This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft File: XpNr6hsMOiCKuifYsQsnXkdN3iw.mft (raw, json) Hash identifier: Gsb3SBBOTKPmeTJTPV93JGN00rq9bTMQZFpBUhwc9/0= Subject key identifier: B5:23:60:2F:ED:1E:03:2C:2F:BD:BA:1A:03:AB:DC:4A:CA:16:B1:F0 Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c Certificate serial: 019AF540B814200D06F51E8D2170E98CDB72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 20:00:50 +0000 Manifest this update: Sat 06 Dec 2025 20:00:50 +0000 Manifest next update: Sun 07 Dec 2025 20:00:50 +0000 Files and hashes: 1: Nw7X2LCFZpQsGc2GoXyrFKElkBk.roa (hash: y5oQHHhbifcLGWzUQAXcT2e3MvPfBEuWSolqQY+gsts=) 2: XpNr6hsMOiCKuifYsQsnXkdN3iw.crl (hash: 2RYgm1oeV0YM+W2MsDWYvVwPUBTYka/uOl7cT1z77Bo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 20:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:b8:14:20:0d:06:f5:1e:8d:21:70:e9:8c:db:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c Validity Not Before: Dec 6 20:00:50 2025 GMT Not After : Dec 7 20:00:50 2025 GMT Subject: CN=b523602fed1e032c2fbdba1a03abdc4aca16b1f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:57:6a:98:51:04:dd:2f:c3:86:46:9e:e2:b9: 50:99:41:88:62:2b:bc:10:27:6c:23:3e:9d:b0:a6: 5a:4d:28:3a:46:4a:33:db:c1:17:80:fa:e6:34:8c: eb:73:57:25:c6:05:63:78:12:c9:68:ae:f2:a4:23: ed:ca:ff:b0:8d:ee:f3:12:1e:81:56:62:ee:39:9a: 8c:62:08:a8:cf:b0:cb:44:30:5e:65:7c:7c:f6:55: b2:b6:6b:9b:62:24:92:05:15:f7:22:a3:4b:5e:bb: 57:5b:59:a7:05:dd:f8:d6:41:b3:9e:0b:3d:b1:ed: 5b:0a:73:c3:aa:21:56:50:78:12:63:7b:28:f4:0f: 03:f4:18:0f:b3:bc:18:c6:6c:3f:ec:fa:87:dd:d0: f9:7b:4d:82:14:ff:67:7a:3f:f6:ee:8a:ea:74:cc: e5:5c:8e:5f:bd:03:b3:c5:b1:d0:fa:69:de:71:85: 3f:ac:b4:e8:ba:00:cf:ae:b3:be:48:4d:7d:f2:ef: bd:b1:1f:7c:ba:ab:08:98:0c:01:8c:89:e9:18:d6: 48:8d:d8:b9:1b:48:e9:34:e4:a0:8d:49:82:5c:9b: b6:15:f2:fd:e0:32:e4:c8:90:84:9b:e8:d2:92:f2: b0:79:ad:88:98:17:1a:e1:ce:2d:ea:49:ef:ef:79: 5a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:23:60:2F:ED:1E:03:2C:2F:BD:BA:1A:03:AB:DC:4A:CA:16:B1:F0 X509v3 Authority Key Identifier: keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:38:23:5c:d4:fc:ed:16:8d:69:dd:29:92:8c:7b:89:3b:b8: 26:e4:53:66:ec:60:65:3a:b5:03:98:98:45:06:4c:71:88:08: 7c:3c:76:dd:78:c4:2a:0a:cc:d7:1e:52:ad:ba:32:42:4a:98: c3:36:22:ab:51:9e:65:22:3e:68:b2:0f:54:a6:13:2e:36:04: 99:9f:f7:df:df:d2:d1:c8:4e:ec:bf:6b:24:d4:16:95:23:ad: b9:13:94:18:6a:82:df:20:de:45:b3:07:c7:43:e1:8e:19:fc: 50:0f:d9:d1:f1:2e:1a:56:4f:8d:e5:98:06:79:ee:50:5f:de: 61:5a:56:9a:e9:04:e2:c5:e3:c8:a9:96:02:13:fe:f8:c8:9e: 09:44:f8:13:91:5d:bc:2d:c0:88:a5:b0:4e:16:35:25:9e:c6: 2f:cb:a4:b2:09:4e:e9:e7:d1:7c:ac:e6:00:42:64:d3:b0:fa: ec:6c:96:08:26:a6:cb:79:b1:bb:6c:99:e1:4d:ee:25:c1:2b: 2e:c7:eb:0b:72:5b:50:31:04:0c:f8:e2:f7:cf:09:7f:bf:0d: d5:c7:b0:d5:bd:a0:c7:b3:ec:30:b4:62:2f:43:d7:ff:8c:3a: c1:85:05:1f:6c:b7:13:61:64:73:e3:8b:fa:ca:57:ed:c5:c9: 82:60:a1:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QLgUIA0G9R6NIXDpjNtyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0 ZGRlMmMwHhcNMjUxMjA2MjAwMDUwWhcNMjUxMjA3MjAwMDUwWjAzMTEwLwYDVQQD EyhiNTIzNjAyZmVkMWUwMzJjMmZiZGJhMWEwM2FiZGM0YWNhMTZiMWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVdqmFEE3S/Dhkae4rlQmUGIYiu8 ECdsIz6dsKZaTSg6Rkoz28EXgPrmNIzrc1clxgVjeBLJaK7ypCPtyv+wje7zEh6B VmLuOZqMYgioz7DLRDBeZXx89lWytmubYiSSBRX3IqNLXrtXW1mnBd341kGzngs9 se1bCnPDqiFWUHgSY3so9A8D9BgPs7wYxmw/7PqH3dD5e02CFP9nej/27orqdMzl XI5fvQOzxbHQ+mnecYU/rLTougDPrrO+SE198u+9sR98uqsImAwBjInpGNZIjdi5 G0jpNOSgjUmCXJu2FfL94DLkyJCEm+jSkvKwea2ImBca4c4t6knv73laTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLUjYC/tHgMsL726GgOr3ErKFrHwMB8GA1UdIwQY MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct OTg0NzdhODY1M2M3LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3 LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzgjXNT8 7RaNad0pkox7iTu4JuRTZuxgZTq1A5iYRQZMcYgIfDx23XjEKgrM1x5SrboyQkqY wzYiq1GeZSI+aLIPVKYTLjYEmZ/339/S0chO7L9rJNQWlSOtuROUGGqC3yDeRbMH x0Phjhn8UA/Z0fEuGlZPjeWYBnnuUF/eYVpWmukE4sXjyKmWAhP++MieCUT4E5Fd vC3AiKWwThY1JZ7GL8uksglO6efRfKzmAEJk07D67GyWCCamy3mxu2yZ4U3uJcEr LsfrC3JbUDEEDPji988Jf78N1cew1b2gx7PsMLRiL0PX/4w6wYUFH2y3E2Fkc+OL +spX7cXJgmChpw== -----END CERTIFICATE-----Generated at Sun Dec 7 01:53:21 2025 by rpki-client