This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft File: XpNr6hsMOiCKuifYsQsnXkdN3iw.mft (raw, json) Hash identifier: Ragau6V5VYCCTdujK+Ww8/CkVLvFYdsAxRRstonboMQ= Subject key identifier: 4D:62:9F:5C:C4:54:6D:79:82:84:76:D8:DB:CC:3A:FA:65:90:DE:51 Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c Certificate serial: 019B70D92A2FF0503EE109D002FA08B53984 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft Manifest number: 17A4 Signing time: Tue 30 Dec 2025 20:00:38 +0000 Manifest this update: Tue 30 Dec 2025 20:00:38 +0000 Manifest next update: Wed 31 Dec 2025 20:00:38 +0000 Files and hashes: 1: Nw7X2LCFZpQsGc2GoXyrFKElkBk.roa (hash: y5oQHHhbifcLGWzUQAXcT2e3MvPfBEuWSolqQY+gsts=) 2: XpNr6hsMOiCKuifYsQsnXkdN3iw.crl (hash: JCCMC6hWpMe74zcnwGt05DPALFxVf6OTfOuesLdc8EY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:70:d9:2a:2f:f0:50:3e:e1:09:d0:02:fa:08:b5:39:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c Validity Not Before: Dec 30 20:00:38 2025 GMT Not After : Dec 31 20:00:38 2025 GMT Subject: CN=4d629f5cc4546d79828476d8dbcc3afa6590de51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:09:90:a6:19:1e:7e:9d:22:14:fa:80:1a:e0: 2b:25:48:ee:cd:ff:4c:38:1c:62:65:e2:a5:3f:a7: 02:9d:89:91:52:e2:c2:2c:9b:d1:7f:68:ee:c1:66: b3:8e:89:27:f8:28:08:ae:b6:b7:1c:88:58:84:e8: 09:74:ec:e4:f5:c1:1f:01:c4:c5:fa:26:2d:c3:03: 2c:d8:cd:9d:35:f6:df:15:3b:ca:7b:54:cf:51:cf: f7:b5:e4:3a:79:16:f3:e8:20:25:4c:87:97:a3:f9: 03:61:58:52:39:dd:d5:70:60:0e:16:da:bf:37:e3: 71:e9:0b:1b:b0:24:1c:18:e3:67:3b:cd:c1:62:b1: 28:6f:b0:68:29:a7:38:71:f1:8c:16:33:0b:a6:37: 56:92:6e:a0:c1:2f:38:9a:15:37:89:d3:bf:55:3c: e8:1f:02:c3:51:f4:a1:eb:8e:cb:d9:26:db:07:0b: b6:9e:cc:97:d9:3e:f9:9b:da:a5:37:1d:75:01:dd: 55:ea:66:5e:01:db:d3:ff:cf:19:97:3a:cd:8b:7f: 04:8d:69:cb:2a:b7:a8:47:dc:93:6f:b9:05:61:42: f5:f9:78:46:a3:7d:3e:a0:aa:a2:df:15:cd:c2:10: 1b:dc:b2:76:91:b1:1a:4a:de:a8:c6:70:67:ba:f4: f7:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:62:9F:5C:C4:54:6D:79:82:84:76:D8:DB:CC:3A:FA:65:90:DE:51 X509v3 Authority Key Identifier: keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:aa:7d:83:7a:94:7d:f5:52:ef:88:40:3d:a1:b9:fd:3b:8b: c6:73:9f:4b:f8:11:30:21:f0:e6:88:2e:d5:fc:a2:c8:9f:db: fd:c3:3b:e0:d7:d4:6f:28:cc:f4:46:9c:14:ba:87:30:53:dd: 6f:d9:db:20:94:48:4b:88:cf:34:48:86:2c:b4:40:0f:57:03: 1a:00:a3:be:c3:39:ea:4c:ce:29:40:ad:1c:d3:4d:6e:c9:88: 1f:7c:3f:3e:67:0f:1b:d9:ed:e1:5a:fc:2c:b8:40:29:2f:10: 8a:30:82:84:8f:0f:87:8a:ed:57:00:61:41:c2:eb:b3:4f:cf: b4:67:a8:63:ac:e6:8b:6b:5b:a0:68:ba:0c:f3:6a:0b:c1:d0: b1:6b:d9:bf:4d:2c:e0:50:63:01:51:5a:ee:86:ea:0c:36:be: 2d:50:d8:f0:b1:30:38:41:cd:f5:7a:3c:41:c3:ee:ba:f3:d0: 7d:e7:a9:ea:8a:01:55:07:0d:5e:da:f6:5c:61:e9:99:c0:5e: d1:a4:6b:1e:af:97:8c:44:df:ab:0d:00:40:94:f2:65:45:86: b5:fb:62:1b:47:76:cf:54:72:9a:bb:19:0d:44:67:05:ad:62: 82:c9:1a:b0:aa:ec:8b:77:ca:b5:ec:d2:47:fb:cc:57:da:b3: 68:a1:0f:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtw2Sov8FA+4QnQAvoItTmEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0 ZGRlMmMwHhcNMjUxMjMwMjAwMDM4WhcNMjUxMjMxMjAwMDM4WjAzMTEwLwYDVQQD Eyg0ZDYyOWY1Y2M0NTQ2ZDc5ODI4NDc2ZDhkYmNjM2FmYTY1OTBkZTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAmQphkefp0iFPqAGuArJUjuzf9M OBxiZeKlP6cCnYmRUuLCLJvRf2juwWazjokn+CgIrra3HIhYhOgJdOzk9cEfAcTF +iYtwwMs2M2dNfbfFTvKe1TPUc/3teQ6eRbz6CAlTIeXo/kDYVhSOd3VcGAOFtq/ N+Nx6QsbsCQcGONnO83BYrEob7BoKac4cfGMFjMLpjdWkm6gwS84mhU3idO/VTzo HwLDUfSh647L2SbbBwu2nsyX2T75m9qlNx11Ad1V6mZeAdvT/88ZlzrNi38EjWnL KreoR9yTb7kFYUL1+XhGo30+oKqi3xXNwhAb3LJ2kbEaSt6oxnBnuvT30wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1in1zEVG15goR22NvMOvplkN5RMB8GA1UdIwQY MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct OTg0NzdhODY1M2M3LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3 LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACap9g3qU ffVS74hAPaG5/TuLxnOfS/gRMCHw5ogu1fyiyJ/b/cM74NfUbyjM9EacFLqHMFPd b9nbIJRIS4jPNEiGLLRAD1cDGgCjvsM56kzOKUCtHNNNbsmIH3w/PmcPG9nt4Vr8 LLhAKS8QijCChI8Ph4rtVwBhQcLrs0/PtGeoY6zmi2tboGi6DPNqC8HQsWvZv00s 4FBjAVFa7obqDDa+LVDY8LEwOEHN9Xo8QcPuuvPQfeep6ooBVQcNXtr2XGHpmcBe 0aRrHq+XjETfqw0AQJTyZUWGtftiG0d2z1RymrsZDURnBa1igskasKrsi3fKtezS R/vMV9qzaKEPXg== -----END CERTIFICATE-----Generated at Tue Dec 30 21:59:49 2025 by rpki-client