This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.mft File: XchzCYds7EBPAHv22gQ0wL3GLYs.mft (raw, json) Hash identifier: i/eZ98vwYux8nQ3up7RmaXeYqYoMPJY39DbU+/Y763M= Subject key identifier: 12:23:19:99:D0:A7:83:AA:00:31:CB:1F:4D:20:1E:3B:DB:49:DB:ED Authority key identifier: 5D:C8:73:09:87:6C:EC:40:4F:00:7B:F6:DA:04:34:C0:BD:C6:2D:8B Certificate issuer: /CN=5dc87309876cec404f007bf6da0434c0bdc62d8b Certificate serial: 019AF31C0D52FE39429123BDE9B084F991DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 10:01:32 +0000 Manifest this update: Sat 06 Dec 2025 10:01:32 +0000 Manifest next update: Sun 07 Dec 2025 10:01:32 +0000 Files and hashes: 1: XchzCYds7EBPAHv22gQ0wL3GLYs.crl (hash: 7RKxrUC9kAByf4nvmJHRVTvJGFgC55IAoS2+XrcFavA=) 2: jcQt-MOzJfjybIamiUioFB-oBn4.roa (hash: vxzopxc1UXJfcspNz3GsRCac77+K0gwBOQSeqjgarpw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.mft rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:0d:52:fe:39:42:91:23:bd:e9:b0:84:f9:91:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dc87309876cec404f007bf6da0434c0bdc62d8b Validity Not Before: Dec 6 10:01:32 2025 GMT Not After : Dec 7 10:01:32 2025 GMT Subject: CN=12231999d0a783aa0031cb1f4d201e3bdb49dbed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:71:3c:6e:85:f0:a4:6e:44:79:88:82:19:05: 44:9a:41:2f:47:60:37:fe:f0:e7:3f:56:c6:b5:f3: aa:fc:f3:98:54:14:b5:25:fc:24:27:91:b0:67:31: c5:48:ae:eb:09:b5:56:50:bb:28:25:d4:d6:95:bc: 35:97:df:41:06:44:7a:11:83:1b:95:75:3d:a2:e4: c1:f8:ce:16:0b:a5:09:56:cb:4c:be:4f:35:d1:01: 72:7f:82:5b:53:30:a6:4c:56:62:16:1a:13:ca:98: 04:6c:c5:18:0e:71:16:da:0a:19:41:a5:5d:2b:53: 7f:9a:70:38:c0:67:30:ff:33:46:b5:e4:27:0d:1f: a1:42:d6:3b:66:d8:f5:6a:ba:bd:fb:7f:de:d2:fd: 63:61:b8:ef:86:c2:1f:6f:a9:bf:72:e9:2a:fa:cf: 28:b5:3b:f6:35:8a:42:f5:c9:d2:3b:4b:c6:2d:6a: 3e:e6:1b:6a:ce:cc:ca:91:2d:1a:ed:5b:5c:2f:9a: 93:c6:7d:68:47:3b:bc:68:64:95:b1:64:23:b5:d7: d7:05:30:cd:d1:89:7f:f7:28:db:a7:2e:c6:1d:76: 33:c0:d5:03:99:32:b6:70:13:26:41:01:d3:e1:64: b8:d5:68:15:40:54:44:14:5a:dd:35:e5:49:91:f2: 54:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:23:19:99:D0:A7:83:AA:00:31:CB:1F:4D:20:1E:3B:DB:49:DB:ED X509v3 Authority Key Identifier: keyid:5D:C8:73:09:87:6C:EC:40:4F:00:7B:F6:DA:04:34:C0:BD:C6:2D:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XchzCYds7EBPAHv22gQ0wL3GLYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/44dd9f-4891-45ae-9030-8da8317de3f6/1/XchzCYds7EBPAHv22gQ0wL3GLYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:7a:e8:e1:da:a7:a5:aa:0f:0a:0e:7c:00:87:6a:76:6c:2e: 