This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft File: xdXOafzPDGu44rJmfh44-5QPPSY.mft (raw, json) Hash identifier: PMTQaetT10TONeJYCBjeL5LMVd+rzM/laF4TwvEFGVg= Subject key identifier: 72:86:0D:2A:FE:63:28:95:8F:98:B0:AF:80:BE:3F:9E:78:DC:36:C2 Authority key identifier: C5:D5:CE:69:FC:CF:0C:6B:B8:E2:B2:66:7E:1E:38:FB:94:0F:3D:26 Certificate issuer: /CN=c5d5ce69fccf0c6bb8e2b2667e1e38fb940f3d26 Certificate serial: 019AF2ADEAF42141F31375D6137C025B1ECD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft Manifest number: 0BCD Signing time: Sat 06 Dec 2025 08:01:15 +0000 Manifest this update: Sat 06 Dec 2025 08:01:15 +0000 Manifest next update: Sun 07 Dec 2025 08:01:15 +0000 Files and hashes: 1: 6dkBUwL-mhaODMyRqo4g1V5Aqm0.roa (hash: Qmi5vwRBC8G/em6HsgOnkDIH/4egeMg5iAbwYtXG1+s=) 2: xdXOafzPDGu44rJmfh44-5QPPSY.crl (hash: tK3aRuU+S+4e6Npo3SBFORvDIo446pRXBdJHNxw0mk4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:ea:f4:21:41:f3:13:75:d6:13:7c:02:5b:1e:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5d5ce69fccf0c6bb8e2b2667e1e38fb940f3d26 Validity Not Before: Dec 6 08:01:15 2025 GMT Not After : Dec 7 08:01:15 2025 GMT Subject: CN=72860d2afe6328958f98b0af80be3f9e78dc36c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a3:3f:db:e9:5c:38:69:db:57:0f:35:4f:36: 03:72:5c:8d:56:97:4a:c8:8c:6e:f3:93:03:d6:5c: 03:99:98:0a:c0:8a:b6:75:cd:bd:99:07:22:f3:f2: 71:1a:f2:2e:dc:7e:02:90:4a:be:be:75:78:39:c7: db:9d:53:3e:10:72:c5:81:af:48:f0:e7:15:a0:ea: 0c:ec:ea:e8:b1:d1:f3:72:2b:df:9a:e2:30:6f:1c: 06:ec:97:cb:f0:0d:04:58:48:7c:10:9c:05:3e:71: 99:3e:d1:89:f3:1e:5e:43:21:66:50:be:d9:ba:60: 5e:0d:1d:fd:f8:2d:1a:cf:11:84:47:92:47:af:ac: af:68:9e:ec:98:b0:80:72:f7:18:46:b9:dd:bd:79: db:0a:b7:5e:db:6d:13:5a:c0:5c:39:45:ed:75:cf: 82:10:ff:19:4d:3d:1c:ca:2e:6d:2e:4f:07:34:e9: 34:ea:19:8d:fc:2f:64:8f:40:9d:7f:9a:3a:13:4d: ca:80:6f:07:3d:8e:01:e0:c3:aa:20:af:ee:59:93: 1e:78:26:2e:8c:35:cb:e8:6e:41:b3:13:dc:af:08: 2b:9e:da:b1:c5:40:72:bb:55:ce:8c:41:bf:a6:bc: f4:57:f3:92:59:fb:20:31:56:ea:00:f6:17:00:45: aa:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:86:0D:2A:FE:63:28:95:8F:98:B0:AF:80:BE:3F:9E:78:DC:36:C2 X509v3 Authority Key Identifier: keyid:C5:D5:CE:69:FC:CF:0C:6B:B8:E2:B2:66:7E:1E:38:FB:94:0F:3D:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:ab:a5:24:53:92:fb:85:1e:06:15:83:2a:5a:21:80:bb:30: 