This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft File: xHKa8T09FW9BGXaxduVU-mcddvc.mft (raw, json) Hash identifier: cVcZqLupy7wPvz4WWU90Q2bVCGwIenlABIz2vBzgORo= Subject key identifier: 92:0F:1F:A5:5B:04:4B:79:36:C4:3C:E5:AF:C3:27:AA:68:33:9A:D8 Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7 Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7 Certificate serial: 019AF31B9555D135D1482D6ABD23DC9C4EA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft Manifest number: 14A6 Signing time: Sat 06 Dec 2025 10:01:02 +0000 Manifest this update: Sat 06 Dec 2025 10:01:02 +0000 Manifest next update: Sun 07 Dec 2025 10:01:02 +0000 Files and hashes: 1: qFZMGyq85ztg5ytAQ7RbzglxnGU.roa (hash: kMRZIxRuZxVhg2DxKXhubRuKlbKba7EMDPUaAyexKng=) 2: xHKa8T09FW9BGXaxduVU-mcddvc.crl (hash: Ia8weyb+LFmyL4E5cGtAUQFPrdooEMWnD2W/ZRATvqM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:95:55:d1:35:d1:48:2d:6a:bd:23:dc:9c:4e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7 Validity Not Before: Dec 6 10:01:02 2025 GMT Not After : Dec 7 10:01:02 2025 GMT Subject: CN=920f1fa55b044b7936c43ce5afc327aa68339ad8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:01:1c:4a:0d:0e:57:be:d0:fb:4a:65:b8:33: 7a:43:f2:8c:54:6a:5d:bc:74:1a:fb:19:13:2f:d2: 9c:86:4f:86:e4:f3:a5:04:2a:04:69:52:db:4e:53: 39:82:d5:b7:a9:38:f5:29:8a:e6:62:a5:44:4c:37: 6c:a5:c0:24:88:f2:e9:b4:fe:18:e1:a4:fe:0b:82: 32:4d:b6:1d:e7:65:6c:c2:00:63:c7:0e:68:ac:19: 5e:8e:74:44:34:ef:bd:df:25:8a:cb:b3:1e:a7:6e: ac:ef:ae:43:ab:17:c8:3b:5a:8e:1a:50:db:55:10: f6:61:1c:4a:12:4f:8d:e4:58:e9:bb:e8:62:4b:ef: cf:e9:eb:0e:18:bb:57:ac:f2:72:2d:48:53:1c:d3: 98:8a:7b:62:be:b9:72:2b:b1:fa:23:a1:d7:78:96: c6:3a:21:2b:a3:6b:d8:dc:0f:db:6f:85:12:e6:75: 6b:a5:b9:7b:bf:c8:37:08:fe:ed:0f:d0:d0:da:9b: 52:a5:9d:05:a1:93:87:d7:54:85:39:09:6c:c4:65: 2d:e5:f6:f5:06:d8:8a:b0:3d:2e:a3:4d:c3:1e:3d: 99:7c:33:28:0d:3f:c3:2e:0d:c4:87:f8:65:45:ff: f5:9d:b8:fb:8e:1b:a6:9c:8c:76:e2:a4:f0:c0:47: ea:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:0F:1F:A5:5B:04:4B:79:36:C4:3C:E5:AF:C3:27:AA:68:33:9A:D8 X509v3 Authority Key Identifier: keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:6b:da:2c:4f:fe:f8:1c:d4:30:95:10:85:fb:9f:74:52:cf: a4:1c:09:2a:4a:d1:8e:3d:64:35:e7:6b:6e:e1:fc:ff:bb:7e: 4d:6a:08:0d:2c:b2:36:f5:c4:be:dc:f8:7c:6a:2e:e4:71:26: 95:3d:4e:50:e4:3d:a0:2c:4f:73:39:ca:1f:20:c3:ff:2c:b3: f7:61:30:84:41:ab:36:f6:48:98:83:cd:29:df:4d:bd:b1:65: 66:93:11:b7:bf:15:41:0c:5b:9b:a2:bc:74:c2:2c:35:06:9d: b0:d5:f0:b5:21:97:f6:8e:cf:bb:73:5a:41:15:1d:17:df:83: ef:6f:10:ed:45:68:54:fa:82:10:9a:90:10:9e:e2:6d:b4:f6: 91:85:fc:a7:8e:ef:c7:69:64:1a:01:aa:25:be:04:8b:09:da: 7e:b1:77:3f:4e:49:f6:b2:9e:db:f8:fe:b5:c3:09:3e:34:b5: 2e:8e:80:96:40:9d:4b:8d:c9:c4:aa:a5:03:b8:fd:fd:62:db: 84:d9:16:7a:2d:dd:12:5a:73:de:c4:54:c0:36:e7:72:dd:48: b6:75:af:0c:05:8c:1c:9a:51:76:53:1c:63:fc:de:10:b3:0c: f4:ee:cf:d7:98:9a:a0:9f:26:b6:04:a4:d6:60:9c:31:73:c5: 68:8d:76:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5VV0TXRSC1qvSPcnE6mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx ZDc2ZjcwHhcNMjUxMjA2MTAwMTAyWhcNMjUxMjA3MTAwMTAyWjAzMTEwLwYDVQQD Eyg5MjBmMWZhNTViMDQ0Yjc5MzZjNDNjZTVhZmMzMjdhYTY4MzM5YWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAEcSg0OV77Q+0pluDN6Q/KMVGpd vHQa+xkTL9Kchk+G5POlBCoEaVLbTlM5gtW3qTj1KYrmYqVETDdspcAkiPLptP4Y 4aT+C4IyTbYd52VswgBjxw5orBlejnRENO+93yWKy7Mep26s765DqxfIO1qOGlDb VRD2YRxKEk+N5Fjpu+hiS+/P6esOGLtXrPJyLUhTHNOYintivrlyK7H6I6HXeJbG OiEro2vY3A/bb4US5nVrpbl7v8g3CP7tD9DQ2ptSpZ0FoZOH11SFOQlsxGUt5fb1 BtiKsD0uo03DHj2ZfDMoDT/DLg3Eh/hlRf/1nbj7jhumnIx24qTwwEfq6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJIPH6VbBEt5NsQ85a/DJ6poM5rYMB8GA1UdIwQY MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt YjA4OThmYmIxY2FiLzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdWvaLE/+ +BzUMJUQhfufdFLPpBwJKkrRjj1kNedrbuH8/7t+TWoIDSyyNvXEvtz4fGou5HEm lT1OUOQ9oCxPcznKHyDD/yyz92EwhEGrNvZImIPNKd9NvbFlZpMRt78VQQxbm6K8 dMIsNQadsNXwtSGX9o7Pu3NaQRUdF9+D728Q7UVoVPqCEJqQEJ7ibbT2kYX8p47v x2lkGgGqJb4EiwnafrF3P05J9rKe2/j+tcMJPjS1Lo6AlkCdS43JxKqlA7j9/WLb hNkWei3dElpz3sRUwDbnct1ItnWvDAWMHJpRdlMcY/zeELMM9O7P15iaoJ8mtgSk 1mCcMXPFaI12/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 13:26:43 2025 by rpki-client