31:40:e2:07:ef:b2:0f:6d:b7:44:4d:fa:9b:b3:50:b9:bb:d2: 09:a9:70:9a:0e:cf:48:a8:b2:11:b6:66:9f:8d:6c:c3:8a:7b: 30:b2:21:b6:3b:71:38:44:0e:22:8f:32:1d:30:c7:d1:70:45: 17:c0:47:15:bc:78:8a:57:ca:08:40:03:5d:53:05:2a:14:74: 09:bc:a0:ae:b0:73:69:41:c2:fb:ae:fa:bf:8f:7b:ef:e6:b7: 8d:13:14:8f:5e:8c:1f:55:b1:d1:58:c4:15:be:a9:69:67:3c: 95:c4:e4:82:ca:0d:f5:10:cb:e7:fe:74:34:91:9e:d2:f0:0b: 57:8a:a9:ac:0a:18:bb:6c:38:a8:46:f0:c7:2b:0d:6b:1f:5f: e6:d8:81:98:31:97:da:17:28:30:1c:7a:45:c2:c8:4c:9c:ef: 63:a3:9f:ca:e4:af:4e:5b:2b:92:33:4c:52:88:49:06:31:44: 0f:8c:1e:c4:b4:a1:d9:9f:47:09:9d:aa:6f:e4:d1:66:85:32: 3e:18:b6:ac:c9:3c:82:30:a9:44:d2:e1:86:39:d4:85:da:66: 22:fa:ca:4c:d2:5f:aa:ce:3c:3c:c6:59:42:8f:c2:93:00:47: b1:48:15:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHA1S/jlCkSO96bCE+ZHbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYzg3MzA5ODc2Y2VjNDA0ZjAwN2JmNmRhMDQzNGMwYmRj NjJkOGIwHhcNMjUxMjA2MTAwMTMyWhcNMjUxMjA3MTAwMTMyWjAzMTEwLwYDVQQD EygxMjIzMTk5OWQwYTc4M2FhMDAzMWNiMWY0ZDIwMWUzYmRiNDlkYmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XE8boXwpG5EeYiCGQVEmkEvR2A3 /vDnP1bGtfOq/POYVBS1JfwkJ5GwZzHFSK7rCbVWULsoJdTWlbw1l99BBkR6EYMb lXU9ouTB+M4WC6UJVstMvk810QFyf4JbUzCmTFZiFhoTypgEbMUYDnEW2goZQaVd K1N/mnA4wGcw/zNGteQnDR+hQtY7Ztj1arq9+3/e0v1jYbjvhsIfb6m/cukq+s8o tTv2NYpC9cnSO0vGLWo+5htqzszKkS0a7VtcL5qTxn1oRzu8aGSVsWQjtdfXBTDN 0Yl/9yjbpy7GHXYzwNUDmTK2cBMmQQHT4WS41WgVQFREFFrdNeVJkfJU8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBIjGZnQp4OqADHLH00gHjvbSdvtMB8GA1UdIwQY MBaAFF3IcwmHbOxATwB79toENMC9xi2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGNoekNZZHM3RUJQQUh2MjJnUTB3TDNHTFlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80NGRkOWYtNDg5MS00NWFlLTkwMzAt OGRhODMxN2RlM2Y2LzEvWGNoekNZZHM3RUJQQUh2MjJnUTB3TDNHTFlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi80NGRkOWYtNDg5MS00NWFlLTkwMzAtOGRhODMxN2RlM2Y2 LzEvWGNoekNZZHM3RUJQQUh2MjJnUTB3TDNHTFlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOnro4dqn paoPCg58AIdqdmwuMUDiB++yD223RE36m7NQubvSCalwmg7PSKiyEbZmn41sw4p7 MLIhtjtxOEQOIo8yHTDH0XBFF8BHFbx4ilfKCEADXVMFKhR0CbygrrBzaUHC+676 v4977+a3jRMUj16MH1Wx0VjEFb6paWc8lcTkgsoN9RDL5/50NJGe0vALV4qprAoY u2w4qEbwxysNax9f5tiBmDGX2hcoMBx6RcLITJzvY6OfyuSvTlsrkjNMUohJBjFE D4wexLSh2Z9HCZ2qb+TRZoUyPhi2rMk8gjCpRNLhhjnUhdpmIvrKTNJfqs48PMZZ Qo/CkwBHsUgVKA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:23:21 2025 by rpki-client