This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json) Hash identifier: ak+CoX1NgXmj3t1DrcdRTzB0JHaImgpmQ8ZpIkd+bUY= Subject key identifier: 20:E2:6C:A0:70:14:7E:00:2A:12:EA:6D:C3:90:71:A5:24:47:33:9F Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Certificate serial: 019AF38928F5400016EB3B8FB7CC7B00976C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft Manifest number: 0697 Signing time: Sat 06 Dec 2025 12:00:43 +0000 Manifest this update: Sat 06 Dec 2025 12:00:43 +0000 Manifest next update: Sun 07 Dec 2025 12:00:43 +0000 Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=) 2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: K9Wppt2s8cNVLVeo2nypI+X+UostiRxdH/7q29KDLD4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:28:f5:40:00:16:eb:3b:8f:b7:cc:7b:00:97:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Validity Not Before: Dec 6 12:00:43 2025 GMT Not After : Dec 7 12:00:43 2025 GMT Subject: CN=20e26ca070147e002a12ea6dc39071a52447339f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:30:22:70:b2:96:e3:fa:91:12:ff:ce:17:f8: cc:49:45:d0:03:c1:5b:b4:16:01:6e:3d:05:a5:1b: 84:8a:7e:5d:05:c3:fd:51:3d:74:61:b3:fc:07:12: 64:43:8e:73:12:dd:2d:aa:d4:68:e5:8b:06:0f:88: dd:16:69:42:94:9b:c5:c1:60:ad:0d:51:e8:4f:d8: e6:1d:20:59:02:36:47:80:62:91:e9:10:3d:56:5f: 68:4d:2c:6e:6d:e9:e1:70:18:c9:02:93:48:dd:e7: 6d:0c:e9:dd:5e:74:64:a7:1f:35:05:23:aa:8d:3e: 38:56:95:a6:dc:a9:8a:14:30:7d:13:f7:3f:60:b9: 88:57:bd:8b:48:eb:81:76:84:06:e4:e4:ae:6e:b8: 5b:59:cf:d3:3a:6e:fc:6c:d9:21:6a:82:98:6e:4c: 35:45:79:a0:af:30:a8:a5:25:34:43:25:fc:1e:b3: f5:c1:85:63:67:ae:6b:f3:a7:a2:66:33:b1:67:50: 77:da:d1:a9:05:a1:d6:57:74:e7:7e:ac:a9:7a:c1: 03:f5:84:89:e4:64:0d:32:05:90:52:5b:84:dd:3d: 40:24:8a:8d:b6:a1:4d:23:1e:88:de:f0:a2:57:42: 26:c1:da:8b:e3:d9:8b:45:22:f0:b0:a0:7d:a7:02: 9c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:E2:6C:A0:70:14:7E:00:2A:12:EA:6D:C3:90:71:A5:24:47:33:9F X509v3 Authority Key Identifier: keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:e0:ef:c4:e5:1e:d8:a0:d6:fa:4b:3e:96:55:2f:3d:ad:18: 9e:99:40:ae:e9:17:e8:fb:fc:69:53:cd:83:cb:e8:23:09:f6: fb:3e:af:d1:4f:6d:42:6a:39:92:ab:9c:72:df:09:42:60:78: e3:78:df:4f:eb:c3:63:58:31:cf:3c:5b:38:56:b0:89:bb:16: 1a:ab:3f:4e:e9:20:0f:e4:8e:ec:40:0e:a2:17:52:a4:c9:99: 69:1f:ae:06:3a:be:1d:9f:4c:96:1f:88:2f:8d:4a:74:76:84: 78:f6:50:c2:27:a0:6d:7f:86:74:54:87:ad:7b:59:95:db:f9: ff:01:34:ea:51:f0:8f:3e:6d:af:41:29:88:61:a5:38:c3:f4: 6d:a0:5c:55:81:e5:9a:89:66:ef:8e:b3:36:e9:2e:f7:78:c0: 0e:d0:22:68:f4:79:cb:60:4f:7e:cf:d8:9e:40:3c:c7:5a:14: 03:32:5d:89:0c:40:e7:55:6b:ea:b2:af:78:4f:53:61:08:18: 50:5d:88:93:5a:55:d6:38:76:dd:14:63:d4:ac:36:5b:86:5d: 9c:1f:04:33:d2:8b:4a:61:d0:1c:7d:3e:07:fe:f7:86:48:5e: 34:2c:66:4c:c3:43:2d:e4:47:69:7f:f4:8d:aa:c2:11:60:74: 87:6a:58:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziSj1QAAW6zuPt8x7AJdsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl NDcwNzQwHhcNMjUxMjA2MTIwMDQzWhcNMjUxMjA3MTIwMDQzWjAzMTEwLwYDVQQD EygyMGUyNmNhMDcwMTQ3ZTAwMmExMmVhNmRjMzkwNzFhNTI0NDczMzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzAicLKW4/qREv/OF/jMSUXQA8Fb tBYBbj0FpRuEin5dBcP9UT10YbP8BxJkQ45zEt0tqtRo5YsGD4jdFmlClJvFwWCt DVHoT9jmHSBZAjZHgGKR6RA9Vl9oTSxubenhcBjJApNI3edtDOndXnRkpx81BSOq jT44VpWm3KmKFDB9E/c/YLmIV72LSOuBdoQG5OSubrhbWc/TOm78bNkhaoKYbkw1 RXmgrzCopSU0QyX8HrP1wYVjZ65r86eiZjOxZ1B32tGpBaHWV3TnfqypesED9YSJ 5GQNMgWQUluE3T1AJIqNtqFNIx6I3vCiV0ImwdqL49mLRSLwsKB9pwKcQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCDibKBwFH4AKhLqbcOQcaUkRzOfMB8GA1UdIwQY MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAReDvxOUe 2KDW+ks+llUvPa0YnplArukX6Pv8aVPNg8voIwn2+z6v0U9tQmo5kqucct8JQmB4 43jfT+vDY1gxzzxbOFawibsWGqs/TukgD+SO7EAOohdSpMmZaR+uBjq+HZ9Mlh+I L41KdHaEePZQwiegbX+GdFSHrXtZldv5/wE06lHwjz5tr0EpiGGlOMP0baBcVYHl molm746zNuku93jADtAiaPR5y2BPfs/YnkA8x1oUAzJdiQxA51Vr6rKveE9TYQgY UF2Ik1pV1jh23RRj1Kw2W4ZdnB8EM9KLSmHQHH0+B/73hkheNCxmTMNDLeRHaX/0 jarCEWB0h2pY5g== -----END CERTIFICATE-----Generated at Sat Dec 6 15:40:14 2025 by rpki-client