67:ae:87:e6:a1:24:c4:de:ff:15:b1:1e:75:b1:8e:59:16:54: 99:fd:43:be:3e:07:0d:3d:18:70:3d:c7:43:99:b6:91:fe:65: 02:e5:21:02:a0:58:c4:64:eb:58:ef:3e:4a:ff:a7:53:41:29: 9c:9d:ca:a0:c0:1b:a8:80:b3:49:0f:00:23:a3:bc:64:2d:78: 97:12:23:89:36:81:d7:ab:07:2a:9c:8f:26:3b:41:bd:69:2c: 7b:87:dd:6c:79:d5:8c:5e:27:75:86:0f:d7:7f:ec:23:d4:af: e2:4c:64:cc:1f:cb:1e:00:f9:1e:c5:28:37:57:4b:a7:66:54: de:61:54:d6:dd:3e:f2:1a:2e:76:94:90:6e:da:ad:77:b2:68: cf:45:75:8a:9f:d1:4f:66:70:5d:ec:de:47:cc:fb:15:2f:ae: b3:6b:36:5a:50:0a:68:8b:fc:72:b6:67:1e:62:64:08:09:87: 2d:9a:68:d7:58:51:85:c3:9b:52:98:36:f5:71:b4:29:95:a0: 18:43:80:53:11:ed:29:46:5b:c6:57:25:7e:53:29:08:f7:e2: b6:0d:4e:7b:1f:d8:29:d0:6e:41:b2:02:94:78:45:d8:2f:02: 46:29:d3:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrer0IUHzE3XWE3wCWx7NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1ZDVjZTY5ZmNjZjBjNmJiOGUyYjI2NjdlMWUzOGZiOTQw ZjNkMjYwHhcNMjUxMjA2MDgwMTE1WhcNMjUxMjA3MDgwMTE1WjAzMTEwLwYDVQQD Eyg3Mjg2MGQyYWZlNjMyODk1OGY5OGIwYWY4MGJlM2Y5ZTc4ZGMzNmMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaM/2+lcOGnbVw81TzYDclyNVpdK yIxu85MD1lwDmZgKwIq2dc29mQci8/JxGvIu3H4CkEq+vnV4OcfbnVM+EHLFga9I 8OcVoOoM7OrosdHzcivfmuIwbxwG7JfL8A0EWEh8EJwFPnGZPtGJ8x5eQyFmUL7Z umBeDR39+C0azxGER5JHr6yvaJ7smLCAcvcYRrndvXnbCrde220TWsBcOUXtdc+C EP8ZTT0cyi5tLk8HNOk06hmN/C9kj0Cdf5o6E03KgG8HPY4B4MOqIK/uWZMeeCYu jDXL6G5BsxPcrwgrntqxxUByu1XOjEG/prz0V/OSWfsgMVbqAPYXAEWq3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKGDSr+YyiVj5iwr4C+P5543DbCMB8GA1UdIwQY MBaAFMXVzmn8zwxruOKyZn4eOPuUDz0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMjgyY2QtZWUzMC00OWMzLTljOWUt NDcxZGI3ZWI3MTllLzEveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9hMjgyY2QtZWUzMC00OWMzLTljOWUtNDcxZGI3ZWI3MTll LzEveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhaulJFOS +4UeBhWDKlohgLswZ66H5qEkxN7/FbEedbGOWRZUmf1Dvj4HDT0YcD3HQ5m2kf5l AuUhAqBYxGTrWO8+Sv+nU0EpnJ3KoMAbqICzSQ8AI6O8ZC14lxIjiTaB16sHKpyP JjtBvWkse4fdbHnVjF4ndYYP13/sI9Sv4kxkzB/LHgD5HsUoN1dLp2ZU3mFU1t0+ 8houdpSQbtqtd7Joz0V1ip/RT2ZwXezeR8z7FS+us2s2WlAKaIv8crZnHmJkCAmH LZpo11hRhcObUpg29XG0KZWgGEOAUxHtKUZbxlclflMpCPfitg1Oex/YKdBuQbIC lHhF2C8CRinTVg== -----END CERTIFICATE-----Generated at Sat Dec 6 16:31:05 2025 by rpki-client