This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft
File: XQwn-FWB4ue94MmPvVS-HUlnBRc.mft (raw, json)
Hash identifier: OJF8bbzQJ0aIONI3+AbmQDYR53XezjAJGlGzbE/Gafc=
Subject key identifier: 69:7F:27:8E:12:CC:E2:EE:85:12:EA:3F:89:6B:AF:5D:F9:EF:08:25
Authority key identifier: 5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17
Certificate issuer: /CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517
Certificate serial: 019B2664BE895E4E5752CBF8FFB89D79FA35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft
Manifest number: 177D
Signing time: Tue 16 Dec 2025 09:01:35 +0000
Manifest this update: Tue 16 Dec 2025 09:01:35 +0000
Manifest next update: Wed 17 Dec 2025 09:01:35 +0000
Files and hashes: 1: 5lc5ZmxcIf_S-qtTdxwVFYdfw74.roa (hash: nWQ6LzHmMcNUWFVJjD8F6A2IBDinnQ/3GkZ+tOcMhcc=)
2: XQwn-FWB4ue94MmPvVS-HUlnBRc.crl (hash: NlxMNZxvuVZ4XuJLUY3IJBL1PmVbrkgWiRMUqKG+Ydc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Dec 2025 09:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:26:64:be:89:5e:4e:57:52:cb:f8:ff:b8:9d:79:fa:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517
Validity
Not Before: Dec 16 09:01:35 2025 GMT
Not After : Dec 17 09:01:35 2025 GMT
Subject: CN=697f278e12cce2ee8512ea3f896baf5df9ef0825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:e2:13:66:eb:49:e6:9e:a1:75:45:6a:3b:
50:44:c7:b2:0c:9c:e5:09:7f:8a:cf:c2:02:57:ce:
af:67:9d:c2:81:45:28:67:7c:4e:47:b7:5e:98:24:
c7:c1:f6:11:9c:0d:e8:7a:1a:41:c6:13:71:a6:57:
9b:c5:0e:d7:f1:4e:ef:a5:82:58:80:ba:41:71:15:
ba:d2:1b:86:ff:1e:25:48:c3:29:e1:32:24:a0:bb:
db:3a:1a:4c:38:f5:3b:d0:a2:f9:07:56:01:15:15:
d8:e5:c9:55:01:03:8b:a2:49:da:bd:ad:42:b6:bc:
80:e1:d2:d4:11:68:c2:b8:98:16:cd:e2:16:86:9f:
a1:1d:a2:02:c7:6e:0b:1b:9c:57:ef:4c:f5:93:be:
d1:00:83:00:6c:fc:7d:c0:71:06:fd:c0:95:8e:5b:
87:1a:50:05:e4:9e:92:77:6f:d1:aa:74:5b:77:39:
69:c6:60:51:d2:ef:ed:8f:f9:7d:d5:69:18:cb:de:
a4:ac:1a:0c:bc:c8:2b:d2:6d:c3:d1:6e:12:2d:f2:
c7:49:24:48:cc:6a:d8:f5:8f:8f:02:a3:f3:1f:c5:
1f:60:51:d4:8d:17:86:33:f1:60:2c:bb:f6:d7:71:
60:f9:bd:ac:1b:ee:f9:11:be:d9:74:4e:0e:fd:57:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7F:27:8E:12:CC:E2:EE:85:12:EA:3F:89:6B:AF:5D:F9:EF:08:25
X509v3 Authority Key Identifier:
keyid:5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:a8:c8:52:f0:bc:ee:e3:dc:6c:51:50:88:29:2c:c1:0d:43:
cf:c7:3c:b3:b9:73:11:d9:93:7d:c8:31:a4:d8:9d:9d:9f:a3:
e3:ef:28:cc:5a:8a:eb:8f:c7:b7:78:90:69:9b:1b:c7:60:94:
94:2e:1a:8b:1f:64:ef:b9:2f:7c:63:a8:c7:b3:ae:27:18:4a:
c0:cd:1e:c5:1c:c2:4b:6f:b7:da:ff:90:0a:3a:d5:93:ad:f7:
3e:6f:47:08:3e:55:0b:07:20:4b:c2:77:a6:58:2e:40:d3:4d:
96:71:d6:bd:89:f8:1e:1a:8a:76:8e:55:94:bb:cd:d8:95:82:
a2:1d:85:d1:a0:83:d8:a8:a9:e3:e5:f9:c0:a9:40:c5:cc:28:
c6:ef:16:44:c6:d5:a4:63:43:85:c5:44:11:09:03:27:87:13:
08:36:76:be:60:b5:2a:09:d2:41:3d:3c:16:89:86:67:c1:ba:
86:15:d0:3c:e6:e4:ff:a6:cc:4c:9c:71:7d:54:23:34:67:c2:
6c:b3:ed:82:4f:5b:84:c7:60:68:f1:56:84:21:71:f7:d4:ab:
d4:31:ca:4c:e4:ee:e3:2f:46:d4:78:07:59:b7:d1:72:80:29:
c0:a9:15:3d:6a:86:41:78:ba:6a:5f:c6:96:56:08:db:08:6a:
27:e0:7c:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsmZL6JXk5XUsv4/7idefo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGMyN2Y4NTU4MWUyZTdiZGUwYzk4ZmJkNTRiZTFkNDk2
NzA1MTcwHhcNMjUxMjE2MDkwMTM1WhcNMjUxMjE3MDkwMTM1WjAzMTEwLwYDVQQD
Eyg2OTdmMjc4ZTEyY2NlMmVlODUxMmVhM2Y4OTZiYWY1ZGY5ZWYwODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsriE2brSeaeoXVFajtQRMeyDJzl
CX+Kz8ICV86vZ53CgUUoZ3xOR7demCTHwfYRnA3oehpBxhNxplebxQ7X8U7vpYJY
gLpBcRW60huG/x4lSMMp4TIkoLvbOhpMOPU70KL5B1YBFRXY5clVAQOLoknava1C
tryA4dLUEWjCuJgWzeIWhp+hHaICx24LG5xX70z1k77RAIMAbPx9wHEG/cCVjluH
GlAF5J6Sd2/RqnRbdzlpxmBR0u/tj/l91WkYy96krBoMvMgr0m3D0W4SLfLHSSRI
zGrY9Y+PAqPzH8UfYFHUjReGM/FgLLv213Fg+b2sG+75Eb7ZdE4O/VeiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGl/J44SzOLuhRLqP4lrr1357wglMB8GA1UdIwQY
MBaAFF0MJ/hVgeLnveDJj71Uvh1JZwUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMt
MzQxZjUxNzNmY2Y3LzEvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMtMzQxZjUxNzNmY2Y3
LzEvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6jIUvC8
7uPcbFFQiCkswQ1Dz8c8s7lzEdmTfcgxpNidnZ+j4+8ozFqK64/Ht3iQaZsbx2CU
lC4aix9k77kvfGOox7OuJxhKwM0exRzCS2+32v+QCjrVk633Pm9HCD5VCwcgS8J3
plguQNNNlnHWvYn4HhqKdo5VlLvN2JWCoh2F0aCD2Kip4+X5wKlAxcwoxu8WRMbV
pGNDhcVEEQkDJ4cTCDZ2vmC1KgnSQT08FomGZ8G6hhXQPObk/6bMTJxxfVQjNGfC
bLPtgk9bhMdgaPFWhCFx99Sr1DHKTOTu4y9G1HgHWbfRcoApwKkVPWqGQXi6al/G
llYI2whqJ+B8UA==
-----END CERTIFICATE-----
Generated at Tue Dec 16 18:01:10 2025 by rpki-client