This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.mft File: XICE2xnxE9gbZEg5P60cEyxYT80.mft (raw, json) Hash identifier: ZbJlZnAN6nvuyN7KXhBFziqLYP3et1zgaV4q1OBoG/I= Subject key identifier: 0C:83:A4:17:BA:17:EC:79:F6:19:29:52:64:98:27:97:5C:9D:B8:80 Authority key identifier: 5C:80:84:DB:19:F1:13:D8:1B:64:48:39:3F:AD:1C:13:2C:58:4F:CD Certificate issuer: /CN=5c8084db19f113d81b6448393fad1c132c584fcd Certificate serial: 019AF2096858DEDF61B60ABD7B1E88B911FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XICE2xnxE9gbZEg5P60cEyxYT80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.mft Manifest number: 1064 Signing time: Sat 06 Dec 2025 05:01:34 +0000 Manifest this update: Sat 06 Dec 2025 05:01:34 +0000 Manifest next update: Sun 07 Dec 2025 05:01:34 +0000 Files and hashes: 1: RopsaNkgpHpRL2oKJRAlnWazjYk.roa (hash: hePdDKhYq7jZJBW0X9xyUlZ0MuRDMypI160xH9eb0s0=) 2: XICE2xnxE9gbZEg5P60cEyxYT80.crl (hash: gLknhE5EvegHu2XpzD9eZ2PmvF5fHOcNRTTe1pmGKKU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.crl rsync://rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.mft rsync://rpki.ripe.net/repository/DEFAULT/XICE2xnxE9gbZEg5P60cEyxYT80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:68:58:de:df:61:b6:0a:bd:7b:1e:88:b9:11:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c8084db19f113d81b6448393fad1c132c584fcd Validity Not Before: Dec 6 05:01:34 2025 GMT Not After : Dec 7 05:01:34 2025 GMT Subject: CN=0c83a417ba17ec79f6192952649827975c9db880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e5:58:ad:a9:b6:23:f4:fa:b5:6e:9f:e4:f7: e6:b3:fd:37:86:99:3e:c7:d6:ad:03:45:be:3b:b7: a9:d1:51:69:35:7d:a2:d0:83:b8:00:a2:6f:25:16: 78:03:84:7c:a9:53:48:df:10:f6:81:df:95:23:3e: 26:e9:47:0d:56:3a:ac:b8:90:51:73:f6:b7:02:05: 0d:a2:b7:a2:f4:48:ad:8e:17:1a:57:cd:24:6e:1b: 47:18:35:fb:dd:fd:e6:3a:0e:ef:2a:08:a4:9e:62: 3d:de:6e:89:6b:6b:2d:3b:73:f5:ac:9a:f8:e4:c5: 86:07:b9:93:67:2b:f2:24:a0:d7:9e:ee:62:13:61: 30:af:20:67:a1:52:71:f6:9e:68:08:80:b8:f1:52: 3d:5e:16:91:f8:e1:73:54:98:48:e9:de:77:d0:33: 68:c6:77:d7:be:7b:a7:9d:13:cf:33:ea:8a:58:13: df:aa:f1:5a:18:aa:fa:e3:4a:2a:f4:83:b0:e6:f8: f6:23:9f:e7:78:2e:62:e8:4b:da:38:02:4b:a7:72: 84:52:b7:ca:e4:ff:a5:4f:3d:90:ab:74:59:ab:1d: bd:48:39:e9:3c:ef:9b:17:3c:40:ef:66:4d:11:54: 84:95:af:95:cb:fa:49:9c:c8:a0:b9:8d:61:54:67: fd:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:83:A4:17:BA:17:EC:79:F6:19:29:52:64:98:27:97:5C:9D:B8:80 X509v3 Authority Key Identifier: