This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json) Hash identifier: rVHRJHDC/nBP2qeRccWRK3c5Rfs0blrqJk8e0y8AjEQ= Subject key identifier: BB:4E:AA:FF:B3:E3:5A:92:65:CC:52:53:45:19:B8:C4:5F:29:36:10 Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Certificate serial: 019AF0BFA31B0B0DC21F70A12E107475FF83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft Manifest number: 16CD Signing time: Fri 05 Dec 2025 23:01:22 +0000 Manifest this update: Fri 05 Dec 2025 23:01:22 +0000 Manifest next update: Sat 06 Dec 2025 23:01:22 +0000 Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=) 2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: vL94fbgiiejUXi26990F52+F1H4kQdRuG5Ir/6udEls=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:a3:1b:0b:0d:c2:1f:70:a1:2e:10:74:75:ff:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3 Validity Not Before: Dec 5 23:01:22 2025 GMT Not After : Dec 6 23:01:22 2025 GMT Subject: CN=bb4eaaffb3e35a9265cc52534519b8c45f293610 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ea:e2:cb:24:75:27:3a:3b:88:7f:f8:33:c7: 7c:2e:2a:92:b8:eb:ed:ec:dc:cd:3c:73:5a:e8:b6: 6e:4b:5d:94:01:a4:ed:77:73:8a:55:c4:1d:f4:12: e9:29:93:3b:2e:79:50:b6:df:cf:9d:86:a8:5b:95: c9:5c:dc:30:ca:f8:f2:5e:14:e5:94:2d:7c:23:3e: 49:3c:20:c6:1f:9b:f3:04:18:a3:b9:e4:46:3b:85: 6d:e7:d0:c5:c4:61:74:57:39:cb:4d:6f:2d:ea:a6: 43:10:15:07:a6:01:5e:30:45:8d:da:ca:40:2f:58: 9b:8b:dc:ad:f8:1e:3d:61:b4:c6:1b:e2:dd:92:6e: ee:1b:16:5a:c5:b8:48:fd:fe:b5:d7:ec:8b:79:fb: d1:cf:ea:98:46:ce:1c:ec:b5:f0:c9:14:50:fd:13: 87:c2:93:7c:f4:c8:50:1a:f8:37:2f:84:84:68:39: 29:7b:f7:dc:72:57:37:ae:9d:7f:50:f2:98:0f:a0: 22:32:9c:ca:1d:38:ef:b1:08:88:68:4f:31:38:16: 08:36:7c:1f:49:87:cb:74:81:ca:76:7b:9b:2e:a6: ae:ca:00:d6:89:bd:19:8e:20:6c:68:7b:5d:fe:47: 2a:81:e7:52:36:04:98:ed:bb:7d:1f:9d:8d:05:e9: 2f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:4E:AA:FF:B3:E3:5A:92:65:CC:52:53:45:19:B8:C4:5F:29:36:10 X509v3 Authority Key Identifier: keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:53:c0:07:02:2e:28:8b:39:9e:31:ac:57:5c:e1:bc:a1:61: ff:ed:b6:45:f5:bd:1f:97:55:0b:9f:8e:e5:37:b5:f3:c2:c5: 8b:31:35:a0:c3:77:8b:7f:99:e8:26:9b:2a:0d:b1:60:a1:52: e5:44:25:4e:81:d6:49:39:3a:54:d5:a3:a6:cf:eb:ef:4b:ca: b1:5c:73:bc:25:ec:8b:77:0e:e9:00:65:2e:71:9e:75:f8:7a: 35:4f:8c:d4:94:67:a6:33:fc:5e:3b:82:5b:0c:dd:8f:2e:b1: f8:3e:5a:03:c8:41:43:2f:bb:40:17:0e:75:a0:0e:0d:c1:9a: c9:dd:6e:fa:07:28:a0:b4:ab:8b:77:6f:d0:d4:d3:2f:98:c4: 82:9b:91:6f:52:03:33:0e:f6:2a:9a:d0:7d:32:6e:bc:ea:72: 0a:e3:18:a0:e2:03:bf:6f:93:8b:07:d9:7a:82:90:71:a4:95: 15:25:32:70:13:86:bc:7d:db:ae:45:e5:69:1a:a9:15:22:dc: 6f:8e:0e:2f:19:1a:34:50:b4:af:10:81:8a:fe:23:50:15:aa: 35:ba:e1:32:1d:b3:84:ad:97:fc:0f:b8:79:fe:3e:e5:33:31: 2a:4e:23:8f:f7:28:dd:54:de:ae:73:ea:d5:0a:b4:6c:45:a9: 61:bb:ab:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv6MbCw3CH3ChLhB0df+DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw OTMzYzMwHhcNMjUxMjA1MjMwMTIyWhcNMjUxMjA2MjMwMTIyWjAzMTEwLwYDVQQD EyhiYjRlYWFmZmIzZTM1YTkyNjVjYzUyNTM0NTE5YjhjNDVmMjkzNjEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+riyyR1Jzo7iH/4M8d8LiqSuOvt 7NzNPHNa6LZuS12UAaTtd3OKVcQd9BLpKZM7LnlQtt/PnYaoW5XJXNwwyvjyXhTl lC18Iz5JPCDGH5vzBBijueRGO4Vt59DFxGF0VznLTW8t6qZDEBUHpgFeMEWN2spA L1ibi9yt+B49YbTGG+Ldkm7uGxZaxbhI/f611+yLefvRz+qYRs4c7LXwyRRQ/ROH wpN89MhQGvg3L4SEaDkpe/fcclc3rp1/UPKYD6AiMpzKHTjvsQiIaE8xOBYINnwf SYfLdIHKdnubLqauygDWib0ZjiBsaHtd/kcqgedSNgSY7bt9H52NBekvbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtOqv+z41qSZcxSU0UZuMRfKTYQMB8GA1UdIwQY MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADVPABwIu KIs5njGsV1zhvKFh/+22RfW9H5dVC5+O5Te188LFizE1oMN3i3+Z6CabKg2xYKFS 5UQlToHWSTk6VNWjps/r70vKsVxzvCXsi3cO6QBlLnGedfh6NU+M1JRnpjP8XjuC Wwzdjy6x+D5aA8hBQy+7QBcOdaAODcGayd1u+gcooLSri3dv0NTTL5jEgpuRb1ID Mw72KprQfTJuvOpyCuMYoOIDv2+TiwfZeoKQcaSVFSUycBOGvH3brkXlaRqpFSLc b44OLxkaNFC0rxCBiv4jUBWqNbrhMh2zhK2X/A+4ef4+5TMxKk4jj/co3VTernPq 1Qq0bEWpYburyg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:50:28 2025 by rpki-client