This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.mft File: XHbv8miEvwBiB9cis7AaRNK1YZk.mft (raw, json) Hash identifier: gwO3X2vVs7Lg1Oqm/T2gnf7WnTe7oexBMy+LFaogPG4= Subject key identifier: 3D:80:EE:71:F9:08:0A:25:B2:F6:27:F7:94:FC:93:C1:4B:18:68:FD Authority key identifier: 5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99 Certificate issuer: /CN=5c76eff26884bf006207d722b3b01a44d2b56199 Certificate serial: 019B2175AF15C481C447B0A28047CB0D85DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.mft Manifest number: 0FB1 Signing time: Mon 15 Dec 2025 10:01:59 +0000 Manifest this update: Mon 15 Dec 2025 10:01:59 +0000 Manifest next update: Tue 16 Dec 2025 10:01:59 +0000 Files and hashes: 1: XHbv8miEvwBiB9cis7AaRNK1YZk.crl (hash: rtytM56lYT+9+tLgfHNuNJ2/mZ72UQOBxQi/qjlk6wM=) 2: aeqC4EE0KUZ0Hdgey5muRSCYEvc.roa (hash: aH7XcxnHv3qEq7LQXqlBVrjotePFAy5nc/77ZI52Ock=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.crl rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.mft rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:af:15:c4:81:c4:47:b0:a2:80:47:cb:0d:85:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c76eff26884bf006207d722b3b01a44d2b56199 Validity Not Before: Dec 15 10:01:59 2025 GMT Not After : Dec 16 10:01:59 2025 GMT Subject: CN=3d80ee71f9080a25b2f627f794fc93c14b1868fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:d0:38:ff:1d:80:77:46:9a:a5:91:f3:34: d0:f4:43:63:60:f3:c4:b3:c1:cd:8d:e1:80:9c:47: fd:a5:78:bb:37:a2:cd:7f:54:6a:52:c8:3c:3a:e3: 64:cd:4a:59:1f:39:b9:9b:72:3b:e9:29:24:dc:e2: 1c:ef:f1:f8:e1:75:e4:28:95:c4:1c:0d:60:8b:38: 5c:10:ad:d4:08:89:d5:fe:d3:3b:a1:63:df:ae:6d: b9:a1:ab:1d:47:c2:e3:cd:c9:e5:f0:d1:aa:d4:c8: 5c:b7:8d:01:53:1a:16:5e:8c:71:01:8f:4f:cc:f3: 08:2c:1c:11:30:7b:8d:1e:5e:ab:77:8b:a6:34:69: 04:cf:e1:13:e8:c6:57:55:25:3f:60:26:19:9f:62: e9:3a:28:67:d5:df:e1:48:38:3b:3e:5d:68:a5:5c: 0e:61:fb:66:5f:da:1a:2d:e9:7f:18:24:f1:72:0c: 07:58:15:0f:84:b6:14:2d:1c:08:68:54:d4:8a:7f: e7:f6:97:42:b7:7c:ea:4e:c7:f6:70:d4:33:1e:ae: fe:d3:cf:53:c5:03:f1:00:5a:e5:87:4e:2a:40:86: 93:08:ea:d1:eb:bb:b3:6b:c7:7e:11:09:82:0c:f6: de:f8:3c:8f:b0:ef:cc:3d:de:e5:d4:a0:38:f1:1a: 08:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:80:EE:71:F9:08:0A:25:B2:F6:27:F7:94:FC:93:C1:4B:18:68:FD X509v3 Authority Key Identifier: keyid:5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:fe:2d:12:17:de:c9:69:97:52:50:53:fb:1a:b0:f5:49:d2: 87:85:57:1c:21:37:56:23:54:c6:32:1a:73:47:7a:4b:bb:04: 49:89:b3:8d:01:ce:0c:49:78:af:28:bd:bd:c1:e3:1c:d0:99: 33:ad:06:12:4e:0a:52:7a:a8:15:b5:c3:62:d1:aa:0c:3e:6d: b2:09:e3:25:ac:0c:43:40:67:f9:53:8a:26:12:8d:d8:03:86: ba:b0:96:67:65:63:ea:85:69:ab:25:07:6a:1c:84:36:a6:f8: 39:35:86:9e:06:19:4b:68:89:9d:a5:94:28:30:85:42:a5:ee: 4d:83:65:25:da:31:19:82:a4:12:37:f9:96:2a:38:02:43:19: 1e:83:69:d2:16:ee:a2:cd:52:53:25:45:a9:30:27:26:f4:a5: ca:70:cd:3b:16:52:76:09:35:d8:03:a5:ea:a6:7f:fc:ab:61: 9c:cf:a8:f9:93:26:2e:51:cd:32:3e:fd:32:09:67:6a:ca:06: 31:19:cc:d4:cd:07:c3:c4:4f:a6:06:be:9b:f3:09:4c:04:f7: 60:91:a4:54:48:0f:49:6e:0d:d8:45:8f:73:3a:31:cc:71:60: 06:20:76:7d:e0:18:45:96:05:47:80:b8:1f:0e:fe:69:59:c8: a3:b3:62:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshda8VxIHER7CigEfLDYXfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNzZlZmYyNjg4NGJmMDA2MjA3ZDcyMmIzYjAxYTQ0ZDJi NTYxOTkwHhcNMjUxMjE1MTAwMTU5WhcNMjUxMjE2MTAwMTU5WjAzMTEwLwYDVQQD EygzZDgwZWU3MWY5MDgwYTI1YjJmNjI3Zjc5NGZjOTNjMTRiMTg2OGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIzQOP8dgHdGmqWR8zTQ9ENjYPPE s8HNjeGAnEf9pXi7N6LNf1RqUsg8OuNkzUpZHzm5m3I76Skk3OIc7/H44XXkKJXE HA1gizhcEK3UCInV/tM7oWPfrm25oasdR8Ljzcnl8NGq1Mhct40BUxoWXoxxAY9P zPMILBwRMHuNHl6rd4umNGkEz+ET6MZXVSU/YCYZn2LpOihn1d/hSDg7Pl1opVwO YftmX9oaLel/GCTxcgwHWBUPhLYULRwIaFTUin/n9pdCt3zqTsf2cNQzHq7+089T xQPxAFrlh04qQIaTCOrR67uza8d+EQmCDPbe+DyPsO/MPd7l1KA48RoIewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD2A7nH5CAolsvYn95T8k8FLGGj9MB8GA1UdIwQY MBaAFFx27/JohL8AYgfXIrOwGkTStWGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgt NjYwNDExYjlkMTY3LzEvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgtNjYwNDExYjlkMTY3 LzEvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgv4tEhfe yWmXUlBT+xqw9UnSh4VXHCE3ViNUxjIac0d6S7sESYmzjQHODEl4ryi9vcHjHNCZ M60GEk4KUnqoFbXDYtGqDD5tsgnjJawMQ0Bn+VOKJhKN2AOGurCWZ2Vj6oVpqyUH ahyENqb4OTWGngYZS2iJnaWUKDCFQqXuTYNlJdoxGYKkEjf5lio4AkMZHoNp0hbu os1SUyVFqTAnJvSlynDNOxZSdgk12AOl6qZ//KthnM+o+ZMmLlHNMj79MglnasoG MRnM1M0Hw8RPpga+m/MJTAT3YJGkVEgPSW4N2EWPczoxzHFgBiB2feAYRZYFR4C4 Hw7+aVnIo7Niaw== -----END CERTIFICATE-----Generated at Mon Dec 15 20:20:25 2025 by rpki-client