7IMZkJJXMfU0NE2tas9gbD54+ Av3wP8wc9Gw3uBQFRGa0LmQ2RnFqjVAiFGVJPyxXeIJLhXSHs9tGQWYu0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEIwycXCDJvMyfEKzr7t9pZvRmu4MB8GA1UdIwQY MBaAFF8x2Xm3EO3iBogjiBqmEa0Tr1RZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMt NDFjNjY0NThkZDczLzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMtNDFjNjY0NThkZDcz LzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfA1X0Yqu gOgxFxEnjXvJBUaFy8NpJw1ND/Xgz+tFOMTwyt4f30Au9X2DutStysVHW+yDmsml /ywqSE5jJsP7jjVApd8nFVIwFSJZjof5I0Al0Ewu11s3WSACr53wK7pZ33nORoVl DSC6ZKthf09wjhFNzYt94sEFYmlCp1o11IumOV9fdu6rDlps/3ED07nb47ZnD6cq PlmdEOyW9qZ1c9tLqG78hTJGUSjyeol03Cpv65o/alRWsvKi+czpvgmVB0UVEv9F 84AOfh/QATagxyhoV28S5lKzHiEPVPuU5m/dNEbFze3Uzj5hyB0DWzB5Fbo1BM2T k0Xw9dHPMrvP3g== -----END CERTIFICATE-----Generated at Wed Dec 17 23:55:06 2025 by rpki-client