This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft File: xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft (raw, json) Hash identifier: c5nBvJIRsoxQRtFA1DoN9Fr50IV5rQ74/KIjR1a8/XA= Subject key identifier: DD:FA:8D:12:D0:75:8D:17:3D:00:04:6D:92:59:3B:78:C7:15:84:62 Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44 Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044 Certificate serial: 019AF23FC79EE9343791E40EA53B1807B345 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 06:00:57 +0000 Manifest this update: Sat 06 Dec 2025 06:00:57 +0000 Manifest next update: Sun 07 Dec 2025 06:00:57 +0000 Files and hashes: 1: nEhO-4IOflDc16smasjo46yXDrU.roa (hash: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=) 2: xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl (hash: W5ViuVLsvHIpcVKUOHizTeP+i/CZvWm+Yb1lwoMyug4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:c7:9e:e9:34:37:91:e4:0e:a5:3b:18:07:b3:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044 Validity Not Before: Dec 6 06:00:57 2025 GMT Not After : Dec 7 06:00:57 2025 GMT Subject: CN=ddfa8d12d0758d173d00046d92593b78c7158462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bf:21:44:26:85:78:ff:36:d4:e7:4d:0e:29: 19:dc:8a:d6:50:d4:e1:bd:a6:6c:0f:3e:07:9a:96: 4f:8e:17:46:9b:3c:70:5e:bc:23:fe:bd:e6:f1:f2: f0:be:40:45:9e:f8:df:c2:aa:b3:b8:c0:a2:b3:2a: be:d7:1d:a1:de:38:01:9a:27:5e:19:82:ec:f0:48: 3c:33:ed:e4:dd:d4:a3:8e:8a:20:c9:af:7a:fc:39: 61:f5:a2:3c:dc:9b:62:3e:68:c6:d0:45:4a:c5:8d: 0e:6b:a6:5f:c5:32:71:c7:38:de:98:4a:b3:19:d4: d4:a2:bc:a0:df:4e:aa:74:8b:57:58:26:0d:9a:5c: c8:b6:f7:a5:62:23:80:b2:7a:12:df:0f:57:ef:6e: 83:a8:4f:83:de:09:88:64:b6:81:cc:00:34:f5:b0: b0:53:7f:f3:49:b4:b8:4e:ab:13:74:8a:fc:73:c0: c0:bb:77:48:bf:01:d9:1f:90:24:c2:70:e8:53:17: 1d:a4:61:33:33:d7:1f:43:5e:c9:ec:df:a4:68:d9: c1:06:a5:cb:23:bf:7e:cf:02:9b:37:0e:40:cf:54: 89:32:45:f8:8a:15:16:fd:fb:b9:f2:2d:60:27:3d: 7a:fc:b5:cc:8d:cb:9c:9c:41:19:3e:87:b8:db:d7: 3e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:FA:8D:12:D0:75:8D:17:3D:00:04:6D:92:59:3B:78:C7:15:84:62 X509v3 Authority Key Identifier: keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:cd:ba:d3:3b:2c:7b:0c:95:73:65:46:63:e4:33:7f:37:3d: c9:c6:20:00:8c:6a:ee:d8:47:2d:ea:fb:69:46:69:ab:9d:d1: 65:5e:41:8f:bb:16:cf:ed:4a:2c:a7:f9:40:cf:e0:85:14:09: 45:6a:6d:f3:ee:4c:d8:80:51:08:3a:b4:ad:e1:ba:c2:93:09: 65:35:01:3f:44:ef:24:6a:db:81:8f:9e:1c:49:0d:57:c4:55: a0:95:77:02:4b:6a:c6:f6:65:4e:77:7b:51:76:87:a5:0f:8c: 3f:bf:ef:88:c2:39:70:5f:23:cf:c2:a9:19:59:85:e3:2f:e6: 19:8f:f1:f1:d7:e4:84:50:f6:52:c3:36:96:fc:19:5c:d5:86: 9a:27:ab:42:a8:e7:c9:63:4c:a9:91:a9:c5:ae:ce:4e:a0:61: 1e:dc:9b:ee:98:fb:f5:d5:5a:0d:80:77:02:7f:99:7c:e3:08: 99:e1:fb:13:2c:50:9a:06:3f:0a:83:f8:2e:e9:5e:a5:6f:66: 25:91:1b:49:c6:5b:34:b7:c5:17:82:a2:e8:9b:c3:3b:69:41: 92:d9:c8:6b:7d:bb:37:40:ea:85:c2:71:ac:99:3b:47:60:7f: ff:fa:ff:41:da:06:40:77:2c:84:70:7b:09:ec:84:25:1b:dc: c4:33:0a:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP8ee6TQ3keQOpTsYB7NFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw MTYwNDQwHhcNMjUxMjA2MDYwMDU3WhcNMjUxMjA3MDYwMDU3WjAzMTEwLwYDVQQD EyhkZGZhOGQxMmQwNzU4ZDE3M2QwMDA0NmQ5MjU5M2I3OGM3MTU4NDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx78hRCaFeP821OdNDikZ3IrWUNTh vaZsDz4HmpZPjhdGmzxwXrwj/r3m8fLwvkBFnvjfwqqzuMCisyq+1x2h3jgBmide GYLs8Eg8M+3k3dSjjoogya96/Dlh9aI83JtiPmjG0EVKxY0Oa6ZfxTJxxzjemEqz GdTUoryg306qdItXWCYNmlzItvelYiOAsnoS3w9X726DqE+D3gmIZLaBzAA09bCw U3/zSbS4TqsTdIr8c8DAu3dIvwHZH5AkwnDoUxcdpGEzM9cfQ17J7N+kaNnBBqXL I79+zwKbNw5Az1SJMkX4ihUW/fu58i1gJz16/LXMjcucnEEZPoe429c++QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN36jRLQdY0XPQAEbZJZO3jHFYRiMB8GA1UdIwQY MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt MTdlMWEyNTY5NTY4LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4 LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8260zss ewyVc2VGY+Qzfzc9ycYgAIxq7thHLer7aUZpq53RZV5Bj7sWz+1KLKf5QM/ghRQJ RWpt8+5M2IBRCDq0reG6wpMJZTUBP0TvJGrbgY+eHEkNV8RVoJV3AktqxvZlTnd7 UXaHpQ+MP7/viMI5cF8jz8KpGVmF4y/mGY/x8dfkhFD2UsM2lvwZXNWGmierQqjn yWNMqZGpxa7OTqBhHtyb7pj79dVaDYB3An+ZfOMImeH7EyxQmgY/CoP4LulepW9m JZEbScZbNLfFF4Ki6JvDO2lBktnIa327N0DqhcJxrJk7R2B///r/QdoGQHcshHB7 CeyEJRvcxDMKuw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:42:12 2025 by rpki-client