This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json) Hash identifier: JaBvE+voKA7AM+TMSzPv7hD/Hmied8Kx7au1tMrOSuo= Subject key identifier: 71:E4:8E:B9:D5:FC:11:D1:C9:A6:BF:61:92:51:42:C2:EB:11:C0:6D Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Certificate serial: 019AF088C3005CCA3DD8DB78F05D090CC261 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft Manifest number: 0448 Signing time: Fri 05 Dec 2025 22:01:25 +0000 Manifest this update: Fri 05 Dec 2025 22:01:25 +0000 Manifest next update: Sat 06 Dec 2025 22:01:25 +0000 Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=) 2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: aJPQ3KtllLcg7BFiTDf7GmILMquPSfQvgE87xyUFOJY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:c3:00:5c:ca:3d:d8:db:78:f0:5d:09:0c:c2:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Validity Not Before: Dec 5 22:01:25 2025 GMT Not After : Dec 6 22:01:25 2025 GMT Subject: CN=71e48eb9d5fc11d1c9a6bf61925142c2eb11c06d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:0e:64:33:62:55:06:06:4f:f5:9c:95:9a:61: 71:bc:eb:45:33:ab:0f:7d:57:f3:b3:2b:c5:a0:cd: 2c:cf:ab:89:f1:ec:a9:6d:0e:e7:d3:4d:31:a9:96: 7d:f2:78:bc:c0:df:96:b1:92:61:24:6b:5f:03:ed: 24:95:d2:d5:54:e8:22:6e:52:42:e4:87:ff:b2:6c: ca:e8:47:3f:e5:69:22:77:cb:26:75:1c:b5:a9:42: db:2a:d9:b6:29:90:6e:65:97:68:b2:ca:59:bf:bc: 3e:83:a2:2f:3d:f9:ed:cc:41:14:04:2d:34:c5:a5: cd:b4:47:f0:27:c2:8d:37:ce:9f:a6:4a:54:28:22: 55:dc:29:7c:38:78:13:cb:44:69:bf:1a:43:15:eb: 4d:92:38:fb:88:ab:5b:3c:a4:b2:2e:56:6a:0e:c8: 3b:2f:41:7e:4e:16:c0:ea:45:e9:45:a7:4e:ee:d1: 2d:aa:58:ef:13:b0:1f:8a:b9:a6:57:87:8f:12:b5: f5:6f:ed:6d:b5:c3:5d:d9:8e:da:f0:ee:f5:1b:68: 00:07:8d:f7:ac:e9:8b:13:43:f2:96:69:71:cb:b9: d6:06:34:fe:57:cb:01:bd:75:de:16:ca:26:a6:20: 25:5d:c5:fa:07:a6:8d:3b:4c:ab:a8:b6:64:ac:d5: 09:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:E4:8E:B9:D5:FC:11:D1:C9:A6:BF:61:92:51:42:C2:EB:11:C0:6D X509v3 Authority Key Identifier: keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:b5:04:01:c4:35:5b:67:ba:39:0e:31:5c:47:d2:67:68:7c: 29:80:66:68:5c:2a:46:7c:ec:83:e9:e3:36:22:71:ab:6a:13: a1:aa:b5:81:24:6a:37:83:d4:8a:af:5e:a6:cd:e1:4f:ab:82: 22:56:5b:3f:da:01:72:b2:61:37:59:63:67:d7:fb:ac:ee:a3: e9:88:42:7b:b4:1b:e2:39:73:5f:88:c0:26:1c:7f:06:89:2f: ba:f9:40:c3:be:a2:01:8d:f9:94:58:ae:bb:22:5c:a1:26:c4: 78:11:9e:11:6c:be:da:70:a1:d8:f2:6b:1a:4b:c2:4c:87:8c: 08:4f:99:1a:9a:35:ed:34:e0:74:9d:d8:39:e3:9f:7b:da:95: 3b:76:a1:b4:aa:e4:91:43:b2:aa:af:0b:8c:e6:e3:6f:f2:51: 39:3d:75:7b:3d:35:dc:ba:17:4d:d0:27:3b:ad:1e:be:4d:af: c6:d3:c9:ae:de:dc:9f:12:dc:a7:c7:1d:cf:df:24:03:24:e6: da:3d:af:49:a9:ee:d3:94:11:c5:ef:fd:18:d2:62:67:4d:bd: e4:ff:54:b3:9c:5d:f4:7c:a3:ab:c9:2a:fd:45:7a:e7:ae:aa: e2:77:73:f2:68:17:fb:5e:ce:8d:16:05:7b:f4:94:fa:78:f1: 20:65:db:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiMMAXMo92Nt48F0JDMJhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz NDFkZTEwHhcNMjUxMjA1MjIwMTI1WhcNMjUxMjA2MjIwMTI1WjAzMTEwLwYDVQQD Eyg3MWU0OGViOWQ1ZmMxMWQxYzlhNmJmNjE5MjUxNDJjMmViMTFjMDZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+A5kM2JVBgZP9ZyVmmFxvOtFM6sP fVfzsyvFoM0sz6uJ8eypbQ7n000xqZZ98ni8wN+WsZJhJGtfA+0kldLVVOgiblJC 5If/smzK6Ec/5Wkid8smdRy1qULbKtm2KZBuZZdosspZv7w+g6IvPfntzEEUBC00 xaXNtEfwJ8KNN86fpkpUKCJV3Cl8OHgTy0RpvxpDFetNkjj7iKtbPKSyLlZqDsg7 L0F+ThbA6kXpRadO7tEtqljvE7AfirmmV4ePErX1b+1ttcNd2Y7a8O71G2gAB433 rOmLE0Pylmlxy7nWBjT+V8sBvXXeFsompiAlXcX6B6aNO0yrqLZkrNUJvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHHkjrnV/BHRyaa/YZJRQsLrEcBtMB8GA1UdIwQY MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo7UEAcQ1 W2e6OQ4xXEfSZ2h8KYBmaFwqRnzsg+njNiJxq2oToaq1gSRqN4PUiq9eps3hT6uC IlZbP9oBcrJhN1ljZ9f7rO6j6YhCe7Qb4jlzX4jAJhx/BokvuvlAw76iAY35lFiu uyJcoSbEeBGeEWy+2nCh2PJrGkvCTIeMCE+ZGpo17TTgdJ3YOeOfe9qVO3ahtKrk kUOyqq8LjObjb/JROT11ez013LoXTdAnO60evk2vxtPJrt7cnxLcp8cdz98kAyTm 2j2vSanu05QRxe/9GNJiZ0295P9Us5xd9Hyjq8kq/UV6566q4ndz8mgX+17OjRYF e/SU+njxIGXbrw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:25 2025 by rpki-client