This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft File: Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft (raw, json) Hash identifier: oUfE77GdEAShRUnLB+rpZUJCG/P431xJyFJ4wVJYsQw= Subject key identifier: 75:D2:CC:B5:5D:D1:19:8E:E3:38:2D:3F:34:42:F0:6C:3D:9E:7C:B3 Authority key identifier: 5E:4F:1A:32:A3:7E:08:39:00:AB:A5:61:70:8E:52:AB:23:4E:3A:38 Certificate issuer: /CN=5e4f1a32a37e083900aba561708e52ab234e3a38 Certificate serial: 019AF12DB06F241E0EB5FA2492C4FEDF0C6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft Manifest number: 071F Signing time: Sat 06 Dec 2025 01:01:34 +0000 Manifest this update: Sat 06 Dec 2025 01:01:34 +0000 Manifest next update: Sun 07 Dec 2025 01:01:34 +0000 Files and hashes: 1: MjurembtvVeEftl3x1ofb2bHb8o.roa (hash: LMEfB1EahjyEN1vkkgX4Rq92rZ+ObZyJ1Ue8yFCn1Pk=) 2: Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl (hash: VVNc10/WwdyuHB+e//YSwToOX5KqscF6lDkxij2d7Fo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:b0:6f:24:1e:0e:b5:fa:24:92:c4:fe:df:0c:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e4f1a32a37e083900aba561708e52ab234e3a38 Validity Not Before: Dec 6 01:01:34 2025 GMT Not After : Dec 7 01:01:34 2025 GMT Subject: CN=75d2ccb55dd1198ee3382d3f3442f06c3d9e7cb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:82:08:6e:c7:7c:cf:df:b1:72:c0:9c:8f:42: dc:5d:31:fa:6a:ed:aa:f7:6f:b2:02:a9:11:26:48: 18:7c:4e:01:61:d1:32:b5:95:71:85:5f:7e:39:c2: 07:dc:e0:1b:45:0f:0d:fa:6d:e1:fd:15:7e:e9:64: c8:8f:69:99:63:04:70:4d:3e:c8:59:b4:e5:9d:74: 21:19:2d:07:b6:d4:ac:60:92:59:5a:24:d4:ba:e6: b7:d2:df:e8:d2:c6:33:6f:45:23:06:ac:c7:ad:ab: 84:0d:75:d9:9d:7c:73:0f:57:0e:4a:48:19:ff:08: d8:bb:ef:4c:8f:b1:a1:15:1b:87:bc:0b:4d:b8:89: 89:f9:f7:74:f3:ba:3b:22:e9:9a:28:56:2d:ac:47: d8:c5:a2:70:a7:c4:42:3f:83:38:65:fc:02:5a:89: 95:1f:23:89:5c:1d:35:27:33:95:31:dd:d7:ce:c4: bd:13:7e:12:0b:42:dd:76:ae:a2:81:fb:d4:86:c1: c8:99:b2:6d:b8:2e:04:b0:d1:35:cf:6b:5f:61:46: f7:7d:02:ec:c8:6a:28:e2:8f:63:3a:5c:60:38:94: 49:7b:3e:3f:13:3a:22:e8:9c:8d:ec:9c:b2:9c:9e: 76:4c:c2:2e:f3:dc:8a:e4:d5:4b:38:92:90:ac:24: ef:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D2:CC:B5:5D:D1:19:8E:E3:38:2D:3F:34:42:F0:6C:3D:9E:7C:B3 X509v3 Authority Key Identifier: keyid:5E:4F:1A:32:A3:7E:08:39:00:AB:A5:61:70:8E:52:AB:23:4E:3A:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:fa:ea:d8:95:c8:0c:06:0c:54:11:f0:de:95:88:90:77:1d: 