This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json) Hash identifier: XXg8VqHMTE4xdV5YUtxAOOyfMT/WXruYq9RPd45G83k= Subject key identifier: B4:A5:4C:7B:8B:9D:55:54:8F:0F:FD:4F:55:38:FD:11:C6:0C:3E:2B Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Certificate serial: 019AF23F8F6904D8B597A1B8D70A18D17083 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft Manifest number: 115C Signing time: Sat 06 Dec 2025 06:00:42 +0000 Manifest this update: Sat 06 Dec 2025 06:00:42 +0000 Manifest next update: Sun 07 Dec 2025 06:00:42 +0000 Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: YMxiD+7ahgOQDpQDsDEnFTHsEElHrVuQ4MpdXKch6nQ=) 2: yQMt2r0-C951BN6h68fRFJDbCC8.roa (hash: tYqh+1wBm4KwmsyhvHbFDKO/UGyJb2eTnTj9n8iYekw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:8f:69:04:d8:b5:97:a1:b8:d7:0a:18:d1:70:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab Validity Not Before: Dec 6 06:00:42 2025 GMT Not After : Dec 7 06:00:42 2025 GMT Subject: CN=b4a54c7b8b9d55548f0ffd4f5538fd11c60c3e2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:63:82:13:bc:01:01:bf:e6:22:bb:af:9a:ce: a3:f9:58:a0:8c:28:f8:dd:b7:32:a3:6a:2c:36:43: f5:3b:8d:a2:26:ce:37:b2:16:37:94:26:95:53:2c: 10:f6:69:cf:51:ba:2d:78:66:60:73:50:09:72:a0: bb:1c:d8:74:f1:58:d9:5e:d4:f0:7a:9d:d7:21:a4: a9:6b:c9:e2:89:12:9f:31:d9:1a:f5:2d:e9:da:6d: b8:5d:34:92:4c:ad:93:58:3b:af:b6:3c:e4:82:0f: d9:ba:69:ff:fb:95:36:9d:89:95:56:20:39:0c:1d: 9e:da:cb:8b:de:00:c3:42:24:4a:26:b6:89:b4:b2: 8b:23:54:9b:a3:9a:63:fc:7c:a5:94:e2:4c:e3:45: 8f:bb:bc:a2:0c:9b:9f:fd:05:57:f4:4a:08:0c:7e: 5d:d7:f2:45:48:86:d7:a4:e5:cc:6e:d3:e9:5d:7a: 34:56:9b:d4:0d:dc:59:90:75:57:54:9c:a6:59:c5: 0c:a5:a6:05:76:1d:e2:56:f5:b9:53:95:68:56:5e: ba:9e:05:41:04:a4:9a:57:21:cf:08:3f:52:50:67: f5:8d:15:f1:d5:52:d3:21:64:bf:12:16:6a:a8:11: 27:d7:de:41:a5:61:ee:08:75:79:db:9c:48:3d:0b: b1:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:A5:4C:7B:8B:9D:55:54:8F:0F:FD:4F:55:38:FD:11:C6:0C:3E:2B X509v3 Authority Key Identifier: keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:89:a2:77:38:4d:f1:e2:dc:91:84:bc:95:a7:bf:5b:bf:ac: f6:30:12:a3:a6:df:54:a0:17:39:a4:0a:3b:6d:4f:c1:aa:a5: 33:71:0e:6b:d0:7a:09:58:9f:65:5d:f4:83:97:e5:89:3f:5d: f2:da:28:cb:83:88:e1:ec:52:a5:8f:2d:7e:96:82:f5:66:4f: 32:01:0d:ae:6a:8a:b9:b9:5e:c3:a5:2a:57:bc:37:c3:e8:c6: 2e:f9:24:7c:c0:14:c0:bc:e0:81:2d:c6:a5:fa:36:c5:8a:43: 28:bb:40:85:a8:0e:e5:e9:68:15:9e:2c:7f:d3:99:5c:e2:70: f9:d3:3e:4c:a5:ba:3a:2f:d3:68:37:40:0a:cc:b7:e4:98:84: a0:fe:ec:60:44:07:46:d2:8d:58:44:3f:04:4b:25:43:e9:24: 1d:aa:e5:65:c1:38:03:30:a7:3a:98:9e:99:f7:c8:93:ed:08: 81:95:f0:0b:50:0d:9d:5d:7a:29:0e:1a:8e:ae:61:57:2c:d0: 5e:01:2e:26:6e:e0:82:ed:c8:59:d4:6b:23:22:75:e6:42:74: 76:78:b3:98:79:a6:74:a4:33:a3:f9:8c:d9:f1:cf:77:97:42: 34:85:93:ba:5a:02:ba:12:df:fb:ba:75:96:60:79:f5:f6:3e: 79:08:24:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP49pBNi1l6G41woY0XCDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw ZDNkYWIwHhcNMjUxMjA2MDYwMDQyWhcNMjUxMjA3MDYwMDQyWjAzMTEwLwYDVQQD EyhiNGE1NGM3YjhiOWQ1NTU0OGYwZmZkNGY1NTM4ZmQxMWM2MGMzZTJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWOCE7wBAb/mIruvms6j+VigjCj4 3bcyo2osNkP1O42iJs43shY3lCaVUywQ9mnPUboteGZgc1AJcqC7HNh08VjZXtTw ep3XIaSpa8niiRKfMdka9S3p2m24XTSSTK2TWDuvtjzkgg/Zumn/+5U2nYmVViA5 DB2e2suL3gDDQiRKJraJtLKLI1Sbo5pj/HyllOJM40WPu7yiDJuf/QVX9EoIDH5d 1/JFSIbXpOXMbtPpXXo0VpvUDdxZkHVXVJymWcUMpaYFdh3iVvW5U5VoVl66ngVB BKSaVyHPCD9SUGf1jRXx1VLTIWS/EhZqqBEn195BpWHuCHV525xIPQuxxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSlTHuLnVVUjw/9T1U4/RHGDD4rMB8GA1UdIwQY MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4 LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZImidzhN 8eLckYS8lae/W7+s9jASo6bfVKAXOaQKO21PwaqlM3EOa9B6CVifZV30g5fliT9d 8tooy4OI4exSpY8tfpaC9WZPMgENrmqKublew6UqV7w3w+jGLvkkfMAUwLzggS3G pfo2xYpDKLtAhagO5eloFZ4sf9OZXOJw+dM+TKW6Oi/TaDdACsy35JiEoP7sYEQH RtKNWEQ/BEslQ+kkHarlZcE4AzCnOpiemffIk+0IgZXwC1ANnV16KQ4ajq5hVyzQ XgEuJm7ggu3IWdRrIyJ15kJ0dnizmHmmdKQzo/mM2fHPd5dCNIWTuloCuhLf+7p1 lmB59fY+eQgkvg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:02:41 2025 by rpki-client