This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json) Hash identifier: R+IS+TyFrosdaXBnih8HxITt4S0pOy1TgU3jsBG6NsQ= Subject key identifier: 2D:5E:7B:7A:59:83:06:06:C9:83:31:C7:8B:54:81:F9:87:18:07:C7 Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Certificate serial: 019B31C3CA8111B85A044736E841DB22A8E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft Manifest number: 16C4 Signing time: Thu 18 Dec 2025 14:01:13 +0000 Manifest this update: Thu 18 Dec 2025 14:01:13 +0000 Manifest next update: Fri 19 Dec 2025 14:01:13 +0000 Files and hashes: 1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: LChDySLlWxgZ4+dOQkK/tYVCXFtb+eh/ukqFurfOybs=) 2: ir_nzSQYAsgPoPu8kRGYQzALm7U.roa (hash: TCpfNyg//XzFyrfc8SAsUbs4iWswcCSro2mnromAmQo=) 3: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (hash: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:ca:81:11:b8:5a:04:47:36:e8:41:db:22:a8:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Validity Not Before: Dec 18 14:01:13 2025 GMT Not After : Dec 19 14:01:13 2025 GMT Subject: CN=2d5e7b7a59830606c98331c78b5481f9871807c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:13:b8:3f:4f:88:1d:20:09:73:dd:bf:1c:df: 63:20:18:a9:5a:b2:a5:dd:e5:1c:b2:dd:2c:86:80: 57:a6:47:bd:9c:59:63:e5:13:99:e7:56:ad:68:f3: 4f:c3:46:3d:0e:7f:db:78:1c:bb:03:f0:4e:21:82: 56:62:75:cc:95:fc:3b:d3:1c:92:da:96:d3:df:9f: 92:38:38:d6:24:94:27:fd:be:72:30:3f:f9:77:ca: dc:fc:a4:74:3f:51:58:12:22:cd:b3:ab:1e:9c:48: 8a:14:8d:9b:4d:70:36:f3:cf:67:fd:fb:fd:42:b2: d2:b1:3d:d5:b7:48:1d:08:39:58:ec:24:9c:ce:ab: ae:af:a6:23:0b:ea:8e:f8:d4:a2:9c:ba:fb:83:57: 3c:83:42:89:69:5c:e6:01:98:f5:d6:6b:9d:b1:0b: f5:63:55:11:18:7a:86:58:9d:6b:4c:ee:23:eb:a7: 10:58:98:1a:fe:ac:be:10:30:94:64:00:37:4e:62: 69:da:ec:48:92:a2:cf:39:31:d2:98:b8:3b:61:48: 2c:a4:6b:33:15:c6:06:f3:bf:dd:ed:d6:71:9a:df: 2b:ff:e8:3c:cc:ce:70:01:d5:2a:8d:b5:a4:1d:98: 20:64:6d:52:90:fc:10:29:02:95:b7:53:57:14:a0: 55:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:5E:7B:7A:59:83:06:06:C9:83:31:C7:8B:54:81:F9:87:18:07:C7 X509v3 Authority Key Identifier: keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:9d:56:59:e0:95:4d:04:8a:ff:66:51:45:8d:08:78:4e:4d: ac:85:f0:5f:6e:92:f4:4e:fa:c6:7d:7f:c9:cd:a2:34:16:59: 45:dd:29:2e:ac:b3:ea:13:f1:6a:5e:31:98:43:c1:4f:c9:d2: 97:47:fa:9e:cb:64:6d:35:85:ab:70:2e:cc:df:c7:61:31:82: 83:06:57:41:e1:35:d6:1f:3e:7e:12:e0:cc:51:30:8d:8e:02: 45:94:93:3d:f9:c4:2d:4a:73:66:fb:97:b5:ee:0b:0b:3f:0e: c2:cf:92:b2:36:ab:ae:85:22:9b:49:e0:31:fc:83:31:d6:5f: 45:05:7b:43:0c:97:a5:60:d6:92:5b:e8:71:e8:7f:02:36:82: b7:13:ce:32:aa:4b:20:dd:f2:9d:5d:b7:62:f0:b3:48:3a:49: 1c:84:15:ef:b5:79:cf:b9:19:74:41:44:58:aa:c3:92:f1:cb: ce:4e:b9:81:52:db:d2:be:66:b1:06:92:6b:07:5f:5e:5c:26: 9f:a4:90:f6:5d:53:b3:a6:87:c1:81:b8:ec:da:92:bc:fd:4d: 08:db:c1:39:be:10:31:43:e8:08:a3:04:15:03:de:b7:dd:78: 5f:45:d8:61:1b:4b:66:74:57:d3:ef:bf:fa:01:a8:11:24:f6: 97:c7:ca:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw8qBEbhaBEc26EHbIqjnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm MTFhZDMwHhcNMjUxMjE4MTQwMTEzWhcNMjUxMjE5MTQwMTEzWjAzMTEwLwYDVQQD EygyZDVlN2I3YTU5ODMwNjA2Yzk4MzMxYzc4YjU0ODFmOTg3MTgwN2M3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRO4P0+IHSAJc92/HN9jIBipWrKl 3eUcst0shoBXpke9nFlj5ROZ51ataPNPw0Y9Dn/beBy7A/BOIYJWYnXMlfw70xyS 2pbT35+SODjWJJQn/b5yMD/5d8rc/KR0P1FYEiLNs6senEiKFI2bTXA2889n/fv9 QrLSsT3Vt0gdCDlY7CSczquur6YjC+qO+NSinLr7g1c8g0KJaVzmAZj11mudsQv1 Y1URGHqGWJ1rTO4j66cQWJga/qy+EDCUZAA3TmJp2uxIkqLPOTHSmLg7YUgspGsz FcYG87/d7dZxmt8r/+g8zM5wAdUqjbWkHZggZG1SkPwQKQKVt1NXFKBVeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC1ee3pZgwYGyYMxx4tUgfmHGAfHMB8GA1UdIwQY MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4 LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY51WWeCV TQSK/2ZRRY0IeE5NrIXwX26S9E76xn1/yc2iNBZZRd0pLqyz6hPxal4xmEPBT8nS l0f6nstkbTWFq3AuzN/HYTGCgwZXQeE11h8+fhLgzFEwjY4CRZSTPfnELUpzZvuX te4LCz8Ows+SsjarroUim0ngMfyDMdZfRQV7QwyXpWDWklvoceh/AjaCtxPOMqpL IN3ynV23YvCzSDpJHIQV77V5z7kZdEFEWKrDkvHLzk65gVLb0r5msQaSawdfXlwm n6SQ9l1Ts6aHwYG47NqSvP1NCNvBOb4QMUPoCKMEFQPet914X0XYYRtLZnRX0++/ +gGoEST2l8fKRw== -----END CERTIFICATE-----Generated at Thu Dec 18 21:45:33 2025 by rpki-client