This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft File: XUcovR9dE212i_F1NGHFPaRXRss.mft (raw, json) Hash identifier: i1J5uSI45uPrpTlP3/L03Gjzo4i1hf0bfDNr9jShdmU= Subject key identifier: BF:A7:29:F0:06:D8:07:9C:61:A0:E0:08:89:3A:7C:CC:60:09:E9:5E Authority key identifier: 5D:47:28:BD:1F:5D:13:6D:76:8B:F1:75:34:61:C5:3D:A4:57:46:CB Certificate issuer: /CN=5d4728bd1f5d136d768bf1753461c53da45746cb Certificate serial: 019AF277179CC5BDB84C42DD2A1B358B98F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 07:01:22 +0000 Manifest this update: Sat 06 Dec 2025 07:01:22 +0000 Manifest next update: Sun 07 Dec 2025 07:01:22 +0000 Files and hashes: 1: HBQ9odudt8FtC2hg2PdPFEmL6sY.roa (hash: qLOlhGmFNavd+EfWsRToyvlmrGX+k5BkUmneKAiMnB0=) 2: XUcovR9dE212i_F1NGHFPaRXRss.crl (hash: cUW1T1Wrt8Yjgn/3DOQnnoyjWTd7IKhaE1z43AZXPvY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:17:9c:c5:bd:b8:4c:42:dd:2a:1b:35:8b:98:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d4728bd1f5d136d768bf1753461c53da45746cb Validity Not Before: Dec 6 07:01:22 2025 GMT Not After : Dec 7 07:01:22 2025 GMT Subject: CN=bfa729f006d8079c61a0e008893a7ccc6009e95e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:bc:51:9a:34:ff:08:e5:08:3c:d3:ff:b5:c9: 8e:27:a1:f6:b9:f8:a3:c6:dd:25:cc:e1:57:ed:15: 75:36:95:8a:2e:8f:0a:ab:cf:06:83:28:08:43:61: bf:1d:87:7b:70:2e:7b:9c:35:25:33:5a:5e:3a:7a: 9e:1e:eb:4b:74:9b:df:ee:18:02:8d:81:88:c8:95: ed:ce:bc:0c:91:1c:e8:4a:a8:f4:82:f6:1d:92:eb: f5:c3:b5:91:b7:7d:43:5e:52:4a:29:fc:fc:96:fe: fc:4e:2f:87:cb:7d:e2:13:04:f6:d8:46:90:6f:05: f4:7e:d5:00:27:3d:9a:87:9a:9d:26:94:c2:05:46: ef:bf:ed:71:fb:49:af:c5:43:b3:55:3f:da:1b:19: 41:39:5a:ec:42:11:c1:61:87:23:08:18:0a:e3:5f: 3e:a1:90:fc:06:31:52:08:38:8c:d5:fb:79:90:90: 96:fb:c4:df:3c:05:b8:b9:ee:ee:61:af:73:1c:c9: cd:03:4c:5f:38:f7:f9:cf:98:0c:07:26:cb:19:7a: 24:e2:ae:ff:dc:a2:2d:62:a9:78:16:90:3c:53:a5: 9a:83:ff:95:08:ad:a5:4c:0a:09:3b:bd:01:2d:49: 21:56:74:e9:65:7f:c9:d5:4b:45:fe:1d:05:a2:fb: c7:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:A7:29:F0:06:D8:07:9C:61:A0:E0:08:89:3A:7C:CC:60:09:E9:5E X509v3 Authority Key Identifier: keyid:5D:47:28:BD:1F:5D:13:6D:76:8B:F1:75:34:61:C5:3D:A4:57:46:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:38:9b:d6:ea:d3:44:af:8b:a2:a7:a3:91:c9:8b:38:d5:0a: 