This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft File: XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json) Hash identifier: 1g5QMKDwO6rCTDiZfwjlPtMrz2XlgkvYHwb7rqQheEg= Subject key identifier: FB:DD:4E:D2:12:2B:58:57:F2:FB:2F:58:C0:08:F8:E6:B2:38:BE:61 Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Certificate serial: 019B4ADF26D32B35AE04CFE27CD26D329DCB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft Manifest number: 0F0C Signing time: Tue 23 Dec 2025 11:01:37 +0000 Manifest this update: Tue 23 Dec 2025 11:01:37 +0000 Manifest next update: Wed 24 Dec 2025 11:01:37 +0000 Files and hashes: 1: 1-EeSCCOFCUoz0VplGP1Lo0h-9As.roa (hash: ZLnUsrTQcRzljBuufN+eacOU/oxAjJXf2wRzESRepgg=) 2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: b7jxMpzEDM7xvMgkejDif85jz5BgLVms1BK3UhCfL5E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 11:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:df:26:d3:2b:35:ae:04:cf:e2:7c:d2:6d:32:9d:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03 Validity Not Before: Dec 23 11:01:37 2025 GMT Not After : Dec 24 11:01:37 2025 GMT Subject: CN=fbdd4ed2122b5857f2fb2f58c008f8e6b238be61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4f:1b:27:a5:40:cf:7f:4b:00:cc:a6:c6:98: 38:79:3a:00:60:5c:5c:17:7a:b4:db:29:38:f9:1e: 75:40:1c:d1:ce:f2:b4:0e:15:7f:6c:b9:9c:8d:62: 4f:59:4b:f3:68:58:3e:36:52:eb:ec:a5:b9:22:c4: 8c:3b:8a:ec:7b:eb:e7:62:cb:15:e4:2a:44:ae:be: 4b:f5:14:a1:45:c2:e6:be:a5:36:01:00:51:b2:a0: 3b:f8:ad:ad:11:68:fc:8b:49:1d:fc:b5:dc:d3:7d: 1c:b8:92:62:fc:1e:85:af:1e:16:de:43:2b:49:a7: 43:68:99:13:b4:e5:04:c1:56:6d:44:9a:43:1d:e3: 25:20:17:f1:c6:21:57:15:83:0f:23:c3:f8:85:8b: 88:0b:1e:31:28:94:93:e4:a6:0c:6f:e8:64:af:b8: c2:f0:6f:4b:27:f3:36:dc:2d:69:5c:f6:95:37:1a: cd:7e:3f:7a:23:73:81:70:c6:98:80:78:05:3d:12: f9:b2:51:7e:f2:8f:49:be:c4:4c:e5:ac:6c:89:bd: 5e:c2:dc:26:82:c6:3c:24:f1:7e:ed:7c:6a:1c:98: f6:39:87:6a:49:91:60:19:e1:b4:1a:2c:36:c6:92: 25:8b:e2:e9:f2:17:2d:7b:e7:20:4d:20:94:39:cf: c0:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:DD:4E:D2:12:2B:58:57:F2:FB:2F:58:C0:08:F8:E6:B2:38:BE:61 X509v3 Authority Key Identifier: keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:15:52:ba:66:fc:d5:40:53:4f:03:5b:a6:84:6e:81:8b:42: ae:7c:c1:a9:e8:50:07:ad:ae:8b:f1:ba:df:ff:08:88:ff:c5: 36:bf:72:08:15:51:a2:c6:3a:cb:be:74:97:24:0b:d5:4d:7e: 99:6e:00:24:4c:b9:a8:ed:26:09:7e:07:c5:1f:96:34:9e:55: fa:65:da:1e:8d:97:54:01:0f:f5:9d:74:ca:9f:13:98:03:a8: 44:dd:05:38:28:63:b6:77:39:22:fc:f0:86:21:78:c1:09:0f: a5:4f:65:6b:81:88:22:8b:ef:5e:ee:ee:43:3a:96:18:35:65: c8:0d:5b:e1:f9:49:42:e6:bf:34:9b:f6:e6:58:6a:56:7b:07: b1:79:77:79:dd:03:cb:02:a4:83:35:4a:a4:fe:5e:3d:40:1d: 4e:7a:c1:c4:cd:3b:07:35:77:cb:2e:98:b4:8c:21:d2:7a:8d: 88:d2:50:ae:69:f7:d7:cf:ce:18:66:a8:93:d5:69:a0:a8:97: 2d:32:49:c6:c0:13:b5:95:5f:dd:56:01:3e:d2:4f:d9:0f:b1: 86:37:06:41:54:e7:d9:3e:41:6a:c1:5d:ca:10:ba:54:04:67: 03:0a:7b:fd:f1:dd:17:3d:b6:a8:41:05:21:c5:9a:be:b3:82: ae:24:d0:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtK3ybTKzWuBM/ifNJtMp3LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz ZThjMDMwHhcNMjUxMjIzMTEwMTM3WhcNMjUxMjI0MTEwMTM3WjAzMTEwLwYDVQQD EyhmYmRkNGVkMjEyMmI1ODU3ZjJmYjJmNThjMDA4ZjhlNmIyMzhiZTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk8bJ6VAz39LAMymxpg4eToAYFxc F3q02yk4+R51QBzRzvK0DhV/bLmcjWJPWUvzaFg+NlLr7KW5IsSMO4rse+vnYssV 5CpErr5L9RShRcLmvqU2AQBRsqA7+K2tEWj8i0kd/LXc030cuJJi/B6Frx4W3kMr SadDaJkTtOUEwVZtRJpDHeMlIBfxxiFXFYMPI8P4hYuICx4xKJST5KYMb+hkr7jC 8G9LJ/M23C1pXPaVNxrNfj96I3OBcMaYgHgFPRL5slF+8o9JvsRM5axsib1ewtwm gsY8JPF+7XxqHJj2OYdqSZFgGeG0Giw2xpIli+Lp8hcte+cgTSCUOc/A0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPvdTtISK1hX8vsvWMAI+OayOL5hMB8GA1UdIwQY MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVhVSumb8 1UBTTwNbpoRugYtCrnzBqehQB62ui/G63/8IiP/FNr9yCBVRosY6y750lyQL1U1+ mW4AJEy5qO0mCX4HxR+WNJ5V+mXaHo2XVAEP9Z10yp8TmAOoRN0FOChjtnc5Ivzw hiF4wQkPpU9la4GIIovvXu7uQzqWGDVlyA1b4flJQua/NJv25lhqVnsHsXl3ed0D ywKkgzVKpP5ePUAdTnrBxM07BzV3yy6YtIwh0nqNiNJQrmn318/OGGaok9VpoKiX LTJJxsATtZVf3VYBPtJP2Q+xhjcGQVTn2T5BasFdyhC6VARnAwp7/fHdFz22qEEF IcWavrOCriTQCw== -----END CERTIFICATE-----Generated at Tue Dec 23 18:34:48 2025 by rpki-client