This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json) Hash identifier: jlXxfFFvgYkbnoKxXbi3AP4SyhBNo/liwAVlAX32zBs= Subject key identifier: AE:67:C4:DD:FB:8A:14:05:9D:C0:20:AE:77:AA:85:D0:EC:CD:E5:C5 Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Certificate serial: 019B3DC7F20BD2EA941B7BFECF512BEEB2AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft Manifest number: 0470 Signing time: Sat 20 Dec 2025 22:01:12 +0000 Manifest this update: Sat 20 Dec 2025 22:01:12 +0000 Manifest next update: Sun 21 Dec 2025 22:01:12 +0000 Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=) 2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: WbWiDZ5v3an6+ff8/fvs+a8zFtZT/etQ5Ak0eJ5B43c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:f2:0b:d2:ea:94:1b:7b:fe:cf:51:2b:ee:b2:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Validity Not Before: Dec 20 22:01:12 2025 GMT Not After : Dec 21 22:01:12 2025 GMT Subject: CN=ae67c4ddfb8a14059dc020ae77aa85d0eccde5c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fa:33:41:b1:26:2b:01:48:92:95:b5:b2:2f: 48:b6:8e:e6:14:13:3a:4b:f2:33:e9:2b:da:9e:eb: e6:89:4e:1d:c1:ba:47:08:b1:13:74:2c:17:a5:32: 0f:3e:ef:c4:e6:f1:c3:eb:0f:08:ad:08:6f:4b:71: ad:a4:05:38:51:e3:5c:6a:a4:d5:62:98:45:5c:85: eb:6c:e9:d5:ca:60:f1:7c:53:f4:0f:a9:c5:f6:37: 37:7b:17:b1:d6:9c:97:d8:43:38:f9:ba:4e:dc:16: f1:3b:79:02:13:66:cd:3a:db:ce:05:20:68:1b:93: 14:43:a3:fa:cb:35:7c:1f:30:8a:86:bd:39:cc:2c: e8:a7:08:ac:c0:73:f8:69:8e:ff:d6:5f:e7:53:50: dd:b8:ab:74:68:03:14:ef:4f:d9:31:b2:20:7d:62: cb:eb:fc:5b:61:30:cb:1a:dd:dd:78:22:39:be:86: e1:fe:fc:c1:f8:2d:b9:c7:5e:f3:23:8c:96:8e:62: 47:80:90:c8:e9:47:90:40:1e:6a:55:5b:f8:81:d1: 2c:c2:4d:e3:61:f8:ce:b8:8a:c3:e5:32:47:75:42: cf:55:57:ff:97:7b:00:00:35:41:f2:2a:a3:4f:ab: 86:90:26:7f:85:65:a6:19:8b:66:33:6d:d7:f6:74: e4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:67:C4:DD:FB:8A:14:05:9D:C0:20:AE:77:AA:85:D0:EC:CD:E5:C5 X509v3 Authority Key Identifier: keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:62:7d:06:d0:6e:81:a0:dd:d5:fb:23:d7:e8:a7:d7:cf:3a: eb:43:7a:38:f6:7b:4a:a9:5e:1d:7d:d2:61:77:69:e1:53:74: 22:6d:a4:0e:e8:44:76:ee:27:89:cc:f6:60:28:35:a8:d9:fa: 49:2d:ef:1c:d0:cd:da:75:85:ba:87:ba:b4:1e:2b:8e:e8:56: b9:08:07:a4:23:5c:28:2b:ff:08:81:3d:ce:f1:ad:d5:c1:6a: d1:02:e8:80:17:0b:03:47:de:7a:17:12:82:05:61:3d:d3:79: cf:ec:8e:60:12:86:b6:1d:39:c6:c9:8d:0a:7c:a5:85:02:91: 0a:04:b3:34:9d:8a:0b:ed:a7:8a:b2:da:1a:e2:a4:05:a7:cc: 73:cb:f5:3c:6d:65:9b:ca:ff:8b:04:d0:66:3d:ba:f6:7a:dc: ed:48:93:89:f2:f7:8a:3e:27:00:2f:c6:50:29:dc:8b:40:2f: db:76:3e:85:c8:bc:ec:cd:04:0e:83:a9:2d:39:7d:c3:0d:63: cf:1e:b6:ad:dd:d6:dd:e6:44:11:bb:fa:fa:84:fa:66:05:e6: 96:86:b2:17:13:15:7d:23:15:20:22:c0:37:df:76:1c:87:dd: 70:8a:76:9b:6d:e5:55:18:97:df:d8:01:1c:92:e9:0d:03:c3: 0f:19:47:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x/IL0uqUG3v+z1Er7rKsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz NDFkZTEwHhcNMjUxMjIwMjIwMTEyWhcNMjUxMjIxMjIwMTEyWjAzMTEwLwYDVQQD EyhhZTY3YzRkZGZiOGExNDA1OWRjMDIwYWU3N2FhODVkMGVjY2RlNWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPozQbEmKwFIkpW1si9Ito7mFBM6 S/Iz6SvanuvmiU4dwbpHCLETdCwXpTIPPu/E5vHD6w8IrQhvS3GtpAU4UeNcaqTV YphFXIXrbOnVymDxfFP0D6nF9jc3exex1pyX2EM4+bpO3BbxO3kCE2bNOtvOBSBo G5MUQ6P6yzV8HzCKhr05zCzopwiswHP4aY7/1l/nU1DduKt0aAMU70/ZMbIgfWLL 6/xbYTDLGt3deCI5vobh/vzB+C25x17zI4yWjmJHgJDI6UeQQB5qVVv4gdEswk3j YfjOuIrD5TJHdULPVVf/l3sAADVB8iqjT6uGkCZ/hWWmGYtmM23X9nTkyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK5nxN37ihQFncAgrneqhdDszeXFMB8GA1UdIwQY MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYmJ9BtBu gaDd1fsj1+in188660N6OPZ7SqleHX3SYXdp4VN0Im2kDuhEdu4nicz2YCg1qNn6 SS3vHNDN2nWFuoe6tB4rjuhWuQgHpCNcKCv/CIE9zvGt1cFq0QLogBcLA0feehcS ggVhPdN5z+yOYBKGth05xsmNCnylhQKRCgSzNJ2KC+2nirLaGuKkBafMc8v1PG1l m8r/iwTQZj269nrc7UiTifL3ij4nAC/GUCnci0Av23Y+hci87M0EDoOpLTl9ww1j zx62rd3W3eZEEbv6+oT6ZgXmloayFxMVfSMVICLAN992HIfdcIp2m23lVRiX39gB HJLpDQPDDxlHtA== -----END CERTIFICATE-----Generated at Sun Dec 21 03:56:41 2025 by rpki-client