This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft File: XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft (raw, json) Hash identifier: yTvKritVEVN/CgdxuzUvN+pyIefCLwzY7JfqP3wzNPY= Subject key identifier: 42:9A:84:0E:48:D8:4B:F6:E3:73:39:08:F3:88:57:38:44:7E:5F:8B Authority key identifier: 5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D Certificate issuer: /CN=5e803b66b306008fb172c2dfd522b5655057360d Certificate serial: 019AF1D2446153BFA8811C55EC1CA57DB323 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft Manifest number: 1381 Signing time: Sat 06 Dec 2025 04:01:20 +0000 Manifest this update: Sat 06 Dec 2025 04:01:20 +0000 Manifest next update: Sun 07 Dec 2025 04:01:20 +0000 Files and hashes: 1: Bu2qohV5DT207In6bmDkzPkl22w.roa (hash: yQgjgxJo0jD6Zb5Cbl39m04H6+9TPpDsNpPjtFWzK98=) 2: XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl (hash: klAwlxUuGXHWdeamk43G5NfTEjh1Yv2QnLFQvLtxJGg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:44:61:53:bf:a8:81:1c:55:ec:1c:a5:7d:b3:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e803b66b306008fb172c2dfd522b5655057360d Validity Not Before: Dec 6 04:01:20 2025 GMT Not After : Dec 7 04:01:20 2025 GMT Subject: CN=429a840e48d84bf6e3733908f3885738447e5f8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:1f:48:40:c5:f4:0c:94:3f:e7:c9:2e:c1:0c: 39:d4:16:a1:8d:2f:45:17:36:9a:6a:fb:4b:87:3e: bf:b1:c5:d0:21:0f:e1:01:29:eb:6c:80:27:22:65: fe:43:60:28:e0:dc:a9:e1:54:83:fc:eb:99:af:5c: 27:07:d9:58:f4:e7:0f:c5:1b:95:25:ea:de:a3:ea: c3:75:16:b7:15:ed:7a:bf:d0:91:0f:0d:e2:b5:60: db:ed:62:94:79:ab:3c:9e:37:dc:26:d2:61:b8:c2: d3:db:ca:ac:f0:9e:25:c2:8a:5b:c5:69:b8:e1:cb: e6:1b:78:ee:af:e0:99:e2:07:43:3b:fc:dc:c2:9e: 8e:5f:71:36:86:bf:04:69:22:02:3f:d7:98:fa:59: a4:66:0b:6a:aa:91:0f:47:bb:af:3e:a7:86:61:26: af:74:4d:66:97:74:fa:7a:5e:6d:24:44:c0:74:5f: 95:bf:7b:cd:3f:4a:db:7a:41:48:62:10:12:44:35: 31:fe:20:3a:a5:31:97:7f:ae:e8:a5:2f:28:9c:c6: 46:89:36:52:05:84:f4:47:62:f5:a1:05:37:ca:b2: 07:6c:69:ba:49:06:ad:11:5d:2d:7f:27:5d:ba:41: 2f:a0:b2:c1:f9:3b:74:c2:f3:5c:ca:35:1a:2a:0c: 5e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:9A:84:0E:48:D8:4B:F6:E3:73:39:08:F3:88:57:38:44:7E:5F:8B X509v3 Authority Key Identifier: keyid:5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:ea:1c:ab:0e:24:31:fd:81:72:64:2b:70:aa:e7:71:1b:10: df:64:19:aa:db:bc:92:f3:4c:fd:db:ad:0d:f6:43:bc:a9:71: 95:8b:a1:a1:03:e1:40:46:05:1a:ec:56:b7:de:68:31:16:a7: 98:36:c8:e3:eb:81:15:cf:eb:39:7f:1b:ef:46:1c:43:03:4b: 4e:09:a5:63:55:de:68:97:91:93:d0:34:4f:e1:43:20:29:39: 76:9f:80:26:23:0f:da:90:14:0f:04:9e:95:3e:dc:af:5e:24: 3c:5e:b4:ce:38:ef:93:68:61:6b:90:e9:9b:f5:2b:ed:78:42: ba:a1:86:0c:80:cc:8c:14:55:b1:24:88:34:15:e8:1f:ba:14: 9c:bb:c4:19:46:00:2a:4d:70:15:34:aa:14:ea:92:28:07:b3: df:d1:68:bc:1e:13:57:65:c3:7f:d5:c4:51:65:43:08:99:0b: d9:e9:5b:83:f2:13:99:e8:83:a5:f2:b3:68:05:dd:22:d2:b0: 19:e8:2c:7f:f2:16:a8:e5:60:af:11:de:5d:76:64:d3:df:44: 14:43:71:f0:4a:76:c5:80:89:c1:d3:20:70:1d:30:cc:fc:a5: 9e:60:d1:0d:04:86:e9:10:17:69:ed:3a:4f:04:f7:4a:4b:32: e8:a4:9c:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0kRhU7+ogRxV7BylfbMjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlODAzYjY2YjMwNjAwOGZiMTcyYzJkZmQ1MjJiNTY1NTA1 NzM2MGQwHhcNMjUxMjA2MDQwMTIwWhcNMjUxMjA3MDQwMTIwWjAzMTEwLwYDVQQD Eyg0MjlhODQwZTQ4ZDg0YmY2ZTM3MzM5MDhmMzg4NTczODQ0N2U1ZjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh9IQMX0DJQ/58kuwQw51BahjS9F FzaaavtLhz6/scXQIQ/hASnrbIAnImX+Q2Ao4Nyp4VSD/OuZr1wnB9lY9OcPxRuV Jereo+rDdRa3Fe16v9CRDw3itWDb7WKUeas8njfcJtJhuMLT28qs8J4lwopbxWm4 4cvmG3jur+CZ4gdDO/zcwp6OX3E2hr8EaSICP9eY+lmkZgtqqpEPR7uvPqeGYSav dE1ml3T6el5tJETAdF+Vv3vNP0rbekFIYhASRDUx/iA6pTGXf67opS8onMZGiTZS BYT0R2L1oQU3yrIHbGm6SQatEV0tfyddukEvoLLB+Tt0wvNcyjUaKgxezwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEKahA5I2Ev243M5CPOIVzhEfl+LMB8GA1UdIwQY MBaAFF6AO2azBgCPsXLC39UitWVQVzYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2Ut OTM4NTA2YTlmMmE3LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2UtOTM4NTA2YTlmMmE3 LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeocqw4k Mf2BcmQrcKrncRsQ32QZqtu8kvNM/dutDfZDvKlxlYuhoQPhQEYFGuxWt95oMRan mDbI4+uBFc/rOX8b70YcQwNLTgmlY1XeaJeRk9A0T+FDICk5dp+AJiMP2pAUDwSe lT7cr14kPF60zjjvk2hha5Dpm/Ur7XhCuqGGDIDMjBRVsSSINBXoH7oUnLvEGUYA Kk1wFTSqFOqSKAez39FovB4TV2XDf9XEUWVDCJkL2elbg/ITmeiDpfKzaAXdItKw Gegsf/IWqOVgrxHeXXZk099EFENx8Ep2xYCJwdMgcB0wzPylnmDRDQSG6RAXae06 TwT3Sksy6KScMQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:09 2025 by rpki-client