This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json) Hash identifier: M9AMXh5aICL2EheveGgImbh2j++A69HUVk8w/AxHlvY= Subject key identifier: 0E:CB:79:F3:70:D0:C4:C0:D2:DC:81:A1:CE:C6:87:5D:7A:B5:9A:FC Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Certificate serial: 019B4249BDC3C090DE9252C86768B4701C62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft Manifest number: 0689 Signing time: Sun 21 Dec 2025 19:01:27 +0000 Manifest this update: Sun 21 Dec 2025 19:01:27 +0000 Manifest next update: Mon 22 Dec 2025 19:01:27 +0000 Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=) 2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: Xb00TLrNCwlxzWPYRXmtrcPhs+Pkzgc/kq6clZXuMPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:bd:c3:c0:90:de:92:52:c8:67:68:b4:70:1c:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Validity Not Before: Dec 21 19:01:27 2025 GMT Not After : Dec 22 19:01:27 2025 GMT Subject: CN=0ecb79f370d0c4c0d2dc81a1cec6875d7ab59afc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:61:da:89:45:f3:ad:c7:57:1b:c6:40:27:8e: 8e:43:d8:30:93:0d:59:16:19:18:06:c8:53:b0:5b: d1:05:e3:3a:5a:77:0f:94:ed:02:06:63:2b:06:18: 56:32:98:b0:12:1a:b7:d2:cd:36:3a:11:58:b0:88: 23:a4:38:96:16:2f:e1:71:b0:46:e9:93:7d:54:c1: 4e:41:35:04:0e:33:e6:00:ae:cf:9c:b9:e7:2c:a2: 67:73:78:58:58:01:18:88:1b:ee:ed:55:e1:2f:87: 86:47:2a:e3:08:d6:9e:5d:86:92:ae:9c:73:cd:7d: 49:d7:68:29:d9:00:0b:0f:1f:46:f6:24:30:d0:3f: 54:71:3a:af:08:d1:72:fd:6c:53:0a:06:2f:70:0e: f8:e9:d8:b9:3b:1f:cd:3a:b4:7f:64:90:bf:6d:c9: ce:b4:d9:63:f8:ab:22:7d:ff:68:0e:40:51:76:06: 07:75:ff:99:5c:a6:b6:6e:98:de:f1:f4:e2:f3:16: 48:6e:fd:74:ea:84:af:98:79:8d:63:9c:ac:5c:bc: a2:41:ca:63:9a:0c:6d:69:19:60:ae:d5:51:30:be: c6:17:f7:80:27:3d:d2:46:53:6b:5d:18:65:f3:e7: d4:83:a1:8b:af:16:b5:2e:e3:81:31:54:39:f9:33: ee:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:CB:79:F3:70:D0:C4:C0:D2:DC:81:A1:CE:C6:87:5D:7A:B5:9A:FC X509v3 Authority Key Identifier: keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:d5:a0:6b:f0:84:a9:14:d1:25:48:f8:28:ca:95:f7:75:f5: 04:7a:b4:b4:8c:4a:7e:06:d9:dd:9b:8e:e6:8f:9d:83:19:b2: 5f:3a:d9:f3:d8:4f:3b:ee:22:d0:96:4f:e1:44:1c:b7:d9:1e: 02:72:2c:65:bd:ed:5f:1a:a2:37:2c:a2:52:4e:0a:16:88:55: 7d:8d:b4:06:d9:93:ec:95:2d:49:06:6b:ab:2f:8b:f7:d5:bb: 3a:57:d4:2c:83:a0:98:6c:80:1a:9d:0a:17:e4:91:4d:5c:09: 95:67:8b:25:46:23:84:54:88:6d:0d:58:80:54:fe:f3:40:f9: 02:45:a3:c6:3c:55:cb:75:7b:ba:95:b3:a2:e8:cb:bc:05:10: 0b:cd:67:62:82:49:31:b2:0c:67:5a:82:25:22:ba:bd:a2:6e: 44:30:4b:a4:07:51:91:71:03:ff:88:f6:07:7e:c0:cd:6e:83: 9b:ec:59:b3:7e:a2:15:9e:ef:05:0e:18:36:63:e0:f6:fa:47: b7:03:cc:f2:51:43:23:ed:62:f3:7f:20:d1:6b:75:7f:3c:a5: 98:54:37:8e:a8:c0:22:c0:94:44:df:31:67:d9:5d:ee:18:5d: e9:24:e9:48:d9:fd:b1:82:ed:5b:fb:a5:66:71:98:1d:d4:ca: 4e:54:27:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSb3DwJDeklLIZ2i0cBxiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5 MDUwNzEwHhcNMjUxMjIxMTkwMTI3WhcNMjUxMjIyMTkwMTI3WjAzMTEwLwYDVQQD EygwZWNiNzlmMzcwZDBjNGMwZDJkYzgxYTFjZWM2ODc1ZDdhYjU5YWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WHaiUXzrcdXG8ZAJ46OQ9gwkw1Z FhkYBshTsFvRBeM6WncPlO0CBmMrBhhWMpiwEhq30s02OhFYsIgjpDiWFi/hcbBG 6ZN9VMFOQTUEDjPmAK7PnLnnLKJnc3hYWAEYiBvu7VXhL4eGRyrjCNaeXYaSrpxz zX1J12gp2QALDx9G9iQw0D9UcTqvCNFy/WxTCgYvcA746di5Ox/NOrR/ZJC/bcnO tNlj+Ksiff9oDkBRdgYHdf+ZXKa2bpje8fTi8xZIbv106oSvmHmNY5ysXLyiQcpj mgxtaRlgrtVRML7GF/eAJz3SRlNrXRhl8+fUg6GLrxa1LuOBMVQ5+TPuMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA7LefNw0MTA0tyBoc7Gh116tZr8MB8GA1UdIwQY MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFtWga/CE qRTRJUj4KMqV93X1BHq0tIxKfgbZ3ZuO5o+dgxmyXzrZ89hPO+4i0JZP4UQct9ke AnIsZb3tXxqiNyyiUk4KFohVfY20BtmT7JUtSQZrqy+L99W7OlfULIOgmGyAGp0K F+SRTVwJlWeLJUYjhFSIbQ1YgFT+80D5AkWjxjxVy3V7upWzoujLvAUQC81nYoJJ MbIMZ1qCJSK6vaJuRDBLpAdRkXED/4j2B37AzW6Dm+xZs36iFZ7vBQ4YNmPg9vpH twPM8lFDI+1i838g0Wt1fzylmFQ3jqjAIsCURN8xZ9ld7hhd6STpSNn9sYLtW/ul ZnGYHdTKTlQnug== -----END CERTIFICATE-----Generated at Mon Dec 22 01:02:09 2025 by rpki-client