This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json) Hash identifier: Ff4PjgJQsnOk1Af+Eod+MgSKLwI3pUN/0p8REG0BqRI= Subject key identifier: EC:9D:FD:BB:FA:D5:1A:EF:2D:CF:C3:E1:5A:ED:D5:BC:EE:C3:FA:72 Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33 Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733 Certificate serial: 019B3A21EDE844D3B225DEE2700B9872DCD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft Manifest number: 100B Signing time: Sat 20 Dec 2025 05:01:00 +0000 Manifest this update: Sat 20 Dec 2025 05:01:00 +0000 Manifest next update: Sun 21 Dec 2025 05:01:00 +0000 Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=) 2: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: V7NnKaEH/9mm/OUa+JrTrExrdO1oNL2FQd8XETeWaCc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:21:ed:e8:44:d3:b2:25:de:e2:70:0b:98:72:dc:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733 Validity Not Before: Dec 20 05:01:00 2025 GMT Not After : Dec 21 05:01:00 2025 GMT Subject: CN=ec9dfdbbfad51aef2dcfc3e15aedd5bceec3fa72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d6:30:56:50:2b:a7:dc:5c:82:f8:aa:77:21: 90:f3:da:a2:54:57:8e:c4:0e:f0:8c:93:94:fc:4d: 68:a9:43:af:b4:73:a4:74:44:74:01:36:a0:eb:36: 22:ba:6e:83:e5:cc:d4:09:b2:01:f2:67:03:20:33: 84:98:4d:ea:6c:52:d3:e4:b6:66:28:15:23:a5:c9: 42:ec:5a:0d:9e:04:30:5f:94:84:2a:fd:e3:f0:f7: a3:5f:06:72:54:4e:b4:70:0e:c0:08:8c:ca:53:cd: d9:2a:13:51:2d:2c:58:13:f5:9e:c7:b8:c5:cf:53: 35:44:94:57:e3:5e:2a:58:d4:1f:fd:d5:be:43:02: cf:68:5e:43:eb:06:5f:46:71:0b:d6:b6:82:e9:fe: a3:09:e6:a5:9d:b4:40:f2:0c:ae:48:7c:77:50:52: 44:72:9c:6d:d6:05:59:60:b9:a0:49:6d:2a:da:bf: 40:44:49:5d:1b:da:11:5c:9b:c6:c2:f4:01:bb:84: 24:30:1a:6a:5f:3c:60:e3:25:7a:34:8e:b5:68:9d: 60:be:82:ae:f6:1c:8c:43:e9:08:25:0c:bd:7d:16: 2c:c5:64:37:11:ee:68:18:5a:f3:85:ae:bc:a6:fc: b1:87:cd:6b:e6:0e:4b:2a:5f:b8:33:c3:82:c0:84: a8:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:9D:FD:BB:FA:D5:1A:EF:2D:CF:C3:E1:5A:ED:D5:BC:EE:C3:FA:72 X509v3 Authority Key Identifier: keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:59:d2:ce:12:3b:99:4f:e3:62:99:eb:f9:52:76:15:30:1e: 67:6e:eb:83:0d:65:ab:57:0f:42:14:96:bf:7a:1d:f4:51:b2: 60:e9:96:07:37:ae:35:1f:63:bf:d0:1f:85:ff:ce:9c:a5:14: ab:13:f7:7b:63:02:43:0c:76:0d:24:8f:48:74:b1:60:8a:d1: df:b3:c0:aa:99:b9:8f:ad:29:9d:9e:a1:3e:3d:65:cf:76:28: 63:a5:8d:b8:b3:70:ea:83:81:26:40:c0:af:ba:9c:05:21:36: db:ab:48:57:9a:7c:1f:76:3c:a3:3c:09:be:3a:24:37:87:78: 61:97:57:ca:e0:3c:50:15:c7:49:df:d7:b0:7c:62:70:be:73: 60:88:b1:cb:a3:1c:09:a8:20:3b:71:2d:95:e2:3d:68:a4:71: 49:d1:00:63:e9:0c:72:63:e6:a4:c5:b5:f3:cf:31:06:40:f5: 32:6d:6a:31:2e:94:5b:3b:1a:76:5b:78:d6:4d:40:18:4e:f0: 56:e2:e3:ca:51:b4:e8:67:ab:3f:cd:19:dc:de:8b:a6:41:9f: f4:c3:88:21:5f:a2:7a:47:50:e5:aa:69:42:35:9b:e6:f5:db: 94:13:2f:83:e4:a7:56:01:f1:14:1a:df:c9:5e:bf:f0:d4:83: 51:1a:a8:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6Ie3oRNOyJd7icAuYctzZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh NzA3MzMwHhcNMjUxMjIwMDUwMTAwWhcNMjUxMjIxMDUwMTAwWjAzMTEwLwYDVQQD EyhlYzlkZmRiYmZhZDUxYWVmMmRjZmMzZTE1YWVkZDViY2VlYzNmYTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09YwVlArp9xcgviqdyGQ89qiVFeO xA7wjJOU/E1oqUOvtHOkdER0ATag6zYium6D5czUCbIB8mcDIDOEmE3qbFLT5LZm KBUjpclC7FoNngQwX5SEKv3j8PejXwZyVE60cA7ACIzKU83ZKhNRLSxYE/Wex7jF z1M1RJRX414qWNQf/dW+QwLPaF5D6wZfRnEL1raC6f6jCealnbRA8gyuSHx3UFJE cpxt1gVZYLmgSW0q2r9AREldG9oRXJvGwvQBu4QkMBpqXzxg4yV6NI61aJ1gvoKu 9hyMQ+kIJQy9fRYsxWQ3Ee5oGFrzha68pvyxh81r5g5LKl+4M8OCwISoiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOyd/bv61RrvLc/D4Vrt1bzuw/pyMB8GA1UdIwQY MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVnSzhI7 mU/jYpnr+VJ2FTAeZ27rgw1lq1cPQhSWv3od9FGyYOmWBzeuNR9jv9Afhf/OnKUU qxP3e2MCQwx2DSSPSHSxYIrR37PAqpm5j60pnZ6hPj1lz3YoY6WNuLNw6oOBJkDA r7qcBSE226tIV5p8H3Y8ozwJvjokN4d4YZdXyuA8UBXHSd/XsHxicL5zYIixy6Mc CaggO3EtleI9aKRxSdEAY+kMcmPmpMW1888xBkD1Mm1qMS6UWzsadlt41k1AGE7w VuLjylG06GerP80Z3N6LpkGf9MOIIV+iekdQ5appQjWb5vXblBMvg+SnVgHxFBrf yV6/8NSDURqoIg== -----END CERTIFICATE-----Generated at Sat Dec 20 10:32:05 2025 by rpki-client