This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json) Hash identifier: uUQJy3hs28mZ4fNE+hrDwb5RP5hOXk1L8ppGh/Qq9Lw= Subject key identifier: 75:72:9C:08:31:06:33:EC:18:19:28:D0:2E:2D:53:6A:EC:C8:74:3C Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019B35A0C88D3A16D4AC70B0AC72F04F34DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft Manifest number: 179B Signing time: Fri 19 Dec 2025 08:01:28 +0000 Manifest this update: Fri 19 Dec 2025 08:01:28 +0000 Manifest next update: Sat 20 Dec 2025 08:01:28 +0000 Files and hashes: 1: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (hash: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=) 2: 3TSrnVPCjyw6LodRykSs6RR28tA.roa (hash: zGSnutgCi7aRhsrnKssjXI5Z238+gDkkfWPc6h8G0+I=) 3: CXLJsfdv2mQYEw_nRCBRyHgGrls.roa (hash: gIlLTUkZL/5+bXwsRESHghLIgWvhwbD5U5vB0n4lI0k=) 4: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (hash: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=) 5: LjHQRUqe4fLfiS_M0uR2yHkIVsY.roa (hash: jHwF+Ucs9Egx9vRvgHwI9YrO/JhN5R4twljmxbgKN5c=) 6: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: pJ8SFQ4vnILOc5QB3wrqKFE3vU4cm3GM4hwMObUh5Zs=) 7: XsnL58BowN54P94Hq8ZFELardLk.roa (hash: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=) 8: Zz42OKsTm8e7N4-UL7iAE7WQUo8.roa (hash: 5tp1DE1mgaUL43CN7zGdBuvgS2VFLrFuAK++O/dGYog=) 9: aCmXnOhdIWHZjR6YD1Rod6YvGNc.roa (hash: iW+Z/yl7UOD6yvlgUZgO+TZmSZwkPpW3YOaIuSe/RJg=) 10: xuDTDMEslqKPlZ2emXhAqCHpZwk.roa (hash: jcyM9LWTAAxEKRGaAJaeFS8iGlw9gblRVA2IJcUw/E0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a0:c8:8d:3a:16:d4:ac:70:b0:ac:72:f0:4f:34:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Dec 19 08:01:28 2025 GMT Not After : Dec 20 08:01:28 2025 GMT Subject: CN=75729c08310633ec181928d02e2d536aecc8743c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:9f:1c:89:8a:8c:a9:27:26:ec:c9:87:56:23: e9:77:91:8f:d4:18:ee:c7:3a:99:10:7d:fc:22:78: 69:fc:9f:48:2c:d2:d2:bc:f9:0f:b1:05:98:0c:2e: 4e:28:84:7f:80:10:7e:08:70:3a:95:a0:8d:27:d0: 90:ad:b8:db:42:1d:9d:c0:66:52:3e:b0:aa:02:41: d6:43:9e:03:8b:7b:19:36:f4:f4:02:04:a4:13:ca: b4:0e:51:e8:b9:00:04:ca:bb:af:9d:7f:30:c9:74: 9b:f7:05:bc:7e:93:d5:0e:06:61:8b:ad:39:cd:53: d2:01:58:50:1a:e6:20:a9:b5:24:7f:42:64:ec:cb: c3:4e:05:78:72:03:d0:8a:ef:4d:c4:93:96:30:91: ee:93:9a:c1:39:08:2e:56:90:d2:02:61:cc:e6:9a: 0f:ec:11:3f:d2:22:a8:bc:69:e9:95:5b:d1:6d:4d: