This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json) Hash identifier: 7+A+tXI7Jr4Aaolh/8ZRO44atxWqKs5uGweVgLdknLA= Subject key identifier: 0B:C9:00:F1:17:87:23:58:B2:2B:3A:A3:D0:F8:B8:CA:B0:28:A9:D5 Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Certificate serial: 019AF208C64BDACF6C0BEF4DE35E7279B416 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft Manifest number: 16A3 Signing time: Sat 06 Dec 2025 05:00:52 +0000 Manifest this update: Sat 06 Dec 2025 05:00:52 +0000 Manifest next update: Sun 07 Dec 2025 05:00:52 +0000 Files and hashes: 1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: cgO+nm1vaEEItH6ODcmLtDP0/pbf35xzxc1bHwAcHSI=) 2: ir_nzSQYAsgPoPu8kRGYQzALm7U.roa (hash: TCpfNyg//XzFyrfc8SAsUbs4iWswcCSro2mnromAmQo=) 3: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (hash: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:c6:4b:da:cf:6c:0b:ef:4d:e3:5e:72:79:b4:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Validity Not Before: Dec 6 05:00:52 2025 GMT Not After : Dec 7 05:00:52 2025 GMT Subject: CN=0bc900f117872358b22b3aa3d0f8b8cab028a9d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:75:6a:c5:1e:fa:d7:1c:b8:a0:51:f2:60:e2: db:e4:3a:fc:25:dc:60:83:2f:f2:24:55:5a:06:e2: 7b:a2:41:f2:86:ce:3a:d0:5a:bb:2e:18:2e:de:6d: 5a:cb:3e:f5:b1:e0:b4:8f:54:6b:f5:66:39:b2:48: fd:d8:f0:3f:fd:72:7e:57:59:92:da:14:6b:7f:4d: 5b:ba:cb:b7:2f:a0:19:00:fe:0e:e5:1d:4c:81:79: 2b:a7:4d:44:ee:33:c2:f3:a2:a9:b8:fc:2d:10:be: 12:5f:45:21:49:f7:f6:f5:1b:c7:c3:fe:b7:ac:f5: 5b:9e:86:47:1c:9a:9a:76:b9:ec:2b:13:01:d0:60: c6:b6:77:40:ba:da:b9:fa:fc:15:13:3f:f5:0a:9a: be:9f:05:ce:ee:f8:0d:79:8f:f7:e1:22:dd:12:e0: 66:41:f3:30:96:ca:e2:fe:ca:0d:bb:81:ec:95:bb: b4:a2:20:b6:5d:bb:4c:20:af:68:38:f1:3c:8a:b6: 61:a2:15:f4:3f:3f:fb:c9:29:d8:ce:be:88:eb:be: 4a:90:7d:5e:a3:a4:0b:a6:5b:36:45:d6:bd:e3:a9: e1:ac:f2:bf:2b:23:9e:2f:ae:9a:83:98:74:f7:3b: 03:7e:a7:b5:fe:8e:18:d8:07:7f:da:42:b6:e9:3b: bf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:C9:00:F1:17:87:23:58:B2:2B:3A:A3:D0:F8:B8:CA:B0:28:A9:D5 X509v3 Authority Key Identifier: keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:59:d2:77:35:b3:f4:19:9b:bf:1d:23:0c:70:43:c5:85:9f: 34:93:95:2a:1c:c3:40:0b:ee:e1:e5:5f:00:3b:a3:99:78:0c: b6:80:9d:d8:a3:f9:b8:29:ed:a5:a8:1c:be:28:c8:0b:a8:47: 58:d5:ee:1d:0d:ca:f0:76:fb:69:78:26:3c:bf:3a:76:5a:ca: 73:c7:6c:08:9f:2a:ff:94:48:ca:42:12:e2:e8:2d:a9:d5:f2: 61:f7:7b:2c:66:f6:f6:40:87:3b:bb:da:53:6d:f6:4b:13:dc: f2:19:3a:2c:91:a9:a2:e6:5c:66:1f:68:4f:40:fd:dd:2b:37: 84:84:83:68:cf:96:58:17:35:75:f6:6d:52:d5:3a:b0:13:ef: c6:9b:f6:90:b3:76:e9:a6:03:44:86:37:82:c1:86:b4:8f:57: 68:fc:e2:f9:55:f2:56:d8:4c:d7:c2:ce:33:3f:05:4e:04:4b: b5:7b:5a:a9:f5:7a:48:6f:32:eb:99:0b:d4:11:aa:a7:7f:91: 74:c4:6b:5a:f5:c1:f0:4c:e3:fb:ce:58:b2:53:12:fd:3a:08: fd:0c:ea:1b:8a:69:06:11:16:bd:ba:65:e3:a7:81:5d:98:bf: 8c:96:32:38:eb:63:46:7e:bf:a3:2d:39:7f:3e:c8:3a:6f:2c: 9e:81:37:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCMZL2s9sC+9N415yebQWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm MTFhZDMwHhcNMjUxMjA2MDUwMDUyWhcNMjUxMjA3MDUwMDUyWjAzMTEwLwYDVQQD EygwYmM5MDBmMTE3ODcyMzU4YjIyYjNhYTNkMGY4YjhjYWIwMjhhOWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HVqxR761xy4oFHyYOLb5Dr8Jdxg gy/yJFVaBuJ7okHyhs460Fq7Lhgu3m1ayz71seC0j1Rr9WY5skj92PA//XJ+V1mS 2hRrf01busu3L6AZAP4O5R1MgXkrp01E7jPC86KpuPwtEL4SX0UhSff29RvHw/63 rPVbnoZHHJqadrnsKxMB0GDGtndAutq5+vwVEz/1Cpq+nwXO7vgNeY/34SLdEuBm QfMwlsri/soNu4Hslbu0oiC2XbtMIK9oOPE8irZhohX0Pz/7ySnYzr6I675KkH1e o6QLpls2Rda946nhrPK/KyOeL66ag5h09zsDfqe1/o4Y2Ad/2kK26Tu/uQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAvJAPEXhyNYsis6o9D4uMqwKKnVMB8GA1UdIwQY MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4 LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1nSdzWz 9Bmbvx0jDHBDxYWfNJOVKhzDQAvu4eVfADujmXgMtoCd2KP5uCntpagcvijIC6hH WNXuHQ3K8Hb7aXgmPL86dlrKc8dsCJ8q/5RIykIS4ugtqdXyYfd7LGb29kCHO7va U232SxPc8hk6LJGpouZcZh9oT0D93Ss3hISDaM+WWBc1dfZtUtU6sBPvxpv2kLN2 6aYDRIY3gsGGtI9XaPzi+VXyVthM18LOMz8FTgRLtXtaqfV6SG8y65kL1BGqp3+R dMRrWvXB8Ezj+85YslMS/ToI/QzqG4ppBhEWvbpl46eBXZi/jJYyOOtjRn6/oy05 fz7IOm8snoE35A== -----END CERTIFICATE-----Generated at Sat Dec 6 08:09:10 2025 by rpki-client