This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json) Hash identifier: QfgOT+LrXvddve0V+hr9qSPV+9bmy9K8rfBf6KWT8wk= Subject key identifier: A1:CB:84:66:06:7B:37:AE:06:A3:A9:2F:5A:7F:86:03:CB:AA:80:35 Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392 Certificate serial: 019B1539845F5873A5333DEF11B099851648 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft Manifest number: 147C Signing time: Sat 13 Dec 2025 01:00:49 +0000 Manifest this update: Sat 13 Dec 2025 01:00:49 +0000 Manifest next update: Sun 14 Dec 2025 01:00:49 +0000 Files and hashes: 1: NKYWlz4gwZY4JXbw2fZ-33Yiq7Q.roa (hash: 78EN8i32FjxMTLLdcIXwd9Vb1kdj7OWCE2WX2/B4rLA=) 2: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (hash: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=) 3: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: 62bGZZP3D8lMn1EKJipOChqHt470uwwu3/Uo0DZkC/U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 01:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:15:39:84:5f:58:73:a5:33:3d:ef:11:b0:99:85:16:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392 Validity Not Before: Dec 13 01:00:49 2025 GMT Not After : Dec 14 01:00:49 2025 GMT Subject: CN=a1cb8466067b37ae06a3a92f5a7f8603cbaa8035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:fd:7d:d0:8d:e2:ec:a3:b1:9e:97:6f:dc:f0: 42:2e:8c:10:ed:48:ba:08:bd:50:e6:4f:16:06:6c: dc:e8:ea:bf:ac:97:47:31:01:cc:aa:0a:5f:ad:3d: 10:cd:a8:a3:15:69:20:90:5a:4b:18:67:2b:bc:18: d8:38:1e:e8:0b:fa:52:96:e0:85:4e:6b:d2:f5:b1: ad:f3:6a:33:92:15:b4:18:20:f0:1e:0e:08:07:c0: 04:5f:e3:d3:4b:77:53:78:09:a6:e6:34:e3:0d:ec: 79:cf:ce:e4:1f:e3:f2:ec:6f:6a:bc:c1:65:58:05: 93:99:95:1c:c9:e1:56:d2:13:9c:9e:05:8d:f6:1d: 9c:fa:1b:12:ba:37:78:aa:d5:67:fc:5f:6f:9c:4f: 9b:df:f2:3c:b4:56:b4:34:98:6c:62:af:70:9d:16: cc:8c:b7:4c:92:50:3a:07:33:32:49:3d:ea:36:37: e4:9e:68:ca:7d:b8:8e:ac:92:9b:ad:fc:dc:dd:ae: 7f:3a:56:19:3d:01:e8:30:c3:dc:28:3a:83:0c:3e: 06:5a:d5:25:fe:24:c4:9a:c5:84:55:d1:4f:41:03: dd:24:0e:03:da:90:6b:dc:8f:e0:d9:b7:fb:4f:64: 4c:5c:73:5f:9f:14:07:21:75:c8:2b:d8:8d:00:ff: 5d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:CB:84:66:06:7B:37:AE:06:A3:A9:2F:5A:7F:86:03:CB:AA:80:35 X509v3 Authority Key Identifier: keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:7a:e0:e7:78:99:be:80:34:77:25:93:0b:3b:4e:d6:e8:5b: 19:5e:6c:ec:f2:03:a6:32:f0:ba:ef:1f:5b:d0:a0:50:7b:ed: bf:8b:eb:5c:be:82:d3:a0:cb:33:7c:1c:ce:0a:ce:55:ea:69: 0b:32:0d:ae:19:01:3a:6e:5c:d4:06:ad:24:60:79:b1:50:df: 76:3e:69:67:eb:b8:d6:72:33:94:55:32:5b:71:5d:f5:3f:50: 0d:da:43:c7:5c:38:fb:5f:c8:1c:af:9a:cd:ad:e6:7b:14:c1: fd:f3:01:9f:72:6d:ea:a3:0a:1a:27:0c:5d:49:f5:e7:1b:d0: 8a:0f:2d:3a:1f:24:c0:c6:04:c4:be:18:ab:e8:54:cd:5f:10: c7:0b:1c:02:7d:e0:16:31:9b:4e:1d:48:6c:94:0b:cf:8a:fd: ce:6e:e0:1f:55:c8:ce:59:b1:ce:4e:6d:57:c6:d0:b6:d8:98: fa:72:94:65:12:f9:00:83:f3:14:cd:6c:56:de:8e:8f:15:90: 63:e3:ab:fb:1f:cc:68:31:0d:21:91:0c:81:b5:4b:2e:6c:79: 84:8d:24:f6:ee:a0:7a:e9:af:f0:2c:5c:f7:64:da:9b:17:55: 89:7a:02:ed:b9:75:df:49:2a:7d:75:af:e7:56:72:40:99:24: 93:b6:2e:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsVOYRfWHOlMz3vEbCZhRZIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi MWEzOTIwHhcNMjUxMjEzMDEwMDQ5WhcNMjUxMjE0MDEwMDQ5WjAzMTEwLwYDVQQD EyhhMWNiODQ2NjA2N2IzN2FlMDZhM2E5MmY1YTdmODYwM2NiYWE4MDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6P190I3i7KOxnpdv3PBCLowQ7Ui6 CL1Q5k8WBmzc6Oq/rJdHMQHMqgpfrT0QzaijFWkgkFpLGGcrvBjYOB7oC/pSluCF TmvS9bGt82ozkhW0GCDwHg4IB8AEX+PTS3dTeAmm5jTjDex5z87kH+Py7G9qvMFl WAWTmZUcyeFW0hOcngWN9h2c+hsSujd4qtVn/F9vnE+b3/I8tFa0NJhsYq9wnRbM jLdMklA6BzMyST3qNjfknmjKfbiOrJKbrfzc3a5/OlYZPQHoMMPcKDqDDD4GWtUl /iTEmsWEVdFPQQPdJA4D2pBr3I/g2bf7T2RMXHNfnxQHIXXIK9iNAP9duwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKHLhGYGezeuBqOpL1p/hgPLqoA1MB8GA1UdIwQY MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0 LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhnrg53iZ voA0dyWTCztO1uhbGV5s7PIDpjLwuu8fW9CgUHvtv4vrXL6C06DLM3wczgrOVepp CzINrhkBOm5c1AatJGB5sVDfdj5pZ+u41nIzlFUyW3Fd9T9QDdpDx1w4+1/IHK+a za3mexTB/fMBn3Jt6qMKGicMXUn15xvQig8tOh8kwMYExL4Yq+hUzV8QxwscAn3g FjGbTh1IbJQLz4r9zm7gH1XIzlmxzk5tV8bQttiY+nKUZRL5AIPzFM1sVt6OjxWQ Y+Or+x/MaDENIZEMgbVLLmx5hI0k9u6geumv8Cxc92TamxdViXoC7bl130kqfXWv 51ZyQJkkk7YuAA== -----END CERTIFICATE-----Generated at Sat Dec 13 09:48:12 2025 by rpki-client