This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft File: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft (raw, json) Hash identifier: yYq1adAldEsQyifB3uKElDBKqDTnqSV9TIwQeju5ZHY= Subject key identifier: D4:FC:CE:E5:C8:9D:FF:50:41:FB:1A:9E:B9:13:9A:7B:E7:B2:B5:EC Authority key identifier: C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E Certificate issuer: /CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e Certificate serial: 019B3C7F5426F1A2AA4645F3BF0AC1A9A842 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft Manifest number: 0926 Signing time: Sat 20 Dec 2025 16:02:16 +0000 Manifest this update: Sat 20 Dec 2025 16:02:16 +0000 Manifest next update: Sun 21 Dec 2025 16:02:16 +0000 Files and hashes: 1: ZYhttRWwRR-QF8jloAZFKuhooqE.roa (hash: eO0V42mhSgtEZOqn/NTkR+4pbvAmlZ4nSZ0JyynFqN4=) 2: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl (hash: 1bCZN3A8U4jINxJE/zgTZXex0a4LkSIoekw4SIq/zKA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:54:26:f1:a2:aa:46:45:f3:bf:0a:c1:a9:a8:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e Validity Not Before: Dec 20 16:02:16 2025 GMT Not After : Dec 21 16:02:16 2025 GMT Subject: CN=d4fccee5c89dff5041fb1a9eb9139a7be7b2b5ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:4b:14:91:60:db:55:f9:9c:d9:49:8a:f6:2b: 50:da:2e:d6:98:da:da:44:bf:63:b3:32:35:fc:52: 95:c1:6f:01:10:ed:5c:23:33:d1:02:99:e4:7f:18: 8f:e9:20:1e:40:0b:54:79:d0:02:00:43:e5:76:fd: 4b:0c:df:6b:a6:89:36:83:9c:b5:07:32:f5:62:1f: 96:17:7c:a0:0e:dd:0d:38:87:69:c5:b5:a4:eb:8c: f5:af:0b:14:aa:ca:0e:d3:d4:69:03:e5:96:fa:ec: db:26:f6:43:46:db:07:db:3a:11:66:04:6b:19:99: f8:ea:e6:ea:01:ed:d0:d5:2d:c3:e9:eb:21:d5:1e: 55:e8:1a:7b:40:97:32:9b:0b:fb:d0:e2:14:d8:7a: 98:d4:2c:56:ce:8c:d9:97:4b:36:34:e7:c6:e1:98: c4:95:32:b6:fe:95:38:cd:ff:30:ad:7b:9d:73:07: 03:ac:ec:b4:36:29:7c:08:7c:1b:bb:84:d6:65:7f: 34:33:8f:49:58:8b:4e:1d:20:14:d6:87:07:fe:1d: 2e:6c:e6:d2:12:9f:f9:80:cb:e6:da:09:44:f2:12: 90:a1:d2:78:4e:54:f7:87:9b:7f:a5:48:c8:38:c5: 44:24:3e:3f:c7:63:63:0c:46:de:4d:af:e0:39:e2: 00:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:FC:CE:E5:C8:9D:FF:50:41:FB:1A:9E:B9:13:9A:7B:E7:B2:B5:EC X509v3 Authority Key Identifier: keyid:C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:5a:3e:7d:21:d0:61:e5:a6:c6:2d:34:b0:5e:f0:6d:1e:43: bb:41:d2:5b:cf:16:4b:c7:91:d8:c7:c6:25:8a:b1:48:26:8d: c0:a8:4f:2f:90:ba:05:9c:fd:ca:5f:40:d6:db:e4:38:b4:5e: e1:71:08:8a:41:90:bc:28:11:0b:19:f6:1b:ef:12:b4:fa:7c: aa:16:6c:f2:96:23:d5:39:f5:a8:4e:77:10:36:35:fc:81:5b: a5:51:76:56:a3:0f:22:c4:22:ad:b0:ad:e0:11:0e:65:35:26: 25:3a:ce:67:a9:e8:61:df:8c:76:3b:e4:eb:96:db:21:1d:ce: bc:c6:0a:3d:74:86:89:f5:18:28:81:55:3f:eb:ee:31:bb:7f: bb:39:da:08:23:51:90:8a:b0:ea:1b:a9:b6:97:95:17:9e:87: 01:0d:9e:a9:1b:9d:51:16:d6:eb:0e:c0:6b:29:da:f3:97:20: 22:30:77:78:ca:17:32:00:12:b7:63:47:b9:e2:b3:90:6b:ac: 43:02:13:65:9a:29:e8:d1:e5:06:71:ac:1f:8c:6f:ab:d9:73: 21:06:72:50:63:0e:b2:ad:99:72:32:50:11:ab:8c:35:fc:67: d7:60:52:52:3c:e5:45:1f:9e:c6:89:37:cc:44:18:bf:6d:1b: 44:d0:19:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f1Qm8aKqRkXzvwrBqahCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0M2M3NDAyMmNiYmYwYjNjZmZmNjAzMWQ2ZDJkZTAzNjlj OTllNGUwHhcNMjUxMjIwMTYwMjE2WhcNMjUxMjIxMTYwMjE2WjAzMTEwLwYDVQQD EyhkNGZjY2VlNWM4OWRmZjUwNDFmYjFhOWViOTEzOWE3YmU3YjJiNWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ksUkWDbVfmc2UmK9itQ2i7WmNra RL9jszI1/FKVwW8BEO1cIzPRApnkfxiP6SAeQAtUedACAEPldv1LDN9rpok2g5y1 BzL1Yh+WF3ygDt0NOIdpxbWk64z1rwsUqsoO09RpA+WW+uzbJvZDRtsH2zoRZgRr GZn46ubqAe3Q1S3D6esh1R5V6Bp7QJcymwv70OIU2HqY1CxWzozZl0s2NOfG4ZjE lTK2/pU4zf8wrXudcwcDrOy0Nil8CHwbu4TWZX80M49JWItOHSAU1ocH/h0ubObS Ep/5gMvm2glE8hKQodJ4TlT3h5t/pUjIOMVEJD4/x2NjDEbeTa/gOeIAMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNT8zuXInf9QQfsanrkTmnvnsrXsMB8GA1UdIwQY MBaAFMQ8dAIsu/Czz/9gMdbS3gNpyZ5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzIt MjUwZTU1YjlkNGE5LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzItMjUwZTU1YjlkNGE5 LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARVo+fSHQ YeWmxi00sF7wbR5Du0HSW88WS8eR2MfGJYqxSCaNwKhPL5C6BZz9yl9A1tvkOLRe 4XEIikGQvCgRCxn2G+8StPp8qhZs8pYj1Tn1qE53EDY1/IFbpVF2VqMPIsQirbCt 4BEOZTUmJTrOZ6noYd+Mdjvk65bbIR3OvMYKPXSGifUYKIFVP+vuMbt/uznaCCNR kIqw6huptpeVF56HAQ2eqRudURbW6w7Aayna85cgIjB3eMoXMgASt2NHueKzkGus QwITZZop6NHlBnGsH4xvq9lzIQZyUGMOsq2ZcjJQEauMNfxn12BSUjzlRR+exok3 zEQYv20bRNAZmA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:31:03 2025 by rpki-client