This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json) Hash identifier: TEBsObJWgTZ/T2NmpwDVPOsC1Lwd2h3QAvnOHCZPyk0= Subject key identifier: 0D:6E:42:60:E2:DA:4F:B6:11:F5:69:8E:E8:B5:65:9C:5E:3B:F8:65 Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Certificate serial: 019B499536B4D1C45CAF03901C6BFAEE69DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft Manifest number: 16FB Signing time: Tue 23 Dec 2025 05:01:14 +0000 Manifest this update: Tue 23 Dec 2025 05:01:14 +0000 Manifest next update: Wed 24 Dec 2025 05:01:14 +0000 Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=) 2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: OxeQWab8B8hcJ83dhclG8IP+08nZ4xlOndA9R13K4SI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 05:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:95:36:b4:d1:c4:5c:af:03:90:1c:6b:fa:ee:69:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Validity Not Before: Dec 23 05:01:14 2025 GMT Not After : Dec 24 05:01:14 2025 GMT Subject: CN=0d6e4260e2da4fb611f5698ee8b5659c5e3bf865 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a2:2f:09:90:7c:db:59:eb:08:48:f5:38:b5: 59:61:ea:0c:20:f3:82:a0:43:3f:5c:24:7f:75:78: 5c:41:92:5f:5d:8e:04:5f:e6:82:b2:71:45:83:de: 0a:51:dc:9d:fd:bb:4c:a1:34:8a:3a:d0:1c:b0:4b: 6c:ed:ae:ca:1e:7e:1c:34:9c:7d:e2:23:ac:14:83: 7d:74:a0:78:07:e0:c8:3c:ff:17:85:ab:d2:26:dc: e4:16:38:13:47:47:fd:62:90:cc:10:ea:0d:c5:5a: 29:e9:74:e0:b4:ca:a7:05:54:a5:88:f6:64:10:08: dc:e1:62:a3:aa:94:14:f8:5e:00:7e:46:8a:c3:bc: 68:51:73:99:98:9d:25:71:b1:9c:0b:b5:a1:67:be: d6:cc:97:95:ce:1f:6f:42:4c:7e:ff:77:14:b0:73: 45:4e:3b:df:7d:98:75:32:61:e4:26:69:89:e9:b4: 62:1a:10:29:cb:6e:6f:5f:cc:e3:27:46:68:12:62: db:79:21:ed:71:b7:ff:ed:72:e2:ef:06:b0:af:ce: 2e:22:f7:c3:2e:25:a0:e4:82:bc:84:a0:2d:e5:2a: 58:c1:67:08:aa:12:15:07:fc:0d:c4:bf:dd:f4:14: 73:ed:ad:06:96:95:05:da:85:74:fe:a6:2f:0d:e5: 19:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:6E:42:60:E2:DA:4F:B6:11:F5:69:8E:E8:B5:65:9C:5E:3B:F8:65 X509v3 Authority Key Identifier: keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:46:d7:f8:3c:43:16:4d:69:30:7d:87:d5:e0:a6:3a:53:fb: e3:b8:64:a8:6e:f4:b3:26:96:3f:84:de:67:a9:b9:ab:b0:36: f0:3a:e3:27:53:e2:06:85:3f:69:13:9b:9c:06:35:08:95:ef: 3f:5f:82:ab:16:22:05:10:d4:f3:14:26:34:64:2b:ce:19:3f: 22:34:02:f3:5c:2f:64:ae:dc:d1:9a:a5:3c:a3:50:d3:1e:d7: 52:53:81:bc:81:ba:7f:37:fd:6b:d8:7f:34:1a:f3:61:99:ec: 42:a4:8c:50:c3:8a:b8:57:91:10:7c:78:b3:2d:c3:97:2f:99: 13:c0:c8:c1:93:01:ab:59:98:62:6e:b4:09:b0:68:cb:c1:67: 90:fb:73:15:75:39:a3:cd:69:01:1a:04:8e:70:3e:b7:c7:36: d2:db:e8:c8:39:ec:4f:fc:61:53:85:e4:80:45:0f:14:b6:24: e1:ab:2c:5f:16:5c:d8:43:27:ec:99:64:d2:74:07:80:52:30: 01:01:91:95:2b:a6:eb:fc:7a:97:84:14:ae:74:05:8f:14:16: d9:33:7f:d9:e6:8c:9e:d6:df:9a:c1:1a:34:c6:e3:4d:80:17: 8c:03:33:9b:d3:27:bf:7a:b8:78:c7:03:d9:cd:9c:69:16:5d: be:a3:af:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJlTa00cRcrwOQHGv67mneMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw OTMzYzMwHhcNMjUxMjIzMDUwMTE0WhcNMjUxMjI0MDUwMTE0WjAzMTEwLwYDVQQD EygwZDZlNDI2MGUyZGE0ZmI2MTFmNTY5OGVlOGI1NjU5YzVlM2JmODY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaIvCZB821nrCEj1OLVZYeoMIPOC oEM/XCR/dXhcQZJfXY4EX+aCsnFFg94KUdyd/btMoTSKOtAcsEts7a7KHn4cNJx9 4iOsFIN9dKB4B+DIPP8XhavSJtzkFjgTR0f9YpDMEOoNxVop6XTgtMqnBVSliPZk EAjc4WKjqpQU+F4AfkaKw7xoUXOZmJ0lcbGcC7WhZ77WzJeVzh9vQkx+/3cUsHNF TjvffZh1MmHkJmmJ6bRiGhApy25vX8zjJ0ZoEmLbeSHtcbf/7XLi7wawr84uIvfD LiWg5IK8hKAt5SpYwWcIqhIVB/wNxL/d9BRz7a0GlpUF2oV0/qYvDeUZHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1uQmDi2k+2EfVpjui1ZZxeO/hlMB8GA1UdIwQY MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm0bX+DxD Fk1pMH2H1eCmOlP747hkqG70syaWP4TeZ6m5q7A28DrjJ1PiBoU/aRObnAY1CJXv P1+CqxYiBRDU8xQmNGQrzhk/IjQC81wvZK7c0ZqlPKNQ0x7XUlOBvIG6fzf9a9h/ NBrzYZnsQqSMUMOKuFeREHx4sy3Dly+ZE8DIwZMBq1mYYm60CbBoy8FnkPtzFXU5 o81pARoEjnA+t8c20tvoyDnsT/xhU4XkgEUPFLYk4assXxZc2EMn7Jlk0nQHgFIw AQGRlSum6/x6l4QUrnQFjxQW2TN/2eaMntbfmsEaNMbjTYAXjAMzm9Mnv3q4eMcD 2c2caRZdvqOvhg== -----END CERTIFICATE-----Generated at Tue Dec 23 12:53:47 2025 by rpki-client