This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft File: xBK7PaZcqrUkhR74bOm6piB04e0.mft (raw, json) Hash identifier: 4DkscO34CQqwEIcSC/RBD4SVodHETM552Fb1BbpdO9g= Subject key identifier: 8A:7B:7D:3A:BF:FA:B6:EC:FE:81:47:85:64:D3:E8:13:F9:B9:FB:5B Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed Certificate serial: 019AF2402F703F38DC9F46934348FC1D7D33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 06:01:23 +0000 Manifest this update: Sat 06 Dec 2025 06:01:23 +0000 Manifest next update: Sun 07 Dec 2025 06:01:23 +0000 Files and hashes: 1: kMIoPYj99g2K5sWXNcD0fsxHkHM.roa (hash: FopABAV6PSptIp6OTBNiTRgtYU723NWq9ChEZhzR3FM=) 2: xBK7PaZcqrUkhR74bOm6piB04e0.crl (hash: K2E9LyHim0VvG8BGPlZ4aqqebjt3i2T86rTtPJD/jFw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:2f:70:3f:38:dc:9f:46:93:43:48:fc:1d:7d:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed Validity Not Before: Dec 6 06:01:23 2025 GMT Not After : Dec 7 06:01:23 2025 GMT Subject: CN=8a7b7d3abffab6ecfe81478564d3e813f9b9fb5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b0:88:9c:b6:30:0e:3e:18:3b:7a:d9:35:70: 19:51:73:c6:e8:1b:3b:de:f6:73:0b:f8:64:a8:21: 92:3e:6d:48:23:a5:27:05:c0:9b:f2:b2:35:47:14: ee:0c:e6:10:26:20:62:c4:46:42:27:00:51:d1:2f: d9:96:04:8b:92:58:93:83:51:b8:4c:f5:22:dc:a0: 8c:2e:1f:35:c4:49:0e:f7:eb:13:11:30:a8:14:37: e1:68:95:cf:d3:a5:b6:c9:80:01:45:91:d7:be:2b: eb:17:a3:84:f9:7e:51:da:ef:0c:a4:9b:2d:e3:95: 06:6f:fb:60:90:5f:f7:81:7a:3e:bb:71:ff:94:10: 87:d8:45:88:37:c9:cf:6b:85:f3:ad:fe:15:76:bb: 80:64:eb:97:8e:da:2f:65:50:91:a3:44:af:7a:31: 2f:c8:ab:af:84:2c:2e:21:1a:b8:68:f2:a3:ac:c2: 71:7f:ad:91:99:6e:b6:9a:97:9e:e5:f1:cd:73:e0: 7d:f3:4e:fb:8f:af:85:6e:52:b6:20:0b:6f:1d:81: 3f:60:fc:42:d6:a6:29:fc:41:2a:2f:a2:96:91:57: 3a:b1:8a:3b:6a:8f:8f:e5:23:fa:aa:45:97:26:1e: b6:10:83:7f:8f:2e:ec:17:e7:47:40:1a:63:d8:0d: ed:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:7B:7D:3A:BF:FA:B6:EC:FE:81:47:85:64:D3:E8:13:F9:B9:FB:5B X509v3 Authority Key Identifier: keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:24:a0:89:55:03:bb:45:1e:49:8b:c6:db:3a:2c:98:de:3a: 8d:10:81:6b:ba:1e:22:21:9e:2d:19:a3:ec:0d:c3:b2:0a:d2: 75:36:0f:4a:a3:e1:d0:a6:c3:30:e8:43:be:df:a0:c9:f1:59: 1a:4a:ed:7d:07:f5:50:a0:13:08:a9:6b:71:84:38:55:16:9d: 5b:bb:38:1a:87:7b:4e:44:1e:2b:5c:12:c5:8f:44:15:cc:5a: 9c:8a:27:c6:24:ed:f8:dd:68:d7:90:1e:03:3d:84:dd:91:c4: 6d:66:be:13:ab:0a:c3:65:45:09:ea:30:1b:6c:1b:d8:e9:64: e3:95:f1:68:ed:ce:cd:2a:58:c5:b9:3c:e2:ad:37:1f:f6:1f: 9a:78:2a:39:1d:a6:0a:d8:b3:1d:80:64:fd:57:9f:e2:f7:80: 87:69:8d:a6:65:d7:93:d2:5a:ea:b0:12:fa:1a:09:75:bb:7c: ea:71:32:97:18:e6:ea:3f:39:76:1e:db:b4:8a:fa:e2:ee:55: 82:ff:a8:ae:ea:8f:0d:ec:54:bb:d3:32:6f:d4:f2:87:b7:3a: b1:05:38:32:7a:44:b2:e2:36:bf:7c:23:88:02:8d:e7:51:f4: ab:ab:32:f8:aa:09:fe:4b:42:1c:72:48:78:0f:7c:5a:38:a8: 9d:77:84:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQC9wPzjcn0aTQ0j8HX0zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3 NGUxZWQwHhcNMjUxMjA2MDYwMTIzWhcNMjUxMjA3MDYwMTIzWjAzMTEwLwYDVQQD Eyg4YTdiN2QzYWJmZmFiNmVjZmU4MTQ3ODU2NGQzZTgxM2Y5YjlmYjViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLCInLYwDj4YO3rZNXAZUXPG6Bs7 3vZzC/hkqCGSPm1II6UnBcCb8rI1RxTuDOYQJiBixEZCJwBR0S/ZlgSLkliTg1G4 TPUi3KCMLh81xEkO9+sTETCoFDfhaJXP06W2yYABRZHXvivrF6OE+X5R2u8MpJst 45UGb/tgkF/3gXo+u3H/lBCH2EWIN8nPa4Xzrf4VdruAZOuXjtovZVCRo0SvejEv yKuvhCwuIRq4aPKjrMJxf62RmW62mpee5fHNc+B98077j6+FblK2IAtvHYE/YPxC 1qYp/EEqL6KWkVc6sYo7ao+P5SP6qkWXJh62EIN/jy7sF+dHQBpj2A3tIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIp7fTq/+rbs/oFHhWTT6BP5uftbMB8GA1UdIwQY MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt OWI5MzJlY2QyZWNjLzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSSgiVUD u0UeSYvG2zosmN46jRCBa7oeIiGeLRmj7A3DsgrSdTYPSqPh0KbDMOhDvt+gyfFZ GkrtfQf1UKATCKlrcYQ4VRadW7s4God7TkQeK1wSxY9EFcxanIonxiTt+N1o15Ae Az2E3ZHEbWa+E6sKw2VFCeowG2wb2Olk45XxaO3OzSpYxbk84q03H/YfmngqOR2m CtizHYBk/Vef4veAh2mNpmXXk9Ja6rAS+hoJdbt86nEylxjm6j85dh7btIr64u5V gv+oruqPDexUu9Myb9Tyh7c6sQU4MnpEsuI2v3wjiAKN51H0q6sy+KoJ/ktCHHJI eA98WjionXeErA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:19:47 2025 by rpki-client