This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json) Hash identifier: k3k4h0S2JTW9fS+fVrXnQenX2cPdPRZjydJ3/ZfWQ/k= Subject key identifier: 80:24:06:CE:A6:82:1E:BA:CB:C2:7F:2E:2E:B9:BC:F1:01:21:3C:9F Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440 Certificate serial: 019B3268E2032ACA5E67F7A1E45919234A1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft Manifest number: 1590 Signing time: Thu 18 Dec 2025 17:01:32 +0000 Manifest this update: Thu 18 Dec 2025 17:01:32 +0000 Manifest next update: Fri 19 Dec 2025 17:01:32 +0000 Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=) 2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 1ah0dj7amkKN7PFAqx7aamJUUueuZHLlqdzKF1VWYTY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:e2:03:2a:ca:5e:67:f7:a1:e4:59:19:23:4a:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440 Validity Not Before: Dec 18 17:01:32 2025 GMT Not After : Dec 19 17:01:32 2025 GMT Subject: CN=802406cea6821ebacbc27f2e2eb9bcf101213c9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e8:c4:85:7e:ea:13:f3:b9:f4:05:b1:eb:b2: 52:fc:7b:c2:6a:0d:ba:14:e0:cd:88:ab:7d:6e:e1: 02:a4:19:b6:bf:b3:2e:6b:a8:9b:51:36:28:b0:06: 29:70:40:f4:21:1e:a6:a1:4b:fd:1e:4b:e3:d2:af: 60:c0:a8:ed:d9:35:9d:94:4a:86:56:2d:1d:06:c5: 4b:68:34:13:3d:ac:de:71:c4:97:b4:ed:a7:0d:4b: 38:8c:58:f8:48:2e:7d:37:c9:62:fe:0c:b6:91:ad: 3e:95:95:41:83:66:3c:24:c9:10:14:a3:25:b3:76: 06:b0:84:c1:4b:c1:d3:03:42:c4:a6:16:ce:a9:b1: 7d:fe:c1:1a:c4:a4:36:cc:d0:f5:19:73:94:ff:df: 63:42:9c:0b:c1:be:b8:84:38:53:cc:f2:1d:46:34: 49:89:36:5e:63:86:a9:c2:6d:e4:39:8b:46:d9:5c: a5:56:dc:c3:ab:c8:9e:db:c9:ca:6f:64:ca:5c:20: cf:6b:74:c1:e7:1d:dc:47:9f:75:79:6c:64:e8:7b: d2:5e:bc:3c:e6:42:54:14:3a:a4:d9:ac:cf:3a:00: cc:50:85:7f:5f:b7:b0:ff:7b:8a:77:bf:3f:ba:55: 77:13:af:d9:0b:dd:cc:1f:43:dd:e3:c5:64:57:51: 15:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:24:06:CE:A6:82:1E:BA:CB:C2:7F:2E:2E:B9:BC:F1:01:21:3C:9F X509v3 Authority Key Identifier: keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:82:0e:08:19:cc:dc:f0:c5:9c:1e:50:d7:95:87:c2:59:4c: 1e:f8:c9:c8:4f:53:29:d0:74:13:64:f6:6d:07:8e:6d:63:ac: 23:71:60:92:1d:35:21:db:2a:96:d8:4b:8c:86:67:d9:60:c5: 2a:a1:cc:66:65:4b:a6:31:ea:a1:07:c9:18:cb:ab:39:90:c9: db:7c:75:5f:cf:7f:5f:be:38:ce:45:4e:42:c7:e9:ba:80:fc: b5:49:fc:02:a8:93:ab:e2:41:af:b7:64:fb:69:32:ae:9c:b8: 02:61:3e:73:00:b4:74:7d:7f:8a:a9:6c:02:df:be:83:f6:f4: c9:bc:eb:1a:9b:46:a6:a6:41:8c:0f:25:c3:52:6c:f1:4a:8b: a9:8e:36:f2:93:c7:92:dd:2e:c4:11:fb:b4:36:a4:93:6c:90: ef:45:94:84:db:98:6b:5b:cd:43:c7:50:c8:c8:e5:71:ea:be: 8f:48:60:c8:4b:f2:e7:2c:8e:c2:6b:77:47:61:3c:9b:f6:ca: 86:7e:24:fa:1c:ab:9a:d4:09:47:91:1e:ae:1c:2d:20:29:be: 18:11:44:00:3c:95:89:cd:4a:3b:00:af:f8:8e:8e:c1:95:32: 91:31:ae:4e:ea:47:09:ef:c8:77:99:97:f2:91:85:83:86:d5: d2:80:d7:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaOIDKspeZ/eh5FkZI0oeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl MzU0NDAwHhcNMjUxMjE4MTcwMTMyWhcNMjUxMjE5MTcwMTMyWjAzMTEwLwYDVQQD Eyg4MDI0MDZjZWE2ODIxZWJhY2JjMjdmMmUyZWI5YmNmMTAxMjEzYzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOjEhX7qE/O59AWx67JS/HvCag26 FODNiKt9buECpBm2v7Mua6ibUTYosAYpcED0IR6moUv9Hkvj0q9gwKjt2TWdlEqG Vi0dBsVLaDQTPazeccSXtO2nDUs4jFj4SC59N8li/gy2ka0+lZVBg2Y8JMkQFKMl s3YGsITBS8HTA0LEphbOqbF9/sEaxKQ2zND1GXOU/99jQpwLwb64hDhTzPIdRjRJ iTZeY4apwm3kOYtG2VylVtzDq8ie28nKb2TKXCDPa3TB5x3cR591eWxk6HvSXrw8 5kJUFDqk2azPOgDMUIV/X7ew/3uKd78/ulV3E6/ZC93MH0Pd48VkV1EVrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIAkBs6mgh66y8J/Li65vPEBITyfMB8GA1UdIwQY MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfoIOCBnM 3PDFnB5Q15WHwllMHvjJyE9TKdB0E2T2bQeObWOsI3Fgkh01IdsqlthLjIZn2WDF KqHMZmVLpjHqoQfJGMurOZDJ23x1X89/X744zkVOQsfpuoD8tUn8AqiTq+JBr7dk +2kyrpy4AmE+cwC0dH1/iqlsAt++g/b0ybzrGptGpqZBjA8lw1Js8UqLqY428pPH kt0uxBH7tDakk2yQ70WUhNuYa1vNQ8dQyMjlceq+j0hgyEvy5yyOwmt3R2E8m/bK hn4k+hyrmtQJR5EerhwtICm+GBFEADyVic1KOwCv+I6OwZUykTGuTupHCe/Id5mX 8pGFg4bV0oDXlA== -----END CERTIFICATE-----Generated at Thu Dec 18 23:07:04 2025 by rpki-client