40:e9:3d:7a:70:d2:53:2b:86:89:19:99:9d:dc:53:c5:17:ff: 7a:dc:f4:1d:4c:88:d6:a2:56:c0:5d:a0:ca:a7:42:f0:81:22: ec:34:ec:c8:0b:20:44:3d:29:51:36:ba:e7:7a:27:71:c2:3c: 9f:96:bc:8b:a9:33:02:45:89:2a:76:2e:81:a5:6e:1f:d1:72: ea:6c:92:1f:da:89:31:c1:08:ba:a5:b7:1b:94:93:51:92:02: 9f:d0:79:a6:04:0f:9d:07:a0:d2:93:15:76:51:d6:3d:bf:30: c0:11:26:64:09:c3:31:4a:d5:ca:92:cb:ff:b5:33:c6:17:05: a2:40:4d:d4:3b:ab:5a:cc:6d:eb:09:76:1c:fd:58:53:12:a6: 7b:be:6d:73:24:92:60:51:6e:df:4f:7d:7a:94:f3:bf:a1:d4: c7:d5:ab:b9:fe:e0:07:aa:7e:82:a4:da:7a:2d:03:95:45:92: 68:1a:c9:f5:4a:61:b3:84:d1:8f:d9:b1:f1:52:57:b5:5d:b5: 43:3d:38:1c:4b:2e:61:7f:89:08:0a:7e:a2:b3:36:da:85:64: f0:76:23:d2:6b:57:2a:a0:e9:4c:dc:49:67:e2:d5:61:b1:3e: ea:be:66:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLbBvJB4OtfokksT+3wxrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNGYxYTMyYTM3ZTA4MzkwMGFiYTU2MTcwOGU1MmFiMjM0 ZTNhMzgwHhcNMjUxMjA2MDEwMTM0WhcNMjUxMjA3MDEwMTM0WjAzMTEwLwYDVQQD Eyg3NWQyY2NiNTVkZDExOThlZTMzODJkM2YzNDQyZjA2YzNkOWU3Y2IzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIIIbsd8z9+xcsCcj0LcXTH6au2q 92+yAqkRJkgYfE4BYdEytZVxhV9+OcIH3OAbRQ8N+m3h/RV+6WTIj2mZYwRwTT7I WbTlnXQhGS0HttSsYJJZWiTUuua30t/o0sYzb0UjBqzHrauEDXXZnXxzD1cOSkgZ /wjYu+9Mj7GhFRuHvAtNuImJ+fd087o7IumaKFYtrEfYxaJwp8RCP4M4ZfwCWomV HyOJXB01JzOVMd3XzsS9E34SC0Lddq6igfvUhsHImbJtuC4EsNE1z2tfYUb3fQLs yGoo4o9jOlxgOJRJez4/Ezoi6JyN7JyynJ52TMIu89yK5NVLOJKQrCTvQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHXSzLVd0RmO4zgtPzRC8Gw9nnyzMB8GA1UdIwQY MBaAFF5PGjKjfgg5AKulYXCOUqsjTjo4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zZWY5MjEtMjllZC00MGNmLWI0NTQt NGMyYWNiNzgzMDllLzEvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zZWY5MjEtMjllZC00MGNmLWI0NTQtNGMyYWNiNzgzMDll LzEvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPrq2JXI DAYMVBHw3pWIkHcdQOk9enDSUyuGiRmZndxTxRf/etz0HUyI1qJWwF2gyqdC8IEi 7DTsyAsgRD0pUTa653onccI8n5a8i6kzAkWJKnYugaVuH9Fy6mySH9qJMcEIuqW3 G5STUZICn9B5pgQPnQeg0pMVdlHWPb8wwBEmZAnDMUrVypLL/7UzxhcFokBN1Dur Wsxt6wl2HP1YUxKme75tcySSYFFu3099epTzv6HUx9Wruf7gB6p+gqTaei0DlUWS aBrJ9Uphs4TRj9mx8VJXtV21Qz04HEsuYX+JCAp+orM22oVk8HYj0mtXKqDpTNxJ Z+LVYbE+6r5mwA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:32:05 2025 by rpki-client