This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json) Hash identifier: efDIQcsEYONgs5oeYluXqHaOL/o7+4ASvs8Kpb/6C3Q= Subject key identifier: 7F:6E:A2:1A:AA:14:1F:22:5E:25:C2:E2:05:DC:EC:95:0F:D7:B0:46 Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440 Certificate serial: 019AF2ADB38AC4E8003141DDC5221F04E5A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft Manifest number: 156F Signing time: Sat 06 Dec 2025 08:01:01 +0000 Manifest this update: Sat 06 Dec 2025 08:01:01 +0000 Manifest next update: Sun 07 Dec 2025 08:01:01 +0000 Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=) 2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: ibB+VAD2B4i6WKA8OW0xfmi0+KzbCFS/QlYGtFKoKVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b3:8a:c4:e8:00:31:41:dd:c5:22:1f:04:e5:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440 Validity Not Before: Dec 6 08:01:01 2025 GMT Not After : Dec 7 08:01:01 2025 GMT Subject: CN=7f6ea21aaa141f225e25c2e205dcec950fd7b046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:31:07:da:6a:ba:61:ff:fc:fd:08:87:57:3c: 54:69:04:0a:bd:3d:70:3e:8a:6e:02:5d:dd:c2:80: 28:ca:7e:3d:b4:92:10:6f:11:3b:a3:e7:46:ac:85: 0f:6b:59:6a:5d:21:5b:31:db:66:d6:95:ad:a8:0a: c5:ef:d1:c0:e4:ee:4b:09:ea:3f:5c:d2:47:e2:33: 2e:54:44:6a:24:21:75:3e:94:11:3c:be:59:08:66: 13:e1:ac:a0:8f:58:0d:41:f6:dc:91:db:ec:a5:01: 18:fb:87:45:5d:4a:b1:85:ab:83:ec:8d:61:c2:24: 4d:b5:1c:8a:8f:fe:c2:3e:d6:a2:d0:13:89:12:45: 1e:fe:d7:83:9d:d6:e3:63:2a:2c:27:84:c3:6d:c8: 0b:fd:07:dd:ad:c5:50:d5:4e:65:fb:f3:08:f0:db: fe:3d:4f:1a:71:af:ef:f1:9d:4d:d4:b0:f9:6e:65: 8f:ae:fa:1a:b5:c6:f0:34:7c:17:14:86:99:d7:c7: 06:9f:e2:d8:47:ad:21:1f:0f:29:8f:41:0f:fa:d8: d6:d4:4d:b1:07:3b:69:6e:1d:0b:d7:85:77:26:97: 4b:df:e6:4a:28:a7:c3:9b:d7:8e:c1:6a:70:9a:8e: e4:16:20:2d:b7:53:1c:e2:3a:ae:86:a2:76:48:80: 24:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:6E:A2:1A:AA:14:1F:22:5E:25:C2:E2:05:DC:EC:95:0F:D7:B0:46 X509v3 Authority Key Identifier: keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:fa:c6:7a:50:99:ae:48:95:22:a4:02:ad:d7:72:7e:63:89: c5:fc:d2:96:ca:dd:06:60:57:2c:9a:27:7e:49:91:a2:31:37: 82:a7:4c:93:ae:1f:3d:43:02:d7:9a:fe:c5:7e:f9:76:02:94: f6:11:cd:73:a0:3c:a8:a6:81:8f:f1:4f:64:92:aa:81:4e:b5: 2c:e3:8f:f2:cd:f0:63:ab:05:b3:69:78:9e:db:be:42:44:bf: 5a:f5:a9:ad:8f:bb:94:42:bf:9e:5e:98:06:9d:fc:a2:a6:82: 50:38:72:be:7e:f4:a3:87:b4:6b:df:e6:d6:0b:4b:9b:1a:80: 3b:db:ba:b6:87:b4:d3:84:ae:0e:fe:22:27:9c:e8:45:cc:78: da:4c:46:b1:78:e5:6f:9e:b9:f4:d5:4a:86:dd:d7:98:31:60: 24:9b:24:54:48:82:14:a5:1c:ce:19:86:18:ba:34:7b:dd:e6: 6c:48:86:9a:3e:2e:0b:33:99:7c:7c:ee:9e:3f:72:fe:d8:48: 5b:98:e0:15:5d:b5:38:2b:2b:68:ce:56:98:9a:fd:ca:80:2d: 51:47:7f:b3:57:7c:6b:18:2b:b4:85:57:34:ec:bc:68:ba:55: fc:3b:e0:86:c0:00:bc:ce:51:7e:b7:ee:19:44:db:12:9c:ef: e5:ba:6f:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbOKxOgAMUHdxSIfBOWiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl MzU0NDAwHhcNMjUxMjA2MDgwMTAxWhcNMjUxMjA3MDgwMTAxWjAzMTEwLwYDVQQD Eyg3ZjZlYTIxYWFhMTQxZjIyNWUyNWMyZTIwNWRjZWM5NTBmZDdiMDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTEH2mq6Yf/8/QiHVzxUaQQKvT1w PopuAl3dwoAoyn49tJIQbxE7o+dGrIUPa1lqXSFbMdtm1pWtqArF79HA5O5LCeo/ XNJH4jMuVERqJCF1PpQRPL5ZCGYT4aygj1gNQfbckdvspQEY+4dFXUqxhauD7I1h wiRNtRyKj/7CPtai0BOJEkUe/teDndbjYyosJ4TDbcgL/QfdrcVQ1U5l+/MI8Nv+ PU8aca/v8Z1N1LD5bmWPrvoatcbwNHwXFIaZ18cGn+LYR60hHw8pj0EP+tjW1E2x Bztpbh0L14V3JpdL3+ZKKKfDm9eOwWpwmo7kFiAtt1Mc4jquhqJ2SIAkXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH9uohqqFB8iXiXC4gXc7JUP17BGMB8GA1UdIwQY MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfrGelCZ rkiVIqQCrddyfmOJxfzSlsrdBmBXLJonfkmRojE3gqdMk64fPUMC15r+xX75dgKU 9hHNc6A8qKaBj/FPZJKqgU61LOOP8s3wY6sFs2l4ntu+QkS/WvWprY+7lEK/nl6Y Bp38oqaCUDhyvn70o4e0a9/m1gtLmxqAO9u6toe004SuDv4iJ5zoRcx42kxGsXjl b5659NVKht3XmDFgJJskVEiCFKUczhmGGLo0e93mbEiGmj4uCzOZfHzunj9y/thI W5jgFV21OCsraM5WmJr9yoAtUUd/s1d8axgrtIVXNOy8aLpV/DvghsAAvM5Rfrfu GUTbEpzv5bpvhQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:11:41 2025 by rpki-client