This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft File: xcgmUInL3eamxXnNd2tfgMD4rdQ.mft (raw, json) Hash identifier: gSjaLTueJCctVl84LabjSOdYKDCYddiDFz8mV3V1tGQ= Subject key identifier: 85:8E:92:EE:08:FC:BE:F2:A2:F8:C4:8E:D9:AD:3A:92:10:78:07:B4 Authority key identifier: C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4 Certificate issuer: /CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4 Certificate serial: 019AF1D20FE40AC60AC71DAAB2F615802B11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft Manifest number: 0279 Signing time: Sat 06 Dec 2025 04:01:06 +0000 Manifest this update: Sat 06 Dec 2025 04:01:06 +0000 Manifest next update: Sun 07 Dec 2025 04:01:06 +0000 Files and hashes: 1: HnXYP_nGkSYGI2gsUnR5joaBv0k.roa (hash: QHASI9erDv03GyXaVaSPKxwrTHTkAuv0FPn5tlS8GC8=) 2: xcgmUInL3eamxXnNd2tfgMD4rdQ.crl (hash: UMQ4jNcYG9bDM2YU2U2uFGvBsZ/Vff5pcDYdO5cjMfA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:0f:e4:0a:c6:0a:c7:1d:aa:b2:f6:15:80:2b:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4 Validity Not Before: Dec 6 04:01:06 2025 GMT Not After : Dec 7 04:01:06 2025 GMT Subject: CN=858e92ee08fcbef2a2f8c48ed9ad3a92107807b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:58:76:38:e8:fb:69:43:c3:d8:30:65:38:6d: c3:0d:d0:7d:db:fe:11:8a:6d:5f:65:5b:e0:35:0f: f7:a3:e0:c5:4c:e8:cd:28:03:cb:c2:12:3c:25:45: 6f:61:50:ea:99:10:46:f7:f9:86:6e:de:9c:60:e4: c4:86:4e:9f:a9:30:8f:fa:30:49:2d:f0:1f:9d:1b: 42:cf:53:71:a4:3e:8a:9e:d6:18:c2:88:6e:3f:7a: 21:6a:c9:91:a5:04:c5:13:f4:ec:2f:2a:96:38:6e: 66:9d:b3:5e:58:19:84:90:72:a4:4d:a1:f1:8f:b5: ab:a2:71:cd:1b:65:79:3f:58:31:9b:7e:42:98:70: 96:c6:66:92:11:87:02:17:0c:12:dc:34:f1:c5:71: 54:9e:ab:6c:bf:9f:e3:d8:27:89:48:11:cb:e6:f4: 41:07:a8:41:26:d7:59:b9:e4:a2:58:05:13:68:80: d2:1f:6c:da:9b:a0:fa:88:c0:b4:b5:0c:a8:1b:8d: af:a4:c3:0a:0c:38:d6:b6:c8:74:9f:a1:fa:d3:66: 6a:c5:ed:5a:64:32:0e:c2:9a:03:41:a6:d5:29:a3: 12:70:e4:e1:0d:48:de:8f:e8:10:aa:d2:29:21:01: 53:7d:9a:18:3b:b7:44:ff:17:15:78:68:42:3b:3f: a6:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8E:92:EE:08:FC:BE:F2:A2:F8:C4:8E:D9:AD:3A:92:10:78:07:B4 X509v3 Authority Key Identifier: keyid:C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:5a:e5:bf:a6:3a:77:0b:3d:27:38:98:46:02:61:29:fc:44: fd:5f:a2:b2:19:a0:02:17:fe:03:51:e3:47:fe:02:f1:e9:51: e8:d4:cf:3f:c3:15:39:43:1d:ce:98:58:9e:20:78:81:e5:42: 5e:39:88:df:a5:dd:85:4d:b3:4b:ab:e8:0d:96:83:94:54:2f: 54:f2:8e:85:a2:22:30:3e:2b:dc:36:1a:04:d2:a8:17:9d:74: 38:77:3d:81:1f:81:d7:3f:7e:83:9f:0e:63:ce:53:ac:96:28: 7f:53:65:c1:dd:e4:49:bd:7d:87:e4:08:10:11:36:13:37:39: 78:9a:b3:11:52:9f:c0:91:2a:7c:47:79:0c:c8:41:fd:c9:5f: 31:5f:13:18:fb:14:d3:f8:ee:8c:07:24:2c:19:52:ad:42:94: 06:c4:f7:d2:0d:5c:f3:f6:92:df:40:0f:fa:ae:d3:d0:76:cf: ed:19:73:0a:48:da:9a:20:1e:64:84:6a:ec:01:5a:d3:6b:44: 53:08:dd:68:e8:2a:db:2a:3e:23:eb:de:1c:91:b0:3a:df:1b: 20:23:8c:8d:f0:45:a9:93:83:bd:5a:51:05:b7:b2:d0:38:fe: fe:4e:a6:de:ab:b2:e2:71:85:f0:ae:58:68:22:4f:91:66:c5: ab:fb:fe:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0g/kCsYKxx2qsvYVgCsRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YzgyNjUwODljYmRkZTZhNmM1NzljZDc3NmI1ZjgwYzBm OGFkZDQwHhcNMjUxMjA2MDQwMTA2WhcNMjUxMjA3MDQwMTA2WjAzMTEwLwYDVQQD Eyg4NThlOTJlZTA4ZmNiZWYyYTJmOGM0OGVkOWFkM2E5MjEwNzgwN2I0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fh2OOj7aUPD2DBlOG3DDdB92/4R im1fZVvgNQ/3o+DFTOjNKAPLwhI8JUVvYVDqmRBG9/mGbt6cYOTEhk6fqTCP+jBJ LfAfnRtCz1NxpD6KntYYwohuP3ohasmRpQTFE/TsLyqWOG5mnbNeWBmEkHKkTaHx j7WronHNG2V5P1gxm35CmHCWxmaSEYcCFwwS3DTxxXFUnqtsv5/j2CeJSBHL5vRB B6hBJtdZueSiWAUTaIDSH2zam6D6iMC0tQyoG42vpMMKDDjWtsh0n6H602Zqxe1a ZDIOwpoDQabVKaMScOThDUjej+gQqtIpIQFTfZoYO7dE/xcVeGhCOz+mTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIWOku4I/L7yovjEjtmtOpIQeAe0MB8GA1UdIwQY MBaAFMXIJlCJy93mpsV5zXdrX4DA+K3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEt NDM4ODIwZmJhMjU0LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEtNDM4ODIwZmJhMjU0 LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVrlv6Y6 dws9JziYRgJhKfxE/V+ishmgAhf+A1HjR/4C8elR6NTPP8MVOUMdzphYniB4geVC XjmI36XdhU2zS6voDZaDlFQvVPKOhaIiMD4r3DYaBNKoF510OHc9gR+B1z9+g58O Y85TrJYof1Nlwd3kSb19h+QIEBE2Ezc5eJqzEVKfwJEqfEd5DMhB/clfMV8TGPsU 0/jujAckLBlSrUKUBsT30g1c8/aS30AP+q7T0HbP7RlzCkjamiAeZIRq7AFa02tE UwjdaOgq2yo+I+veHJGwOt8bICOMjfBFqZODvVpRBbey0Dj+/k6m3quy4nGF8K5Y aCJPkWbFq/v+eA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:58:07 2025 by rpki-client