keyid:5C:80:84:DB:19:F1:13:D8:1B:64:48:39:3F:AD:1C:13:2C:58:4F:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XICE2xnxE9gbZEg5P60cEyxYT80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/67c7e8-c075-40a1-a3ff-819062a12f3d/1/XICE2xnxE9gbZEg5P60cEyxYT80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:c9:20:30:60:04:fd:4e:cf:c1:9a:ae:31:54:67:7c:8a:87: dc:ef:b8:f9:fe:64:ec:f8:5a:80:d2:44:0d:1e:88:92:a7:4c: 3f:ab:10:7f:b2:7c:df:21:9e:f3:0a:86:e3:bd:9a:3d:d7:a3: c1:62:8a:ca:55:cf:47:fc:e1:2a:75:a0:b2:39:c6:5a:57:18: 76:01:39:27:c4:c8:65:c7:c5:ce:5d:aa:80:87:83:3a:13:12: cb:02:52:be:c7:e7:87:95:ba:d8:36:3d:63:af:43:c3:90:1b: dc:58:31:f7:ff:34:6b:27:7b:a2:5b:18:59:cf:eb:95:21:10: 5d:02:6d:96:77:d5:4d:af:e9:cf:0d:75:98:6d:e6:23:83:e3: ca:ac:f2:2f:39:5b:b4:52:56:8a:7f:04:4e:b0:83:aa:d4:0e: 90:4f:72:0a:52:af:dd:d9:c1:a6:f6:70:f1:48:06:b3:be:4e: 8d:59:17:29:91:98:93:89:4b:1e:56:fe:11:09:7e:0e:86:c0: 20:f0:af:78:fa:df:0c:a6:7c:90:f9:0a:c6:03:b5:bc:ba:d0: b3:6b:86:97:53:50:62:22:04:5b:4f:2b:cb:e5:35:aa:12:ef: e8:f1:12:f7:f0:c1:e5:37:85:c3:bf:ea:09:f6:8b:7f:01:bb: 1c:d0:a6:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCWhY3t9htgq9ex6IuRH9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjODA4NGRiMTlmMTEzZDgxYjY0NDgzOTNmYWQxYzEzMmM1 ODRmY2QwHhcNMjUxMjA2MDUwMTM0WhcNMjUxMjA3MDUwMTM0WjAzMTEwLwYDVQQD EygwYzgzYTQxN2JhMTdlYzc5ZjYxOTI5NTI2NDk4Mjc5NzVjOWRiODgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+VYram2I/T6tW6f5Pfms/03hpk+ x9atA0W+O7ep0VFpNX2i0IO4AKJvJRZ4A4R8qVNI3xD2gd+VIz4m6UcNVjqsuJBR c/a3AgUNorei9EitjhcaV80kbhtHGDX73f3mOg7vKgiknmI93m6Ja2stO3P1rJr4 5MWGB7mTZyvyJKDXnu5iE2EwryBnoVJx9p5oCIC48VI9XhaR+OFzVJhI6d530DNo xnfXvnunnRPPM+qKWBPfqvFaGKr640oq9IOw5vj2I5/neC5i6EvaOAJLp3KEUrfK 5P+lTz2Qq3RZqx29SDnpPO+bFzxA72ZNEVSEla+Vy/pJnMiguY1hVGf9twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAyDpBe6F+x59hkpUmSYJ5dcnbiAMB8GA1UdIwQY MBaAFFyAhNsZ8RPYG2RIOT+tHBMsWE/NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWElDRTJ4bnhFOWdiWkVnNVA2MGNFeXhZVDgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82N2M3ZTgtYzA3NS00MGExLWEzZmYt ODE5MDYyYTEyZjNkLzEvWElDRTJ4bnhFOWdiWkVnNVA2MGNFeXhZVDgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82N2M3ZTgtYzA3NS00MGExLWEzZmYtODE5MDYyYTEyZjNk LzEvWElDRTJ4bnhFOWdiWkVnNVA2MGNFeXhZVDgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMkgMGAE /U7PwZquMVRnfIqH3O+4+f5k7PhagNJEDR6IkqdMP6sQf7J83yGe8wqG472aPdej wWKKylXPR/zhKnWgsjnGWlcYdgE5J8TIZcfFzl2qgIeDOhMSywJSvsfnh5W62DY9 Y69Dw5Ab3Fgx9/80ayd7olsYWc/rlSEQXQJtlnfVTa/pzw11mG3mI4PjyqzyLzlb tFJWin8ETrCDqtQOkE9yClKv3dnBpvZw8UgGs75OjVkXKZGYk4lLHlb+EQl+DobA IPCvePrfDKZ8kPkKxgO1vLrQs2uGl1NQYiIEW08ry+U1qhLv6PES9/DB5TeFw7/q CfaLfwG7HNCmmA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:20:01 2025 by rpki-client