This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft File: _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json) Hash identifier: vsPrXPM/mq8FoINNWd63kleTjSjELsFReJtehIfnpxI= Subject key identifier: 70:BE:C1:61:72:C4:0F:F8:B9:15:6E:64:2F:AC:2B:0B:21:45:1A:98 Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Certificate serial: 019AF31C1EA30FDCE75A35E63EF8A3C908B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft Manifest number: 0CBA Signing time: Sat 06 Dec 2025 10:01:37 +0000 Manifest this update: Sat 06 Dec 2025 10:01:37 +0000 Manifest next update: Sun 07 Dec 2025 10:01:37 +0000 Files and hashes: 1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=) 2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: zFlpMLfikPvWBag3mf9LB93IDoMSlHFoHFbyvSvcfoo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:1e:a3:0f:dc:e7:5a:35:e6:3e:f8:a3:c9:08:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Validity Not Before: Dec 6 10:01:37 2025 GMT Not After : Dec 7 10:01:37 2025 GMT Subject: CN=70bec16172c40ff8b9156e642fac2b0b21451a98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:e4:28:d4:ed:3b:7d:01:d0:9d:d4:86:86:be: aa:c1:8c:ae:4f:a8:9a:18:86:ef:20:cb:05:f2:a2: 66:65:df:42:8e:bf:d4:d1:64:33:d8:e4:a7:1d:24: 66:d6:1c:b7:8a:1d:f2:32:ed:c4:d1:4a:bc:76:59: 07:45:a6:ea:9a:34:9f:a8:cb:3e:7f:c1:ca:db:19: 7e:83:da:6b:ab:b5:bb:3d:e7:33:59:e7:96:32:0a: cc:cc:29:f3:c7:d5:77:32:79:eb:e2:2f:bc:09:fc: b6:57:3f:64:fc:ed:a8:f0:51:3e:39:40:70:56:cf: 96:aa:42:2c:1f:f0:7d:f2:04:6b:d0:65:5b:7f:8d: 9c:3d:24:96:3b:27:68:55:41:ff:ac:be:53:52:c3: 6f:1b:73:06:bd:06:e3:8c:0d:c5:58:71:4d:ed:c0: e7:09:e4:17:e3:94:30:63:c1:94:50:58:51:03:95: a4:15:9d:8c:5e:01:a3:56:0e:1e:f3:6e:ff:33:dc: 06:70:f4:16:eb:f1:05:7f:86:16:0f:5b:c5:03:fa: 76:f8:2a:58:1a:a0:37:1f:47:ec:02:e7:13:69:d5: a0:be:30:51:22:69:6d:0e:0e:bb:1f:be:39:82:7b: 9b:47:6b:e8:b4:44:6d:7c:9e:6e:da:52:3d:2a:ce: d1:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:BE:C1:61:72:C4:0F:F8:B9:15:6E:64:2F:AC:2B:0B:21:45:1A:98 X509v3 Authority Key Identifier: keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:ea:8d:d3:5f:6d:3e:6c:88:4b:d9:cc:c7:47:af:b7:8d:fc: 21:ce:1c:ad:98:67:6a:60:67:8c:6d:c4:cb:9d:f1:77:3b:40: 08:72:e9:16:b1:92:ed:1c:dd:c6:97:b2:be:94:0d:ff:99:5f: 2b:9f:2a:a2:db:10:97:76:c1:4a:b6:44:5f:ad:3f:28:57:59: 62:bb:df:96:d8:78:dd:da:34:52:29:58:24:94:1e:ab:1c:58: ac:91:21:c3:33:02:33:8b:5f:e5:a5:2b:2b:af:8d:b2:9a:73: 31:b5:6f:0f:6b:a9:1d:6a:b3:68:cf:66:bc:7e:7f:f5:1e:13: a0:28:a4:44:ec:a5:ee:d1:b9:16:f5:02:cb:ee:22:0b:dc:ad: 8f:83:f9:57:fa:bf:c9:eb:a6:65:d5:2c:79:bc:51:88:a7:62: 15:13:e8:0c:1f:96:f5:a7:07:b7:ca:e8:16:22:2f:fa:53:a4: 78:c1:ac:1e:5a:a1:19:ee:e0:f0:97:3e:17:d3:d0:78:47:e5: b5:3e:a8:a7:dd:fe:27:46:5d:2d:90:d9:69:f4:84:09:0a:dc: 92:c5:d4:fb:b7:ba:39:29:f8:c8:3f:41:cb:1c:f1:b4:dc:fa: 4f:61:a8:87:86:61:17:04:5e:bb:7d:b9:66:20:8f:85:9c:bf: 72:0c:aa:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHB6jD9znWjXmPvijyQi1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz M2U1ZDgwHhcNMjUxMjA2MTAwMTM3WhcNMjUxMjA3MTAwMTM3WjAzMTEwLwYDVQQD Eyg3MGJlYzE2MTcyYzQwZmY4YjkxNTZlNjQyZmFjMmIwYjIxNDUxYTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuQo1O07fQHQndSGhr6qwYyuT6ia GIbvIMsF8qJmZd9Cjr/U0WQz2OSnHSRm1hy3ih3yMu3E0Uq8dlkHRabqmjSfqMs+ f8HK2xl+g9prq7W7PeczWeeWMgrMzCnzx9V3Mnnr4i+8Cfy2Vz9k/O2o8FE+OUBw Vs+WqkIsH/B98gRr0GVbf42cPSSWOydoVUH/rL5TUsNvG3MGvQbjjA3FWHFN7cDn CeQX45QwY8GUUFhRA5WkFZ2MXgGjVg4e827/M9wGcPQW6/EFf4YWD1vFA/p2+CpY GqA3H0fsAucTadWgvjBRImltDg67H745gnubR2votERtfJ5u2lI9Ks7RSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHC+wWFyxA/4uRVuZC+sKwshRRqYMB8GA1UdIwQY MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2 LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAuqN019t PmyIS9nMx0evt438Ic4crZhnamBnjG3Ey53xdztACHLpFrGS7RzdxpeyvpQN/5lf K58qotsQl3bBSrZEX60/KFdZYrvflth43do0UilYJJQeqxxYrJEhwzMCM4tf5aUr K6+NsppzMbVvD2upHWqzaM9mvH5/9R4ToCikROyl7tG5FvUCy+4iC9ytj4P5V/q/ yeumZdUsebxRiKdiFRPoDB+W9acHt8roFiIv+lOkeMGsHlqhGe7g8Jc+F9PQeEfl tT6op93+J0ZdLZDZafSECQrcksXU+7e6OSn4yD9ByxzxtNz6T2Goh4ZhFwReu325 ZiCPhZy/cgyqXQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:10:48 2025 by rpki-client