This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft File: XHkaG6CbnU01jvBare1_DoXogbY.mft (raw, json) Hash identifier: V8A8CBvt3AXKxpCgiYoesLiW9D4T/px00HI8KZiPRhQ= Subject key identifier: 6C:20:9C:8E:36:62:F8:0E:8F:3F:7F:3D:7F:C1:64:99:72:95:A3:AA Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6 Certificate issuer: /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6 Certificate serial: 019B2C9D1B4DC67B9BD0B6E4FA21B4950361 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft Manifest number: 0CBC Signing time: Wed 17 Dec 2025 14:00:51 +0000 Manifest this update: Wed 17 Dec 2025 14:00:51 +0000 Manifest next update: Thu 18 Dec 2025 14:00:51 +0000 Files and hashes: 1: XHkaG6CbnU01jvBare1_DoXogbY.crl (hash: cqdJTz47j72RzfoQCEIUxvDTrHRFloP10RvJExfZPfY=) 2: _GYD1AJUDNposAkJpRDfG9xq6dk.roa (hash: afY5Qh0XccEeUiEofkFyRBQd+JnAG3mTgUzmW0se7YQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:9d:1b:4d:c6:7b:9b:d0:b6:e4:fa:21:b4:95:03:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6 Validity Not Before: Dec 17 14:00:51 2025 GMT Not After : Dec 18 14:00:51 2025 GMT Subject: CN=6c209c8e3662f80e8f3f7f3d7fc164997295a3aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b9:33:5b:d9:51:01:ac:b0:9d:98:ff:2d:c5: c2:2c:49:b5:77:d2:b6:d3:59:fc:94:7b:54:49:eb: 0f:03:e2:f0:a6:df:5e:dc:25:38:34:db:34:d6:b6: 57:c9:c4:c0:2f:b4:63:df:aa:f2:e7:b4:ac:d0:ba: d3:d5:1e:dc:d1:ca:cb:aa:47:54:c8:12:d3:0f:59: 8e:3a:33:a6:d7:89:5f:a0:14:b0:bb:65:73:98:ef: 7a:f1:a9:f7:3a:38:50:44:e0:e9:61:46:e7:04:d7: 57:b6:f5:44:e2:d2:c9:ae:fb:4c:97:d4:d0:51:3c: 5f:88:d2:19:ab:64:89:26:c0:cd:27:ef:27:75:78: 36:c3:c4:24:d4:ae:cf:07:81:ec:81:ec:bc:d7:c7: 4c:18:47:5b:f3:d9:fd:54:a2:d5:23:76:bb:ac:c1: 73:0f:12:9c:32:7d:1e:69:3e:b4:08:63:5e:4f:7d: ac:4a:b8:b3:cc:5d:8f:1c:15:fb:3d:62:19:4f:46: 31:1c:a9:e5:e8:5f:48:b5:27:6d:cb:54:a2:c0:96: f8:40:bf:39:88:1c:fa:fd:2b:91:2c:5d:6f:61:1c: dc:d5:07:08:af:f1:2c:cc:03:57:f0:c2:08:a9:66: ef:ff:09:8e:c5:34:f6:dd:dd:87:a5:97:82:8b:01: 63:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:20:9C:8E:36:62:F8:0E:8F:3F:7F:3D:7F:C1:64:99:72:95:A3:AA X509v3 Authority Key Identifier: keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:48:fe:bf:00:e3:6e:3c:79:b1:31:45:30:8f:15:ae:8e:de: 3f:ce:f2:42:fc:ec:2e:f8:aa:88:a8:06:7b:25:30:da:6f:98: 45:27:73:5e:02:14:ed:cf:75:be:1e:ef:e8:82:04:55:eb:31: 31:fd:9e:aa:d1:d5:6b:98:18:28:cc:b0:07:bd:86:3b:ee:62: 66:38:16:73:86:09:bd:da:de:f0:31:f4:03:36:f1:5a:1b:89: c1:27:0c:fe:cc:a8:7c:c7:b5:92:70:cd:2b:12:ee:4a:96:04: 3d:0f:1a:f3:49:d5:09:14:60:33:19:c3:2a:bf:53:0a:bd:69: 8a:a1:5a:a8:dd:28:cc:5d:10:a4:12:49:f4:f1:89:f4:38:62: 6f:91:d9:72:14:86:5d:ed:bd:d1:b3:e6:e2:67:5f:5d:a3:d0: 0e:3f:65:a1:37:b4:c9:7b:98:a0:e4:11:a8:8c:1c:59:5a:df: 94:76:6d:fd:5d:b6:1b:44:9d:fb:81:4d:7b:c7:1a:e6:83:bb: 84:a1:de:e7:1f:dd:84:af:2d:a4:49:7b:a8:c6:bf:6d:08:62: 82:4f:2f:6c:63:45:ac:c8:e5:ae:44:ce:4c:06:77:84:c2:1d: d8:c2:a8:55:0c:82:23:93:74:43:97:50:3e:6c:d2:d7:2b:93: a2:6f:01:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssnRtNxnub0Lbk+iG0lQNhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl ODgxYjYwHhcNMjUxMjE3MTQwMDUxWhcNMjUxMjE4MTQwMDUxWjAzMTEwLwYDVQQD Eyg2YzIwOWM4ZTM2NjJmODBlOGYzZjdmM2Q3ZmMxNjQ5OTcyOTVhM2FhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrkzW9lRAaywnZj/LcXCLEm1d9K2 01n8lHtUSesPA+Lwpt9e3CU4NNs01rZXycTAL7Rj36ry57Ss0LrT1R7c0crLqkdU yBLTD1mOOjOm14lfoBSwu2VzmO968an3OjhQRODpYUbnBNdXtvVE4tLJrvtMl9TQ UTxfiNIZq2SJJsDNJ+8ndXg2w8Qk1K7PB4Hsgey818dMGEdb89n9VKLVI3a7rMFz DxKcMn0eaT60CGNeT32sSrizzF2PHBX7PWIZT0YxHKnl6F9ItSdty1SiwJb4QL85 iBz6/SuRLF1vYRzc1QcIr/EszANX8MIIqWbv/wmOxTT23d2HpZeCiwFjlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGwgnI42YvgOjz9/PX/BZJlylaOqMB8GA1UdIwQY MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct NjZjNWFlOGEzNmI0LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0 LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakj+vwDj bjx5sTFFMI8Vro7eP87yQvzsLviqiKgGeyUw2m+YRSdzXgIU7c91vh7v6IIEVesx Mf2eqtHVa5gYKMywB72GO+5iZjgWc4YJvdre8DH0AzbxWhuJwScM/syofMe1knDN KxLuSpYEPQ8a80nVCRRgMxnDKr9TCr1piqFaqN0ozF0QpBJJ9PGJ9Dhib5HZchSG Xe290bPm4mdfXaPQDj9loTe0yXuYoOQRqIwcWVrflHZt/V22G0Sd+4FNe8ca5oO7 hKHe5x/dhK8tpEl7qMa/bQhigk8vbGNFrMjlrkTOTAZ3hMId2MKoVQyCI5N0Q5dQ PmzS1yuTom8BAA== -----END CERTIFICATE-----Generated at Wed Dec 17 18:36:19 2025 by rpki-client