2e:44:9f:89:bf:70:1b:b3:51:f1:99:1d:57:1a:ef:00:b4:c7: 70:c4:91:10:56:62:8b:15:5b:2f:f7:f2:68:bd:9b:24:cf:c6: 7f:ae:09:fb:b2:35:07:5a:22:d9:d4:80:cc:b6:86:fb:9c:ce: 54:d2:40:37:d8:84:af:a1:9b:21:4e:58:0e:0d:18:e4:dd:d5: 38:68:35:5c:a0:0e:e1:d1:6e:37:88:8f:b1:9e:d7:96:c9:93: 17:e2:78:9b:59:aa:af:b0:50:92:58:7a:40:69:4d:28:74:31: 37:54:19:80:96:83:7b:06:78:52:e1:d4:f8:8b:6f:60:71:22: b4:97:00:cc:1f:eb:89:ce:43:7b:e3:5c:4a:9d:dc:2f:31:c2: cd:b2:04:b6:4c:18:06:56:8a:3c:28:28:bf:8a:db:b6:4d:49: f8:1c:db:d1:d2:10:db:4a:57:95:96:af:a7:3a:22:72:76:d0: 82:f3:4a:5c:f2:01:7e:da:42:6e:67:d5:a4:1b:c6:df:62:1a: 39:17:bc:a8:d2:39:23:b8:87:6c:b3:7f:ea:c4:95:89:4b:36: e8:62:ca:75:65:75:cb:b9:66:b4:dd:29:73:5e:08:0f:af:75: 03:09:8c:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydxecxb24TELdKhs1i5jwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkNDcyOGJkMWY1ZDEzNmQ3NjhiZjE3NTM0NjFjNTNkYTQ1 NzQ2Y2IwHhcNMjUxMjA2MDcwMTIyWhcNMjUxMjA3MDcwMTIyWjAzMTEwLwYDVQQD EyhiZmE3MjlmMDA2ZDgwNzljNjFhMGUwMDg4OTNhN2NjYzYwMDllOTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLxRmjT/COUIPNP/tcmOJ6H2ufij xt0lzOFX7RV1NpWKLo8Kq88GgygIQ2G/HYd7cC57nDUlM1peOnqeHutLdJvf7hgC jYGIyJXtzrwMkRzoSqj0gvYdkuv1w7WRt31DXlJKKfz8lv78Ti+Hy33iEwT22EaQ bwX0ftUAJz2ah5qdJpTCBUbvv+1x+0mvxUOzVT/aGxlBOVrsQhHBYYcjCBgK418+ oZD8BjFSCDiM1ft5kJCW+8TfPAW4ue7uYa9zHMnNA0xfOPf5z5gMBybLGXok4q7/ 3KItYql4FpA8U6Wag/+VCK2lTAoJO70BLUkhVnTpZX/J1UtF/h0FovvHgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL+nKfAG2AecYaDgCIk6fMxgCeleMB8GA1UdIwQY MBaAFF1HKL0fXRNtdovxdTRhxT2kV0bLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kYmU3NzMtYmVmYy00YTc3LWI1MTMt NWUyMzY3MjY3M2QyLzEvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9kYmU3NzMtYmVmYy00YTc3LWI1MTMtNWUyMzY3MjY3M2Qy LzEvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzib1urT RK+LoqejkcmLONUKLkSfib9wG7NR8ZkdVxrvALTHcMSREFZiixVbL/fyaL2bJM/G f64J+7I1B1oi2dSAzLaG+5zOVNJAN9iEr6GbIU5YDg0Y5N3VOGg1XKAO4dFuN4iP sZ7XlsmTF+J4m1mqr7BQklh6QGlNKHQxN1QZgJaDewZ4UuHU+ItvYHEitJcAzB/r ic5De+NcSp3cLzHCzbIEtkwYBlaKPCgov4rbtk1J+Bzb0dIQ20pXlZavpzoicnbQ gvNKXPIBftpCbmfVpBvG32IaORe8qNI5I7iHbLN/6sSViUs26GLKdWV1y7lmtN0p c14ID691AwmMxQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:30:19 2025 by rpki-client