This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft File: xKMWKFZYILOlo-HPyHdz4oP7lcE.mft (raw, json) Hash identifier: 7uUVJSzOk2RmxmogtupKoN+aFdhcNuLvuY+wLoknD4c= Subject key identifier: F3:55:A0:06:C5:79:3C:7F:7D:D5:AA:C0:DA:00:5E:80:0E:34:59:FB Authority key identifier: C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1 Certificate issuer: /CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1 Certificate serial: 019AF0883A69A3F8D4B8ED13701AD36E8F37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft Manifest number: 0CA6 Signing time: Fri 05 Dec 2025 22:00:50 +0000 Manifest this update: Fri 05 Dec 2025 22:00:50 +0000 Manifest next update: Sat 06 Dec 2025 22:00:50 +0000 Files and hashes: 1: O7JK_R6ip6iR244uyf3DBgROHco.roa (hash: GKH7o0xxF7nZfmB+4s7mUapBQQrsXrRHoDwbM7Hh8hA=) 2: xKMWKFZYILOlo-HPyHdz4oP7lcE.crl (hash: Zw/2OnHJGH7gTMSFhb7h16nocnFGt4Glc7fzqllnst4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:3a:69:a3:f8:d4:b8:ed:13:70:1a:d3:6e:8f:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1 Validity Not Before: Dec 5 22:00:50 2025 GMT Not After : Dec 6 22:00:50 2025 GMT Subject: CN=f355a006c5793c7f7dd5aac0da005e800e3459fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:5f:1c:f0:10:13:30:7a:47:42:02:a7:66:45: 91:c7:d4:dd:b4:50:39:ea:d9:54:31:d7:b9:4f:2d: 8b:42:64:a4:f8:70:73:f6:92:0c:ec:53:ff:ae:cf: 74:56:41:cc:e7:24:cb:f9:d7:d8:06:5b:45:cf:1f: 0d:fc:dc:90:ac:9c:7d:e8:9f:18:a0:c3:8f:ae:9c: ca:28:f3:61:b3:81:be:da:49:b4:a5:99:64:e6:1c: 05:0d:dd:d0:c5:1b:73:d5:42:a8:32:6d:06:90:59: a1:1a:e3:df:d8:1f:85:76:f3:49:45:9f:51:56:a2: 53:24:4d:bd:76:59:27:c6:d7:e0:53:6f:59:42:7c: 3f:ac:6f:3b:7a:32:df:b2:96:53:1e:4d:d3:9a:97: 27:98:ae:19:a4:33:fa:cc:5a:9d:0a:a0:cd:d5:9a: 7e:59:d6:d0:82:0f:2f:5e:9f:f4:2d:6c:03:69:9e: 4f:87:83:82:ff:0b:1d:08:c9:61:f4:2d:ce:1f:d8: eb:bc:0c:20:2a:6f:b2:07:14:1b:85:77:8e:52:b5: f1:c2:d7:0e:8c:eb:76:af:86:cb:24:43:fa:37:d1: 47:a6:4c:68:ba:c5:e7:5f:db:58:ea:e3:57:fc:e9: 31:e3:5c:82:8f:3b:76:05:9a:bd:56:06:c0:02:c9: 5a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:55:A0:06:C5:79:3C:7F:7D:D5:AA:C0:DA:00:5E:80:0E:34:59:FB X509v3 Authority Key Identifier: keyid:C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:19:70:a8:8c:99:6f:bc:6b:8d:ba:fe:f0:4c:34:8b:a0:ed: f8:7f:cb:0d:bf:de:44:4c:31:3f:0f:ca:e5:9c:d4:50:4e:13: f0:9c:94:c8:31:ce:af:50:c0:0a:6b:d3:8a:6b:e0:8d:89:4a: ec:5d:3b:ee:77:ec:0e:be:4a:ac:9a:6d:a3:2b:74:91:01:b2: 1f:4c:a9:ac:ea:a1:e4:68:84:62:21:21:00:b8:bf:71:d8:2f: ac:a0:3c:ea:7d:c1:2a:f2:18:b2:4a:ad:a4:dd:5b:8a:29:17: 22:c8:a7:96:4a:e7:a0:54:93:33:12:5c:69:f8:10:22:a6:f0: 74:80:ce:db:c2:39:16:96:66:80:9c:37:72:52:a1:49:e9:fd: 82:bd:fa:04:66:75:fc:a6:b3:79:21:a0:8e:89:33:cd:af:e2: d5:a2:4c:57:5e:b6:d3:73:04:40:9e:1c:43:77:bd:ea:63:5b: ec:40:4c:96:db:9f:c4:45:fb:1e:d7:6d:6e:49:e7:b1:e9:37: f0:b4:2c:e0:8c:21:12:21:31:f1:a1:5d:67:f2:69:59:7a:4d: 67:cb:b0:28:dc:7c:d3:2f:db:fc:a4:4f:f6:ce:e9:48:2e:5c: 0a:76:c3:19:c4:de:47:db:61:2f:f2:0d:d5:8c:51:ee:c3:73: 06:3a:44:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiDppo/jUuO0TcBrTbo83MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0YTMxNjI4NTY1ODIwYjNhNWEzZTFjZmM4Nzc3M2UyODNm Yjk1YzEwHhcNMjUxMjA1MjIwMDUwWhcNMjUxMjA2MjIwMDUwWjAzMTEwLwYDVQQD EyhmMzU1YTAwNmM1NzkzYzdmN2RkNWFhYzBkYTAwNWU4MDBlMzQ1OWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV8c8BATMHpHQgKnZkWRx9TdtFA5 6tlUMde5Ty2LQmSk+HBz9pIM7FP/rs90VkHM5yTL+dfYBltFzx8N/NyQrJx96J8Y oMOPrpzKKPNhs4G+2km0pZlk5hwFDd3QxRtz1UKoMm0GkFmhGuPf2B+FdvNJRZ9R VqJTJE29dlknxtfgU29ZQnw/rG87ejLfspZTHk3TmpcnmK4ZpDP6zFqdCqDN1Zp+ WdbQgg8vXp/0LWwDaZ5Ph4OC/wsdCMlh9C3OH9jrvAwgKm+yBxQbhXeOUrXxwtcO jOt2r4bLJEP6N9FHpkxousXnX9tY6uNX/Okx41yCjzt2BZq9VgbAAsladwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPNVoAbFeTx/fdWqwNoAXoAONFn7MB8GA1UdIwQY MBaAFMSjFihWWCCzpaPhz8h3c+KD+5XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEt ZmIzMDdiYWRlYzRkLzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEtZmIzMDdiYWRlYzRk LzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANxlwqIyZ b7xrjbr+8Ew0i6Dt+H/LDb/eREwxPw/K5ZzUUE4T8JyUyDHOr1DACmvTimvgjYlK 7F077nfsDr5KrJptoyt0kQGyH0yprOqh5GiEYiEhALi/cdgvrKA86n3BKvIYskqt pN1biikXIsinlkrnoFSTMxJcafgQIqbwdIDO28I5FpZmgJw3clKhSen9gr36BGZ1 /KazeSGgjokzza/i1aJMV16203MEQJ4cQ3e96mNb7EBMltufxEX7Htdtbknnsek3 8LQs4IwhEiEx8aFdZ/JpWXpNZ8uwKNx80y/b/KRP9s7pSC5cCnbDGcTeR9thL/IN 1YxR7sNzBjpEbQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:11:03 2025 by rpki-client