e5:f1:f5:36:dc:f0:63:37:78:b0:a2:31:77:31:b4: 02:26:72:34:bd:c8:2e:5a:cd:6d:3b:1a:d0:10:2c: 1c:1a:4c:19:21:93:15:56:57:68:af:3f:61:ab:37: c7:cb:21:4f:56:6b:a7:9e:8a:bb:88:0f:ac:bf:49: 5b:e8:7a:5f:27:c4:c6:bc:24:5f:52:2a:81:55:b4: d8:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:72:9C:08:31:06:33:EC:18:19:28:D0:2E:2D:53:6A:EC:C8:74:3C X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:bd:f9:5c:3d:0a:4e:25:13:90:28:0b:09:2c:de:7c:33:4b: 59:66:2c:fa:7f:03:c5:d7:9c:41:10:81:79:fb:4b:5d:95:4e: 86:5a:00:ff:84:4f:e1:66:8e:3f:e2:e3:77:a4:3c:59:39:ce: 13:5b:76:b3:9a:ea:52:a2:57:6a:10:25:ce:6c:71:d5:0b:35: 04:67:b5:93:9e:12:77:ba:4f:4d:31:2b:65:34:66:60:1e:0a: 18:6c:34:3b:89:de:48:48:75:fc:71:d9:f6:76:f0:c8:dc:93: c2:00:d7:df:28:5c:8a:0c:85:00:5b:fd:a0:9b:16:12:52:75: 32:c3:53:1c:4f:48:2e:c4:0f:c4:9b:f9:c6:06:1c:08:7b:a8: 29:73:ba:d9:ea:5b:4d:00:80:6e:be:00:77:e5:a3:ae:e4:05: be:6a:b7:3f:e4:14:df:c4:89:2c:a9:88:f3:c9:b9:6d:f1:9f: 65:87:d9:fd:5f:b6:f0:d5:34:ae:29:f4:4d:42:49:69:03:49: b3:05:24:03:95:54:4a:ee:a3:3d:ce:79:e4:89:f5:7b:e2:0d: 41:48:94:11:28:f2:fb:31:80:08:43:63:a9:d9:c7:53:61:24: 41:ed:3e:86:b5:00:92:06:14:9b:b0:39:4d:b9:6f:cc:b8:59: 52:a0:2c:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oMiNOhbUrHCwrHLwTzTfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjUxMjE5MDgwMTI4WhcNMjUxMjIwMDgwMTI4WjAzMTEwLwYDVQQD Eyg3NTcyOWMwODMxMDYzM2VjMTgxOTI4ZDAyZTJkNTM2YWVjYzg3NDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp8ciYqMqScm7MmHViPpd5GP1Bju xzqZEH38Inhp/J9ILNLSvPkPsQWYDC5OKIR/gBB+CHA6laCNJ9CQrbjbQh2dwGZS PrCqAkHWQ54Di3sZNvT0AgSkE8q0DlHouQAEyruvnX8wyXSb9wW8fpPVDgZhi605 zVPSAVhQGuYgqbUkf0Jk7MvDTgV4cgPQiu9NxJOWMJHuk5rBOQguVpDSAmHM5poP 7BE/0iKovGnplVvRbU3l8fU23PBjN3iwojF3MbQCJnI0vcguWs1tOxrQECwcGkwZ IZMVVldorz9hqzfHyyFPVmunnoq7iA+sv0lb6HpfJ8TGvCRfUiqBVbTYLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHVynAgxBjPsGBko0C4tU2rsyHQ8MB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjr35XD0K TiUTkCgLCSzefDNLWWYs+n8DxdecQRCBeftLXZVOhloA/4RP4WaOP+Ljd6Q8WTnO E1t2s5rqUqJXahAlzmxx1Qs1BGe1k54Sd7pPTTErZTRmYB4KGGw0O4neSEh1/HHZ 9nbwyNyTwgDX3yhcigyFAFv9oJsWElJ1MsNTHE9ILsQPxJv5xgYcCHuoKXO62epb TQCAbr4Ad+WjruQFvmq3P+QU38SJLKmI88m5bfGfZYfZ/V+28NU0rin0TUJJaQNJ swUkA5VUSu6jPc555In1e+INQUiUESjy+zGACENjqdnHU2EkQe0+hrUAkgYUm7A5 TblvzLhZUqAsHQ== -----END CERTIFICATE-----Generated at Fri Dec 19 13:35:45 2025 by rpki-client