This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft File: xx85HWDhoTnMxCsXoyqVNj31z7A.mft (raw, json) Hash identifier: 35KMbvAWIhdgt/ztGfsylQvTiK6Tq8gz2jJ2ZkHqFkA= Subject key identifier: E5:29:62:8C:26:0E:50:FF:7D:6B:3E:76:93:8A:BF:0D:31:0D:1A:5F Authority key identifier: C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0 Certificate issuer: /CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0 Certificate serial: 019B4F5FE0D2077FF2AEBB1261A5AE92BE39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft Manifest number: AF Signing time: Wed 24 Dec 2025 08:00:41 +0000 Manifest this update: Wed 24 Dec 2025 08:00:41 +0000 Manifest next update: Thu 25 Dec 2025 08:00:41 +0000 Files and hashes: 1: huTpztbsQALNaxE7iUdUxmvpFuk.roa (hash: sMf2UqH7zZTc0SKWY1HAbVuZYKZQgSMeRF7P6Xn93AA=) 2: xx85HWDhoTnMxCsXoyqVNj31z7A.crl (hash: JjYdpM+Fdyu8Fm7u9X7/F9XJVU4+qF2xJNGzSur4fdU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 08:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:5f:e0:d2:07:7f:f2:ae:bb:12:61:a5:ae:92:be:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0 Validity Not Before: Dec 24 08:00:41 2025 GMT Not After : Dec 25 08:00:41 2025 GMT Subject: CN=e529628c260e50ff7d6b3e76938abf0d310d1a5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ff:ae:97:c9:cd:85:c0:45:9f:d0:69:bd:4c: 89:b3:09:c9:16:36:9c:9d:ea:ea:12:7b:ea:a4:bf: e2:3f:9c:f0:ba:70:b3:df:1d:35:8d:85:d0:08:80: 6e:db:37:9a:fb:77:00:dd:42:29:30:d2:da:bf:67: 55:2c:37:8f:76:d1:f8:31:55:a5:03:89:6b:9c:41: 2c:9c:5c:84:be:07:66:c7:d5:8d:c0:0f:7c:84:06: 56:5a:55:3b:a0:c0:12:d1:df:cc:da:0c:65:8f:98: 40:a6:56:cd:b4:ec:fc:2a:5f:c7:d3:52:f7:d0:9c: db:d6:0c:08:c0:fb:28:58:76:a3:bf:3c:5f:e1:01: 8d:ca:42:76:df:15:c7:41:fe:4a:c1:f5:03:fd:2f: bd:62:4e:a1:d0:16:b1:9b:d8:2f:68:d7:84:e0:a5: 60:34:33:2b:11:90:9a:76:56:a0:e1:cc:d4:d6:e9: cb:60:15:4a:c9:cd:33:49:14:9a:cb:a6:9c:a0:16: 3d:6e:26:a1:48:30:eb:50:4c:fd:f8:5c:ff:88:92: a7:06:f6:fc:a4:c8:bc:6d:7b:5b:39:15:9d:72:4e: 0e:c0:6d:e4:80:8f:86:cd:50:66:79:f3:82:43:c9: d2:b5:38:16:8a:40:e5:24:5b:2a:49:b9:05:2f:9f: 6c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:29:62:8C:26:0E:50:FF:7D:6B:3E:76:93:8A:BF:0D:31:0D:1A:5F X509v3 Authority Key Identifier: keyid:C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:a5:55:97:67:a5:f8:94:cf:07:09:83:7f:d2:a4:bf:af:53: fb:f2:23:f8:06:82:c2:10:5b:77:b9:a8:eb:37:d7:24:f2:62: df:56:1e:7a:c3:f5:d8:14:ff:4e:43:8c:30:91:37:b3:a1:ac: 39:c1:c1:45:cb:17:54:4a:25:1e:d9:c8:d7:8c:88:31:50:8d: 49:13:0d:a5:09:09:14:5e:72:4e:af:95:de:80:39:20:75:3c: e3:3e:4c:10:b8:67:f6:7e:64:b2:9e:10:a9:93:6d:e7:ef:87: 53:af:52:a7:28:19:50:4b:4f:c5:0e:07:bb:c6:27:c2:02:90: 2f:fd:59:22:bd:6a:47:16:3b:f8:c9:5d:27:26:12:0b:fe:92: da:a0:2f:6f:9d:8f:7f:7e:1f:ff:eb:ba:a1:8c:c2:40:3c:c5: 7e:c6:86:b5:95:05:b8:53:8c:39:c3:2e:99:a7:e0:e5:58:4d: 67:1b:a1:c0:5e:44:c6:c1:1d:20:52:77:34:f4:3e:53:ce:f2: 8d:1f:c6:15:e8:9a:76:9a:9d:90:be:2e:fe:96:db:00:69:35: 3a:1a:13:df:86:2c:e8:59:d0:b8:bc:0d:d8:08:79:cc:2a:38: 62:d4:48:30:17:22:e6:4a:8d:b1:00:92:81:b2:9c:bc:58:89: 93:e5:48:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPX+DSB3/yrrsSYaWukr45MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MWYzOTFkNjBlMWExMzljY2M0MmIxN2EzMmE5NTM2M2Rm NWNmYjAwHhcNMjUxMjI0MDgwMDQxWhcNMjUxMjI1MDgwMDQxWjAzMTEwLwYDVQQD EyhlNTI5NjI4YzI2MGU1MGZmN2Q2YjNlNzY5MzhhYmYwZDMxMGQxYTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP+ul8nNhcBFn9BpvUyJswnJFjac nerqEnvqpL/iP5zwunCz3x01jYXQCIBu2zea+3cA3UIpMNLav2dVLDePdtH4MVWl A4lrnEEsnFyEvgdmx9WNwA98hAZWWlU7oMAS0d/M2gxlj5hAplbNtOz8Kl/H01L3 0Jzb1gwIwPsoWHajvzxf4QGNykJ23xXHQf5KwfUD/S+9Yk6h0Baxm9gvaNeE4KVg NDMrEZCadlag4czU1unLYBVKyc0zSRSay6acoBY9biahSDDrUEz9+Fz/iJKnBvb8 pMi8bXtbORWdck4OwG3kgI+GzVBmefOCQ8nStTgWikDlJFsqSbkFL59sowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOUpYowmDlD/fWs+dpOKvw0xDRpfMB8GA1UdIwQY MBaAFMcfOR1g4aE5zMQrF6MqlTY99c+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAt NjU0MWNjMDA2ZWFjLzEveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAtNjU0MWNjMDA2ZWFj LzEveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaVVl2el +JTPBwmDf9Kkv69T+/Ij+AaCwhBbd7mo6zfXJPJi31YeesP12BT/TkOMMJE3s6Gs OcHBRcsXVEolHtnI14yIMVCNSRMNpQkJFF5yTq+V3oA5IHU84z5MELhn9n5ksp4Q qZNt5++HU69SpygZUEtPxQ4Hu8YnwgKQL/1ZIr1qRxY7+MldJyYSC/6S2qAvb52P f34f/+u6oYzCQDzFfsaGtZUFuFOMOcMumafg5VhNZxuhwF5ExsEdIFJ3NPQ+U87y jR/GFeiadpqdkL4u/pbbAGk1OhoT34Ys6FnQuLwN2Ah5zCo4YtRIMBci5kqNsQCS gbKcvFiJk+VIMQ== -----END CERTIFICATE-----Generated at Wed Dec 24 14:24:52 2025 by rpki-client