This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json) Hash identifier: vtTDnDrf7BR5KQtjDdjbaXnCpRxK4picjIkg+P2LR7M= Subject key identifier: 60:8B:BF:2A:15:37:2A:9F:C1:B5:71:5C:B5:05:4F:ED:F2:96:73:F9 Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Certificate serial: 019B514E26846AF8E4524EE15BE3500D06E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft Manifest number: 16FF Signing time: Wed 24 Dec 2025 17:00:34 +0000 Manifest this update: Wed 24 Dec 2025 17:00:34 +0000 Manifest next update: Thu 25 Dec 2025 17:00:34 +0000 Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=) 2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: 1LYuprjK6RYqBJ05Zsb27iwFFyLys8HGaQ7Q2JsaDNM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:4e:26:84:6a:f8:e4:52:4e:e1:5b:e3:50:0d:06:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Validity Not Before: Dec 24 17:00:34 2025 GMT Not After : Dec 25 17:00:34 2025 GMT Subject: CN=608bbf2a15372a9fc1b5715cb5054fedf29673f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:fa:04:f0:60:6e:f7:b4:10:e8:65:eb:e5:a1: 5d:b6:25:bf:53:c9:e7:f5:37:37:c3:8c:1f:ab:69: dd:d3:71:47:52:fd:80:9f:a0:8a:a7:c3:ac:04:62: 9b:55:96:48:dc:be:f5:9a:d3:45:9f:91:1f:a0:e2: d4:d8:b7:c1:fa:28:87:e3:7f:1b:ea:92:c4:27:05: 4a:97:7b:63:9d:0f:61:f9:76:66:ea:77:61:ae:9f: 11:c5:41:96:73:a9:55:60:24:a6:b3:bc:4c:84:49: 61:95:2e:cd:0a:6d:12:25:5b:07:a6:fa:9d:23:34: 1a:9f:b7:47:79:8f:92:6f:80:3b:e6:d2:56:64:4c: 94:dc:fa:39:06:61:ab:75:49:46:cc:30:f3:d1:33: 8f:50:16:09:24:cb:db:00:fb:f4:86:05:a6:ff:19: 3b:5e:f0:91:a1:92:98:bc:15:44:b1:4e:f0:0a:58: a2:ac:ed:af:0c:fc:07:3c:b5:35:91:07:6b:cd:df: 51:ba:14:be:97:89:17:81:f3:c9:8a:f6:ce:8a:ce: a2:79:83:8f:81:2f:9e:e3:c8:c6:0f:64:f4:f8:79: c9:c9:89:8c:ad:7d:7a:a4:a9:6d:73:df:c0:fe:57: b8:55:83:23:5d:58:4d:95:7d:0f:aa:f6:4f:78:36: ee:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:8B:BF:2A:15:37:2A:9F:C1:B5:71:5C:B5:05:4F:ED:F2:96:73:F9 X509v3 Authority Key Identifier: keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:3f:9a:58:36:9e:ff:57:3a:a2:a9:85:4d:ca:52:de:95:a3: ba:c3:50:c8:1a:f0:16:5a:56:1a:47:6b:35:e3:23:b2:00:e8: 56:36:41:91:28:04:2c:9e:a5:a4:c2:ec:5d:ff:5c:f0:3c:13: 1d:e1:1d:f5:ae:b2:8e:c3:4e:66:a1:f2:bf:32:ed:73:d7:8d: b2:12:87:cb:26:d7:b4:0c:1d:d0:b0:a5:d8:a4:39:00:8d:0d: e5:d3:86:48:c4:96:a1:86:b7:34:01:22:5e:50:f4:18:eb:ac: e3:eb:c6:a1:35:95:13:09:7e:f7:0a:da:81:8f:43:a4:9e:07: 5d:a0:2f:b5:a2:1c:da:84:53:cc:81:6f:38:6f:d5:98:5d:50: b0:7a:74:e3:e2:99:47:fb:54:5b:64:6e:b0:c6:9d:5d:55:fc: 98:93:56:5c:08:de:59:e4:c0:f2:f1:ce:c6:b6:13:93:b0:8b: be:bc:91:3a:fc:75:68:f2:87:20:63:96:9a:8b:2b:0c:35:97: 5a:0e:a2:4a:9b:a0:c3:34:08:54:25:20:92:c2:0b:76:2e:df: 79:f2:39:19:93:4e:0a:b5:35:7c:4e:98:64:b1:97:06:16:91: 5b:e9:7c:a8:c2:b7:73:19:a2:b0:a3:55:3a:85:e5:0f:04:70: ab:54:c3:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRTiaEavjkUk7hW+NQDQboMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw OTMzYzMwHhcNMjUxMjI0MTcwMDM0WhcNMjUxMjI1MTcwMDM0WjAzMTEwLwYDVQQD Eyg2MDhiYmYyYTE1MzcyYTlmYzFiNTcxNWNiNTA1NGZlZGYyOTY3M2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfoE8GBu97QQ6GXr5aFdtiW/U8nn 9Tc3w4wfq2nd03FHUv2An6CKp8OsBGKbVZZI3L71mtNFn5EfoOLU2LfB+iiH438b 6pLEJwVKl3tjnQ9h+XZm6ndhrp8RxUGWc6lVYCSms7xMhElhlS7NCm0SJVsHpvqd IzQan7dHeY+Sb4A75tJWZEyU3Po5BmGrdUlGzDDz0TOPUBYJJMvbAPv0hgWm/xk7 XvCRoZKYvBVEsU7wCliirO2vDPwHPLU1kQdrzd9RuhS+l4kXgfPJivbOis6ieYOP gS+e48jGD2T0+HnJyYmMrX16pKltc9/A/le4VYMjXVhNlX0PqvZPeDbunwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGCLvyoVNyqfwbVxXLUFT+3ylnP5MB8GA1UdIwQY MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALj+aWDae /1c6oqmFTcpS3pWjusNQyBrwFlpWGkdrNeMjsgDoVjZBkSgELJ6lpMLsXf9c8DwT HeEd9a6yjsNOZqHyvzLtc9eNshKHyybXtAwd0LCl2KQ5AI0N5dOGSMSWoYa3NAEi XlD0GOus4+vGoTWVEwl+9wragY9DpJ4HXaAvtaIc2oRTzIFvOG/VmF1QsHp04+KZ R/tUW2RusMadXVX8mJNWXAjeWeTA8vHOxrYTk7CLvryROvx1aPKHIGOWmosrDDWX Wg6iSpugwzQIVCUgksILdi7fefI5GZNOCrU1fE6YZLGXBhaRW+l8qMK3cxmisKNV OoXlDwRwq1TDFA== -----END CERTIFICATE-----Generated at Wed Dec 24 23:28:06 2025 by rpki-client