This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft File: XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json) Hash identifier: HO7YG/DkFf84sXR/sbEg71+OcHxLr/mLJhQlcEEPKDI= Subject key identifier: A9:55:95:95:28:EF:52:EF:39:19:91:27:AE:98:AE:84:6E:C8:B5:DA Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Certificate serial: 019B52987A6C78D2B0A29954B42A3F309EB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft Manifest number: 0F10 Signing time: Wed 24 Dec 2025 23:01:23 +0000 Manifest this update: Wed 24 Dec 2025 23:01:23 +0000 Manifest next update: Thu 25 Dec 2025 23:01:23 +0000 Files and hashes: 1: 1-EeSCCOFCUoz0VplGP1Lo0h-9As.roa (hash: ZLnUsrTQcRzljBuufN+eacOU/oxAjJXf2wRzESRepgg=) 2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: 07InysY73WiT25Q/3Q3jCNhu2FFQWbME/KadLGC6QbI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 23:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:98:7a:6c:78:d2:b0:a2:99:54:b4:2a:3f:30:9e:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Validity Not Before: Dec 24 23:01:23 2025 GMT Not After : Dec 25 23:01:23 2025 GMT Subject: CN=a955959528ef52ef39199127ae98ae846ec8b5da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:42:2b:3d:95:0b:3e:f6:14:05:d4:7b:c1:a4: e3:3d:4e:30:32:18:44:c3:c7:a0:63:b6:54:24:79: e3:20:0d:6e:f5:f7:fd:ee:85:58:d0:8b:54:f1:3c: 59:70:03:44:66:00:fe:f3:de:de:d8:1f:78:fa:b5: db:94:dc:3c:53:a3:1f:a1:a0:b7:b2:7a:d2:5f:11: 2a:6c:a7:1a:94:03:01:3b:65:5c:a8:00:2f:04:36: 9b:cd:41:d8:5f:88:be:ba:0d:42:da:fb:9c:9f:7d: 12:bd:8e:e8:8d:89:aa:4c:ce:dd:82:19:ee:37:2d: 83:ee:07:ed:6f:39:ac:d0:77:5c:d1:76:8b:dc:7d: 39:2c:a5:09:d8:15:9a:29:ee:4d:0f:19:ba:ab:e2: 4f:10:e4:05:71:d5:47:2a:68:1c:07:ac:b0:9c:fa: 27:27:91:cb:fa:26:ce:e6:4a:17:fe:48:01:d5:c2: 66:bc:9f:51:40:72:6f:10:7d:0c:f7:bd:7f:a9:a9: d9:87:3b:52:d8:46:45:70:e6:1c:a7:f6:ed:bb:f0: 01:82:a2:16:24:6a:f5:a0:6a:bf:8c:23:ba:60:db: ac:53:22:49:b7:13:fe:43:0c:a1:b3:7f:62:fd:45: 9f:d2:39:37:81:50:4f:ec:b0:a5:44:f2:95:c5:c3: 24:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:55:95:95:28:EF:52:EF:39:19:91:27:AE:98:AE:84:6E:C8:B5:DA X509v3 Authority Key Identifier: keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:d5:bf:c2:97:21:2e:dd:43:7e:5f:a2:20:f1:23:d6:f4:93: 31:89:be:7a:25:1f:80:7d:e3:1d:e7:53:30:21:71:2c:ad:5d: 2c:69:ae:36:dc:7e:22:f8:c4:76:ce:e4:46:60:2c:8f:a2:64: 24:6c:30:eb:e8:62:f8:3a:db:b3:89:55:81:67:ef:e9:61:02: 2d:12:7b:b1:b8:45:ec:7c:b9:d3:1c:95:76:bb:c7:76:b1:f6: 21:59:16:bf:c9:65:fa:5e:0d:0d:cb:58:2f:ed:1c:16:6d:57: 2f:ac:57:d8:a0:40:a9:fb:f9:bf:e9:df:d6:18:f4:f9:5b:6c: a5:bb:a6:55:e6:a1:a5:ed:94:00:33:0e:8f:cf:d0:56:a8:da: 41:1d:f2:9a:4a:87:89:f9:4d:72:8b:cd:aa:6f:65:1b:ce:34: 64:d8:df:5e:5e:2b:9d:41:f3:79:98:ca:3c:7f:bd:1c:ce:e7: 6e:e9:22:63:f2:cd:69:2c:c6:a7:fb:89:34:fd:70:06:68:d1: e7:fc:04:d7:78:de:a9:16:f2:af:ac:e6:c4:4b:c8:6f:7c:3b: ee:64:86:c3:30:80:75:95:7e:6c:21:1d:66:e0:09:ae:93:d5: ee:e0:cb:2e:5e:e7:96:a2:db:50:91:cd:f4:7b:b8:4c:d7:1b: cc:70:bc:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSmHpseNKwoplUtCo/MJ63MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz ZThjMDMwHhcNMjUxMjI0MjMwMTIzWhcNMjUxMjI1MjMwMTIzWjAzMTEwLwYDVQQD EyhhOTU1OTU5NTI4ZWY1MmVmMzkxOTkxMjdhZTk4YWU4NDZlYzhiNWRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukIrPZULPvYUBdR7waTjPU4wMhhE w8egY7ZUJHnjIA1u9ff97oVY0ItU8TxZcANEZgD+897e2B94+rXblNw8U6MfoaC3 snrSXxEqbKcalAMBO2VcqAAvBDabzUHYX4i+ug1C2vucn30SvY7ojYmqTM7dghnu Ny2D7gftbzms0Hdc0XaL3H05LKUJ2BWaKe5NDxm6q+JPEOQFcdVHKmgcB6ywnPon J5HL+ibO5koX/kgB1cJmvJ9RQHJvEH0M971/qanZhztS2EZFcOYcp/btu/ABgqIW JGr1oGq/jCO6YNusUyJJtxP+Qwyhs39i/UWf0jk3gVBP7LClRPKVxcMk6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKlVlZUo71LvORmRJ66YroRuyLXaMB8GA1UdIwQY MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNW/wpch Lt1Dfl+iIPEj1vSTMYm+eiUfgH3jHedTMCFxLK1dLGmuNtx+IvjEds7kRmAsj6Jk JGww6+hi+Drbs4lVgWfv6WECLRJ7sbhF7Hy50xyVdrvHdrH2IVkWv8ll+l4NDctY L+0cFm1XL6xX2KBAqfv5v+nf1hj0+VtspbumVeahpe2UADMOj8/QVqjaQR3ymkqH iflNcovNqm9lG840ZNjfXl4rnUHzeZjKPH+9HM7nbukiY/LNaSzGp/uJNP1wBmjR 5/wE13jeqRbyr6zmxEvIb3w77mSGwzCAdZV+bCEdZuAJrpPV7uDLLl7nlqLbUJHN 9Hu4TNcbzHC8GA== -----END CERTIFICATE-----Generated at Thu Dec 25 07:23:20 2025 by rpki-client