This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json) Hash identifier: /1Q+h26csR2iogfxYM0vr6Yx4oyAg7tcifcTY+HM8/U= Subject key identifier: B3:C0:1D:A9:D4:2E:AA:1F:7F:BD:3A:7C:4F:05:BE:2E:3D:59:1E:01 Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5 Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5 Certificate serial: 019B3D599F0DFA6D7273D9A723A7B618DFAF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft Manifest number: 0BC0 Signing time: Sat 20 Dec 2025 20:00:42 +0000 Manifest this update: Sat 20 Dec 2025 20:00:42 +0000 Manifest next update: Sun 21 Dec 2025 20:00:42 +0000 Files and hashes: 1: IzmeYXYlO_xmlW74WeQyL7gffpE.roa (hash: Z5XX/V/bAHCE8fRhzNUzhUtEMOMQ14B1YoCinHSL1lM=) 2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: n8s/F5wYxyudgGh84Bh5bA7r3kCAgm7rOkhWV7j2d3U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:9f:0d:fa:6d:72:73:d9:a7:23:a7:b6:18:df:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5 Validity Not Before: Dec 20 20:00:42 2025 GMT Not After : Dec 21 20:00:42 2025 GMT Subject: CN=b3c01da9d42eaa1f7fbd3a7c4f05be2e3d591e01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:5e:7c:43:3f:e2:5c:cf:f6:40:ad:54:92:12: 57:da:07:8e:5e:73:cb:4f:62:16:11:1b:6b:2f:6a: 2c:d9:10:04:3f:49:93:46:5f:e0:d3:33:d8:cd:d3: 26:d9:c9:13:b8:7e:5e:02:b0:60:49:18:fd:6c:15: 99:5b:a3:84:f7:99:b6:2f:a7:10:c4:5a:47:06:99: 9e:33:d4:3e:83:c5:9f:d1:4e:ec:70:cf:6a:27:3b: 07:70:a0:ef:4a:5e:6c:5f:3e:21:fb:34:b7:69:82: 35:35:be:db:f9:a5:ed:00:10:98:0b:29:5d:2a:bc: a2:5a:e7:b2:14:7a:96:28:fa:c9:8d:ff:a2:c4:42: 17:f7:f3:b0:87:71:eb:98:17:6f:b0:f1:54:5a:79: 2d:32:a7:89:dd:d2:da:a4:e1:80:52:43:84:52:7c: c1:4c:11:16:ab:d2:4c:96:a1:d4:a0:22:fb:cf:76: 69:b2:f7:ae:ab:99:9d:d7:ac:c8:da:8f:56:bb:a6: 55:99:cd:4a:03:48:57:06:ef:fa:a1:78:57:e6:2c: 64:99:4f:00:79:da:8f:2a:e1:73:b4:1d:d0:23:1f: e7:2e:30:e2:92:3d:3e:5f:b6:d8:a4:de:cd:06:e3: da:c5:08:90:2b:30:43:b4:96:e2:fd:c4:97:1d:a7: d6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C0:1D:A9:D4:2E:AA:1F:7F:BD:3A:7C:4F:05:BE:2E:3D:59:1E:01 X509v3 Authority Key Identifier: keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:66:01:48:ca:5e:79:96:0d:85:78:f9:79:c4:0c:ce:c9:88: 24:c7:7b:c2:7e:01:4d:92:05:5e:35:7d:16:79:23:74:a0:bb: f1:f4:0d:93:7d:bd:46:3c:7e:68:5c:b7:f4:df:18:83:6a:d6: e1:02:50:37:09:89:a7:48:fa:44:fe:f6:8c:bd:b8:40:56:d4: 68:f3:fc:33:e9:d0:37:5e:b9:70:4a:c8:72:22:91:0a:c4:ee: 75:f1:00:05:19:5d:0a:d9:5c:19:65:60:de:a0:d0:ef:39:1f: cf:70:9f:30:00:b3:b0:0a:ec:fa:11:e3:12:86:93:fb:0d:1d: ca:97:5d:e6:43:2a:74:8b:2d:cb:1f:00:5f:45:8a:a3:4c:6a: e8:21:c3:e6:29:55:17:d6:76:15:bf:d6:51:0a:2f:e8:d2:68: 3e:57:46:a0:36:82:99:4a:55:78:f2:b6:42:b8:e8:fb:b6:3d: 0e:bf:45:7f:08:94:26:eb:80:3c:f4:21:4b:e1:2d:ca:98:32: d3:11:df:d3:30:31:d2:4e:c0:d9:e0:8f:0b:34:34:6e:35:54: d3:1a:03:55:34:6c:79:ed:f3:ef:85:56:26:39:1b:20:61:8d: b4:07:b1:96:62:d3:18:bd:96:ee:5a:81:ca:00:d7:04:43:2c: 17:aa:05:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WZ8N+m1yc9mnI6e2GN+vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky MThlZjUwHhcNMjUxMjIwMjAwMDQyWhcNMjUxMjIxMjAwMDQyWjAzMTEwLwYDVQQD EyhiM2MwMWRhOWQ0MmVhYTFmN2ZiZDNhN2M0ZjA1YmUyZTNkNTkxZTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx158Qz/iXM/2QK1UkhJX2geOXnPL T2IWERtrL2os2RAEP0mTRl/g0zPYzdMm2ckTuH5eArBgSRj9bBWZW6OE95m2L6cQ xFpHBpmeM9Q+g8Wf0U7scM9qJzsHcKDvSl5sXz4h+zS3aYI1Nb7b+aXtABCYCyld KryiWueyFHqWKPrJjf+ixEIX9/Owh3HrmBdvsPFUWnktMqeJ3dLapOGAUkOEUnzB TBEWq9JMlqHUoCL7z3Zpsveuq5md16zI2o9Wu6ZVmc1KA0hXBu/6oXhX5ixkmU8A edqPKuFztB3QIx/nLjDikj0+X7bYpN7NBuPaxQiQKzBDtJbi/cSXHafWJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLPAHanULqoff706fE8Fvi49WR4BMB8GA1UdIwQY MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZmYBSMpe eZYNhXj5ecQMzsmIJMd7wn4BTZIFXjV9FnkjdKC78fQNk329Rjx+aFy39N8Yg2rW 4QJQNwmJp0j6RP72jL24QFbUaPP8M+nQN165cErIciKRCsTudfEABRldCtlcGWVg 3qDQ7zkfz3CfMACzsArs+hHjEoaT+w0dypdd5kMqdIstyx8AX0WKo0xq6CHD5ilV F9Z2Fb/WUQov6NJoPldGoDaCmUpVePK2Qrjo+7Y9Dr9FfwiUJuuAPPQhS+Etypgy 0xHf0zAx0k7A2eCPCzQ0bjVU0xoDVTRsee3z74VWJjkbIGGNtAexlmLTGL2W7lqB ygDXBEMsF6oFoQ== -----END CERTIFICATE-----Generated at Sat Dec 20 21:46:40 2025 by rpki-client