This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json) Hash identifier: 023nx1ovKLaQyjKvRXq6Ltb+73B3FLY8NralMOIxCTg= Subject key identifier: 44:F7:76:B0:BA:C4:BE:5F:27:6D:A8:E1:4A:9E:C5:49:CB:57:FA:E1 Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Certificate serial: 019B390F28D1F907402E8BA7FAA712895C34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft Manifest number: 06BB Signing time: Sat 20 Dec 2025 00:00:53 +0000 Manifest this update: Sat 20 Dec 2025 00:00:53 +0000 Manifest next update: Sun 21 Dec 2025 00:00:53 +0000 Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=) 2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: nc5hr+y/l26+CGRQ3qbV2EXLcjJwn19TFbKWbi/mFy8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0f:28:d1:f9:07:40:2e:8b:a7:fa:a7:12:89:5c:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Validity Not Before: Dec 20 00:00:53 2025 GMT Not After : Dec 21 00:00:53 2025 GMT Subject: CN=44f776b0bac4be5f276da8e14a9ec549cb57fae1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:88:86:13:6d:ab:4c:b1:dd:76:75:f2:47:5e: a0:eb:1e:0b:41:31:0c:af:66:ec:b8:9a:f4:08:cc: 15:07:f1:d2:d5:19:51:28:01:1a:70:97:98:1b:8c: f0:e9:ef:6c:f2:21:21:bb:18:c5:7e:a8:ae:8e:a9: be:81:24:64:bf:8d:e9:43:d1:2a:08:41:8c:ab:d7: ca:ca:50:4c:c1:d4:3b:b1:e5:22:47:b2:ad:96:29: 35:69:fb:01:61:ed:d5:0e:da:87:68:25:e1:3d:ce: e3:f7:ac:85:cd:ea:36:92:b2:ca:80:76:c4:0e:68: 57:b6:f2:3d:a2:31:cc:bb:f7:db:99:a8:b6:41:64: a2:82:eb:97:df:36:08:89:46:2e:89:df:f6:99:17: c8:e0:b7:01:4b:90:23:dc:8c:e6:cd:3f:a5:26:c6: be:10:7d:1e:9d:e1:6f:24:08:e7:9a:33:7e:9f:08: b6:d3:dc:df:57:53:10:49:39:25:a7:36:36:ad:15: 63:3e:1e:5d:c5:22:0c:e6:2f:40:cc:e5:11:a6:da: 1c:e3:6f:01:65:62:a2:9e:36:4b:91:cb:2e:02:1c: 3e:2c:a2:17:b2:10:28:30:e4:b9:df:13:57:0e:cb: e4:34:b0:0d:21:65:0c:a7:e5:cc:d2:0d:3f:d2:c6: 82:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:F7:76:B0:BA:C4:BE:5F:27:6D:A8:E1:4A:9E:C5:49:CB:57:FA:E1 X509v3 Authority Key Identifier: keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:24:ba:2e:85:d7:56:2d:bc:59:9d:ce:c4:b1:76:1d:91:f0: ff:de:47:d9:bf:57:b3:6b:a9:a0:a4:7b:96:93:4c:fe:09:b4: d0:92:62:d0:1a:52:a4:12:62:44:99:54:93:5d:2d:73:e0:36: 0c:b4:7f:56:5f:49:51:a7:f4:47:bc:df:43:cb:d1:1b:8b:fc: 39:cf:66:6a:2f:53:eb:17:6d:aa:a1:a8:07:6b:34:ee:65:bb: ce:8c:95:b0:53:5a:f6:8a:84:b8:46:a0:6d:5e:e3:24:ec:6c: ff:16:66:4f:03:d5:15:3a:a1:fb:0b:b3:36:29:a5:6d:bf:4d: f6:d2:ec:82:7a:15:c8:7d:74:e2:ab:7c:e3:20:61:d9:2d:7d: f0:86:e6:a6:54:26:f4:3e:23:8a:fb:49:c5:46:27:05:d1:fc: c2:75:dd:6c:1f:c1:81:52:ab:43:cc:c5:b2:0f:48:87:29:89: 02:dd:55:78:81:1f:c4:f8:a7:65:43:b8:3f:1b:c3:44:e6:31: 7d:65:c0:22:9e:a1:3e:b7:de:d4:8f:0e:72:74:7a:1e:df:3d: 3c:99:04:07:c7:c7:5d:df:dd:56:14:14:4e:c6:0a:75:0b:8e: 6b:62:30:46:c6:b7:44:3d:1d:62:79:0e:f5:8d:9a:67:82:72: 03:c9:1d:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5DyjR+QdALoun+qcSiVw0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl NDcwNzQwHhcNMjUxMjIwMDAwMDUzWhcNMjUxMjIxMDAwMDUzWjAzMTEwLwYDVQQD Eyg0NGY3NzZiMGJhYzRiZTVmMjc2ZGE4ZTE0YTllYzU0OWNiNTdmYWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYiGE22rTLHddnXyR16g6x4LQTEM r2bsuJr0CMwVB/HS1RlRKAEacJeYG4zw6e9s8iEhuxjFfqiujqm+gSRkv43pQ9Eq CEGMq9fKylBMwdQ7seUiR7Ktlik1afsBYe3VDtqHaCXhPc7j96yFzeo2krLKgHbE DmhXtvI9ojHMu/fbmai2QWSiguuX3zYIiUYuid/2mRfI4LcBS5Aj3IzmzT+lJsa+ EH0eneFvJAjnmjN+nwi209zfV1MQSTklpzY2rRVjPh5dxSIM5i9AzOURptoc428B ZWKinjZLkcsuAhw+LKIXshAoMOS53xNXDsvkNLANIWUMp+XM0g0/0saCbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFET3drC6xL5fJ22o4UqexUnLV/rhMB8GA1UdIwQY MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSS6LoXX Vi28WZ3OxLF2HZHw/95H2b9Xs2upoKR7lpNM/gm00JJi0BpSpBJiRJlUk10tc+A2 DLR/Vl9JUaf0R7zfQ8vRG4v8Oc9mai9T6xdtqqGoB2s07mW7zoyVsFNa9oqEuEag bV7jJOxs/xZmTwPVFTqh+wuzNimlbb9N9tLsgnoVyH104qt84yBh2S198IbmplQm 9D4jivtJxUYnBdH8wnXdbB/BgVKrQ8zFsg9IhymJAt1VeIEfxPinZUO4PxvDROYx fWXAIp6hPrfe1I8OcnR6Ht89PJkEB8fHXd/dVhQUTsYKdQuOa2IwRsa3RD0dYnkO 9Y2aZ4JyA8kd1g== -----END CERTIFICATE-----Generated at Sat Dec 20 01:26:19 2025 by rpki-client