This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft File: XHkaG6CbnU01jvBare1_DoXogbY.mft (raw, json) Hash identifier: 6abZhz+2ne+FaQdlFtPM9j6SAQV5Q4MMvrCggOf45FA= Subject key identifier: A1:FC:CC:16:5F:82:E5:A4:C5:E4:01:30:45:F3:97:21:FC:F6:8B:50 Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6 Certificate issuer: /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6 Certificate serial: 019AF2AD7D81DA6789E832370BEE44CC060B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft Manifest number: 0C9E Signing time: Sat 06 Dec 2025 08:00:47 +0000 Manifest this update: Sat 06 Dec 2025 08:00:47 +0000 Manifest next update: Sun 07 Dec 2025 08:00:47 +0000 Files and hashes: 1: XHkaG6CbnU01jvBare1_DoXogbY.crl (hash: oKd+WaN+3w1jWLcns3JNyYAKNNBIdl6fEZ38Wlfwwq0=) 2: _GYD1AJUDNposAkJpRDfG9xq6dk.roa (hash: afY5Qh0XccEeUiEofkFyRBQd+JnAG3mTgUzmW0se7YQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:7d:81:da:67:89:e8:32:37:0b:ee:44:cc:06:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6 Validity Not Before: Dec 6 08:00:47 2025 GMT Not After : Dec 7 08:00:47 2025 GMT Subject: CN=a1fccc165f82e5a4c5e4013045f39721fcf68b50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:9f:c2:4f:30:27:07:15:db:4b:e4:8f:55:6a: 16:be:aa:89:f6:4c:c0:bc:84:60:70:88:6d:6d:69: 8c:32:c1:dd:97:42:86:a9:ad:0c:84:a7:62:78:28: 2c:3b:24:74:48:84:5a:18:96:6c:21:fe:eb:4c:ab: fe:fa:be:39:42:e0:ef:ec:4a:af:6d:ae:20:55:8a: 0f:95:29:9b:af:64:34:34:a8:9e:e6:18:31:63:30: 3c:79:c7:c3:5c:7c:2c:c6:fc:71:d9:53:a3:ac:5c: 1f:07:f7:a9:29:69:c2:63:8a:c2:45:83:f0:3c:eb: a5:17:0c:38:42:25:ee:74:78:81:27:88:6c:5f:f1: 18:64:11:b3:dc:fe:29:0f:c6:3f:f1:6e:17:fb:2f: 03:09:22:33:fe:03:3d:a9:28:f7:60:8c:e7:00:0e: 32:3b:7d:bf:c6:c8:b0:9a:4e:1d:ef:28:f9:90:f2: 51:08:79:44:3b:37:40:6e:29:ce:5a:8b:57:90:ad: 44:ec:d6:7a:bd:8b:62:a5:d4:c6:d1:ba:04:1f:3d: ba:b9:9d:de:29:98:ca:13:3a:f1:a9:d5:e1:a8:2b: 49:c2:80:ad:63:af:68:71:38:ac:61:0d:4f:b9:8a: fd:0d:ac:5c:bd:65:66:b3:44:e8:29:f8:a4:ac:09: 17:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:FC:CC:16:5F:82:E5:A4:C5:E4:01:30:45:F3:97:21:FC:F6:8B:50 X509v3 Authority Key Identifier: keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:64:31:0a:ae:15:1a:8e:d3:09:81:32:8e:2a:ae:57:aa:d4: af:56:ce:55:ef:cb:a7:08:c8:2a:81:ea:8a:b7:61:32:b1:46: d0:eb:cd:1e:dd:56:63:d6:f7:54:27:61:06:54:ce:68:4d:9a: f4:ce:26:58:54:be:f7:43:64:64:19:68:3e:15:ab:9e:0c:89: 02:4f:f8:8a:f9:dd:20:f8:1f:e6:ec:21:2e:82:09:19:cc:0d: d3:80:a0:81:bf:59:ec:0f:3f:03:84:56:cf:0b:9b:a4:9d:53: c3:86:aa:cb:65:f3:6a:70:59:12:f7:b8:6a:a1:a7:27:77:a0: 55:1b:92:3c:cd:59:16:ba:db:df:21:b9:9b:07:e4:04:ac:2b: 36:e5:49:31:cf:b9:6b:d2:1a:54:cc:7c:f1:23:ca:ae:00:d4: 82:81:8a:c6:b6:0b:c7:3a:e6:e1:78:92:c8:6f:53:47:f5:97: 1b:df:18:0d:6c:e5:82:02:68:e6:27:fb:c4:02:ca:88:61:d4: 58:41:99:ab:95:16:5e:64:1d:b2:12:48:55:dd:3e:a8:bb:fa: cb:62:3d:af:d3:49:c9:26:46:fb:bd:39:b4:53:46:fb:51:26: 78:d6:2d:7c:76:44:b4:3d:50:45:52:52:cc:39:68:32:69:09: 32:e0:2f:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrX2B2meJ6DI3C+5EzAYLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl ODgxYjYwHhcNMjUxMjA2MDgwMDQ3WhcNMjUxMjA3MDgwMDQ3WjAzMTEwLwYDVQQD EyhhMWZjY2MxNjVmODJlNWE0YzVlNDAxMzA0NWYzOTcyMWZjZjY4YjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ/CTzAnBxXbS+SPVWoWvqqJ9kzA vIRgcIhtbWmMMsHdl0KGqa0MhKdieCgsOyR0SIRaGJZsIf7rTKv++r45QuDv7Eqv ba4gVYoPlSmbr2Q0NKie5hgxYzA8ecfDXHwsxvxx2VOjrFwfB/epKWnCY4rCRYPw POulFww4QiXudHiBJ4hsX/EYZBGz3P4pD8Y/8W4X+y8DCSIz/gM9qSj3YIznAA4y O32/xsiwmk4d7yj5kPJRCHlEOzdAbinOWotXkK1E7NZ6vYtipdTG0boEHz26uZ3e KZjKEzrxqdXhqCtJwoCtY69ocTisYQ1PuYr9DaxcvWVms0ToKfikrAkX7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKH8zBZfguWkxeQBMEXzlyH89otQMB8GA1UdIwQY MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct NjZjNWFlOGEzNmI0LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0 LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEGQxCq4V Go7TCYEyjiquV6rUr1bOVe/LpwjIKoHqirdhMrFG0OvNHt1WY9b3VCdhBlTOaE2a 9M4mWFS+90NkZBloPhWrngyJAk/4ivndIPgf5uwhLoIJGcwN04Cggb9Z7A8/A4RW zwubpJ1Tw4aqy2XzanBZEve4aqGnJ3egVRuSPM1ZFrrb3yG5mwfkBKwrNuVJMc+5 a9IaVMx88SPKrgDUgoGKxrYLxzrm4XiSyG9TR/WXG98YDWzlggJo5if7xALKiGHU WEGZq5UWXmQdshJIVd0+qLv6y2I9r9NJySZG+705tFNG+1EmeNYtfHZEtD1QRVJS zDloMmkJMuAv8Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:55:50 2025 by rpki-client