This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json) Hash identifier: 4foC8Tc/RCj+jO+Iwo7KkHI5R/HkEpp6+JnB80u+g8o= Subject key identifier: 07:F1:23:28:81:C9:30:91:BE:6E:48:BF:DA:D4:F3:A0:08:33:77:51 Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4 Certificate serial: 019AF31B96E5D56C5840A1EEF0CC8EC6E2B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft Manifest number: 1271 Signing time: Sat 06 Dec 2025 10:01:02 +0000 Manifest this update: Sat 06 Dec 2025 10:01:02 +0000 Manifest next update: Sun 07 Dec 2025 10:01:02 +0000 Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=) 2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: 5ixuKDx4CGAC1gbKINOY6J8PcwRgnyiO5PkAraerBFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:96:e5:d5:6c:58:40:a1:ee:f0:cc:8e:c6:e2:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4 Validity Not Before: Dec 6 10:01:02 2025 GMT Not After : Dec 7 10:01:02 2025 GMT Subject: CN=07f1232881c93091be6e48bfdad4f3a008337751 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:fd:49:39:49:d7:14:37:c2:76:ea:41:ef:72: e5:8e:41:9f:5a:b4:ad:1d:5a:37:b0:c1:39:bc:d4: 10:35:35:ee:65:c6:75:11:cf:6b:27:12:b2:8d:93: 1e:f8:4b:85:82:9c:bf:da:7a:2f:f7:10:7c:01:9b: 47:f2:81:f5:ad:63:fe:74:5a:73:d7:09:d2:65:03: 4e:c6:6d:d8:53:9d:67:3f:09:c4:d5:a4:89:5c:8d: 7d:b0:3c:18:37:55:d0:94:ca:05:d2:29:b1:74:84: c5:91:12:78:c9:46:b4:55:d2:d5:4c:49:4e:71:7a: 78:1a:2c:02:39:d7:13:68:d4:14:38:17:59:d7:0f: 29:e7:47:10:e9:b3:2d:aa:32:90:4c:9b:e3:7b:9a: 6e:a2:91:db:ff:21:b5:9f:49:1c:aa:f6:8c:3a:a8: d7:65:be:3c:8a:e9:98:41:9b:c6:73:0c:5c:06:76: c7:77:dc:68:d0:a0:f8:d8:a7:0e:73:40:8e:37:14: 24:88:c2:cd:55:03:e2:46:e2:8e:8b:2e:f4:eb:4c: 55:2f:c1:50:68:ec:8b:65:54:8f:8a:d2:53:14:f7: a2:52:0c:c9:81:b4:ff:8e:65:ba:c8:d1:0d:37:94: 96:8a:45:fc:26:09:d7:10:f1:75:fc:d9:f3:ca:f9: 1e:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:F1:23:28:81:C9:30:91:BE:6E:48:BF:DA:D4:F3:A0:08:33:77:51 X509v3 Authority Key Identifier: keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:51:c3:d4:8a:d3:10:4b:43:94:51:ea:69:68:e0:7a:2e:b5: 77:5a:fd:ea:4b:41:f6:10:b9:29:27:f7:03:d8:e6:e2:ff:41: 51:be:c0:a2:ba:b1:5d:a6:eb:b9:1a:d5:0f:33:d2:f5:e1:df: 0f:46:7e:8c:5f:48:06:c8:f2:6d:1f:95:5c:37:a9:cb:c0:9a: 06:b1:b3:f5:7f:ad:cc:db:0c:a5:c9:64:fd:9e:50:c3:9e:91: 6e:8b:dc:a6:ad:46:cf:28:1a:38:70:16:54:4f:91:0e:6f:a0: ca:f3:70:37:fa:a3:d4:b7:d7:74:38:06:b2:a4:7b:e6:21:c3: b0:9e:7d:65:29:98:01:7c:4d:3f:67:35:8a:08:13:b0:ee:c9: 30:da:04:b8:cc:63:80:87:65:d6:fa:f9:29:fa:d3:6f:d9:2c: 43:be:31:ea:d4:aa:ca:a8:04:54:fb:6d:8f:0a:d6:f4:5a:64: bb:6a:51:69:4e:fd:9d:b2:b6:51:f0:5a:e9:11:7f:c5:d8:61: 48:44:8d:68:12:9a:d0:eb:1b:e5:a8:5f:06:06:c5:0e:b2:73: 69:0d:a6:d8:ef:0b:63:96:da:1c:44:10:a3:55:45:e7:5a:33: 9e:cb:27:fe:50:0e:7d:50:5d:4f:ea:1d:63:a7:5c:43:aa:0e: 93:ac:4b:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5bl1WxYQKHu8MyOxuK4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz ZTIwZTQwHhcNMjUxMjA2MTAwMTAyWhcNMjUxMjA3MTAwMTAyWjAzMTEwLwYDVQQD EygwN2YxMjMyODgxYzkzMDkxYmU2ZTQ4YmZkYWQ0ZjNhMDA4MzM3NzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P1JOUnXFDfCdupB73LljkGfWrSt HVo3sME5vNQQNTXuZcZ1Ec9rJxKyjZMe+EuFgpy/2nov9xB8AZtH8oH1rWP+dFpz 1wnSZQNOxm3YU51nPwnE1aSJXI19sDwYN1XQlMoF0imxdITFkRJ4yUa0VdLVTElO cXp4GiwCOdcTaNQUOBdZ1w8p50cQ6bMtqjKQTJvje5puopHb/yG1n0kcqvaMOqjX Zb48iumYQZvGcwxcBnbHd9xo0KD42KcOc0CONxQkiMLNVQPiRuKOiy7060xVL8FQ aOyLZVSPitJTFPeiUgzJgbT/jmW6yNENN5SWikX8JgnXEPF1/NnzyvkeYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAfxIyiByTCRvm5Iv9rU86AIM3dRMB8GA1UdIwQY MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVHD1IrT EEtDlFHqaWjgei61d1r96ktB9hC5KSf3A9jm4v9BUb7AorqxXabruRrVDzPS9eHf D0Z+jF9IBsjybR+VXDepy8CaBrGz9X+tzNsMpclk/Z5Qw56Rbovcpq1GzygaOHAW VE+RDm+gyvNwN/qj1LfXdDgGsqR75iHDsJ59ZSmYAXxNP2c1iggTsO7JMNoEuMxj gIdl1vr5KfrTb9ksQ74x6tSqyqgEVPttjwrW9Fpku2pRaU79nbK2UfBa6RF/xdhh SESNaBKa0Osb5ahfBgbFDrJzaQ2m2O8LY5baHEQQo1VF51oznssn/lAOfVBdT+od Y6dcQ6oOk6xL1g== -----END CERTIFICATE-----Generated at Sat Dec 6 15:25:19 2025 by rpki-client