This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json) Hash identifier: WKn4qIbfCQr2OGTPBAQN9+WLgYHP87vniysLEjdk3Kg= Subject key identifier: 59:BB:CD:60:B4:D9:20:51:19:4D:8E:3D:8E:67:25:84:5C:7C:27:9C Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392 Certificate serial: 019B3BD95F810C449C5631D95B4901F63A55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft Manifest number: 1490 Signing time: Sat 20 Dec 2025 13:01:00 +0000 Manifest this update: Sat 20 Dec 2025 13:01:00 +0000 Manifest next update: Sun 21 Dec 2025 13:01:00 +0000 Files and hashes: 1: NKYWlz4gwZY4JXbw2fZ-33Yiq7Q.roa (hash: 78EN8i32FjxMTLLdcIXwd9Vb1kdj7OWCE2WX2/B4rLA=) 2: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (hash: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=) 3: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: GzDUI8tmcxjRfhKm9JQQTMJ/oWVhRMhEYNhV2W6aWiA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:5f:81:0c:44:9c:56:31:d9:5b:49:01:f6:3a:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392 Validity Not Before: Dec 20 13:01:00 2025 GMT Not After : Dec 21 13:01:00 2025 GMT Subject: CN=59bbcd60b4d92051194d8e3d8e6725845c7c279c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f6:9b:29:f6:9d:f9:1f:ee:50:32:04:a5:5a: 30:55:54:dd:6f:47:93:8f:b6:2b:b0:16:37:14:45: db:46:c9:3b:a8:71:08:d3:27:b9:91:0f:fd:1a:2d: 8d:56:f4:3d:84:81:59:b0:0b:5e:0e:5f:76:04:98: d8:10:8b:e6:10:e2:99:98:06:5c:2e:fa:3e:20:80: 31:fa:c9:70:51:78:cc:fc:8e:fe:ab:a6:57:c2:df: 88:68:87:be:36:30:60:5e:f3:41:7e:9a:87:b8:08: 23:51:28:3a:34:c6:60:5b:09:21:47:93:5a:e5:93: 76:68:6b:2f:32:53:84:c2:f7:95:1e:7b:7f:82:f4: 9d:43:c1:a2:07:18:bd:92:25:74:02:1a:f9:2c:4b: 51:8a:e8:33:f6:48:a1:db:8b:af:c9:60:8f:48:7e: 7f:18:72:71:27:7f:f3:b5:02:24:02:80:c1:b1:8d: 00:36:c8:90:56:10:08:33:e5:69:53:c4:53:40:bd: ac:d6:f2:c7:f2:27:d4:e2:1b:ff:fe:6f:20:4c:29: e7:1d:4c:e2:bf:4d:79:9c:7f:11:1d:28:50:3e:49: 39:c6:7c:b0:7e:97:13:54:17:19:b4:bf:a0:36:b4: f8:72:48:c9:08:cd:89:c9:2f:f4:51:f5:4c:54:e2: 15:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:BB:CD:60:B4:D9:20:51:19:4D:8E:3D:8E:67:25:84:5C:7C:27:9C X509v3 Authority Key Identifier: keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:4e:bd:15:34:91:a5:07:28:4f:3e:c0:03:f8:e9:04:f4:9d: 18:bf:f3:2a:08:3f:53:3a:48:4f:81:db:51:1f:1d:ff:32:ab: 9b:2f:3c:f5:ba:1b:4d:39:3a:ae:6e:d2:51:5f:da:85:f8:49: 59:e4:d5:c3:19:37:22:64:ca:ea:5a:ce:69:6b:47:84:16:b9: dc:84:88:dd:f0:21:c7:6a:72:d4:98:c4:ac:e9:8f:dc:84:ba: 01:9a:0f:45:79:d8:0d:a2:08:55:7f:02:32:0d:78:86:d0:52: ef:c5:1b:95:4d:5e:6e:82:0c:18:35:70:de:4b:70:91:05:58: c7:55:39:24:52:c1:eb:5f:4d:24:77:40:cb:44:b6:e1:5d:83: 69:37:3d:e3:9b:65:e8:ff:c9:f3:dd:f3:28:75:54:8a:b8:b8: 6b:ba:50:c6:ff:f4:6e:31:78:02:80:dc:16:cd:6a:59:92:62: 43:6a:c1:06:51:9d:00:c0:bf:ff:d3:89:5f:b1:d8:44:aa:ee: c4:2b:cf:79:c6:9c:8d:51:75:5c:ca:ea:3c:e0:7c:2b:bd:1b: 0e:7d:1a:e3:9d:0a:e9:ef:a1:98:1f:5b:c7:e9:9e:8e:01:ab: 3b:e6:10:21:5a:e7:bb:81:a5:dc:32:1c:4e:8c:13:b7:6f:3a: 39:e2:79:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72V+BDEScVjHZW0kB9jpVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi MWEzOTIwHhcNMjUxMjIwMTMwMTAwWhcNMjUxMjIxMTMwMTAwWjAzMTEwLwYDVQQD Eyg1OWJiY2Q2MGI0ZDkyMDUxMTk0ZDhlM2Q4ZTY3MjU4NDVjN2MyNzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/abKfad+R/uUDIEpVowVVTdb0eT j7YrsBY3FEXbRsk7qHEI0ye5kQ/9Gi2NVvQ9hIFZsAteDl92BJjYEIvmEOKZmAZc Lvo+IIAx+slwUXjM/I7+q6ZXwt+IaIe+NjBgXvNBfpqHuAgjUSg6NMZgWwkhR5Na 5ZN2aGsvMlOEwveVHnt/gvSdQ8GiBxi9kiV0Ahr5LEtRiugz9kih24uvyWCPSH5/ GHJxJ3/ztQIkAoDBsY0ANsiQVhAIM+VpU8RTQL2s1vLH8ifU4hv//m8gTCnnHUzi v015nH8RHShQPkk5xnywfpcTVBcZtL+gNrT4ckjJCM2JyS/0UfVMVOIV2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFm7zWC02SBRGU2OPY5nJYRcfCecMB8GA1UdIwQY MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0 LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfk69FTSR pQcoTz7AA/jpBPSdGL/zKgg/UzpIT4HbUR8d/zKrmy889bobTTk6rm7SUV/ahfhJ WeTVwxk3ImTK6lrOaWtHhBa53ISI3fAhx2py1JjErOmP3IS6AZoPRXnYDaIIVX8C Mg14htBS78UblU1eboIMGDVw3ktwkQVYx1U5JFLB619NJHdAy0S24V2DaTc945tl 6P/J893zKHVUiri4a7pQxv/0bjF4AoDcFs1qWZJiQ2rBBlGdAMC//9OJX7HYRKru xCvPecacjVF1XMrqPOB8K70bDn0a450K6e+hmB9bx+mejgGrO+YQIVrnu4Gl3DIc TowTt286OeJ5Pw== -----END CERTIFICATE-----Generated at Sat Dec 20 20:28:36 2025 by rpki-client