This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.mft File: 1XgxwfXmACVCvOut7yQSithG6vk.mft (raw, json) Hash identifier: 8fvFSSvIndp9sG9zZ4h4Rq053q6PVqB2MRE7gZgAwu4= Subject key identifier: 2A:0A:73:A2:C6:A5:BC:53:2B:81:8B:E0:EC:A3:64:13:BF:68:40:0A Authority key identifier: D5:78:31:C1:F5:E6:00:25:42:BC:EB:AD:EF:24:12:8A:D8:46:EA:F9 Certificate issuer: /CN=d57831c1f5e6002542bcebadef24128ad846eaf9 Certificate serial: 019AF2E43AD06D8E2F1C191FF0D52BFDAB38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.mft Manifest number: 0225 Signing time: Sat 06 Dec 2025 09:00:34 +0000 Manifest this update: Sat 06 Dec 2025 09:00:34 +0000 Manifest next update: Sun 07 Dec 2025 09:00:34 +0000 Files and hashes: 1: 1XgxwfXmACVCvOut7yQSithG6vk.crl (hash: zlnrf9Vo8Sv6mF86MPXNESWmgUJYK793smuqFcdDOcY=) 2: jBcC68-4tNTaOUs94kizBYj_5jE.roa (hash: CWF9O9xI5w99y3uaUjJU6mOhyBR4YqldPuJsucAG1t8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.mft rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:3a:d0:6d:8e:2f:1c:19:1f:f0:d5:2b:fd:ab:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d57831c1f5e6002542bcebadef24128ad846eaf9 Validity Not Before: Dec 6 09:00:34 2025 GMT Not After : Dec 7 09:00:34 2025 GMT Subject: CN=2a0a73a2c6a5bc532b818be0eca36413bf68400a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2e:c0:98:50:d0:ad:f9:97:35:0f:20:3e:b2: 90:d0:62:32:d8:0b:20:6a:69:a6:d9:be:17:19:0d: 27:15:e7:d7:66:b1:aa:c5:59:72:50:4f:78:09:68: 27:6f:fc:55:bd:83:6e:f6:fd:7a:0c:18:2c:4e:2c: 1b:a4:8a:cd:db:90:01:c3:f3:f2:60:1b:18:81:3b: 83:31:14:c8:d7:e1:b6:75:ad:13:13:81:79:cb:2a: e8:ea:04:2c:40:ef:12:89:34:0c:9a:4e:04:9e:cd: 37:9e:89:d8:0b:76:9a:e1:4d:b3:70:62:fa:c7:73: be:2b:d8:db:43:4e:55:a0:ed:45:5d:0f:ca:ea:9b: 6e:6f:ea:4e:54:25:6d:05:e4:0b:72:44:0d:90:8b: 7f:bd:97:ba:56:58:88:c3:c0:2e:b1:73:ee:49:b9: 8b:df:0c:ac:be:91:cb:c9:10:b6:cf:ad:69:40:20: 41:4b:21:34:4c:84:50:4b:39:07:cd:67:ef:b7:c8: d9:4b:d0:d4:55:da:89:b0:ce:a3:48:3f:68:fe:04: 1d:d4:b8:f4:51:4b:62:0f:6f:61:8a:fa:55:40:d2: 4e:6b:d6:12:1e:7f:5d:91:dc:56:93:10:68:4d:b8: 8d:ba:73:d5:16:2d:de:95:dd:f2:34:ac:06:49:ef: c6:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:0A:73:A2:C6:A5:BC:53:2B:81:8B:E0:EC:A3:64:13:BF:68:40:0A X509v3 Authority Key Identifier: keyid:D5:78:31:C1:F5:E6:00:25:42:BC:EB:AD:EF:24:12:8A:D8:46:EA:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:23:1b:60:98:a0:6a:66:9d:ba:ee:3b:37:86:38:40:5c:1e: 03:1e:7d:07:29:ba:69:e1:9b:40:1a:57:a6:c8:3f:a1:e7:99: 1e:39:9f:30:b6:49:ab:7f:67:ff:f5:8f:7f:a8:9f:47:cd:9f: 15:dd:be:6e:28:7a:4a:0f:ab:05:dc:88:9d:35:6c:b2:d1:dc: e6:7e:14:c6:65:27:c8:37:0f:40:c9:8e:e9:69:1c:ce:2e:df: 29:4b:52:d5:99:44:3e:22:17:c5:9a:ee:2c:60:74:9f:71:54: 1d:0d:dd:f7:20:1e:32:93:77:6c:52:3c:ab:e9:f2:6e:43:aa: 3b:00:b9:1c:bb:63:1b:ec:72:9f:45:2b:ee:e0:d6:eb:1b:40: 7f:35:00:c5:6e:bc:c9:de:46:2a:04:b8:f9:03:72:13:49:e1: 5f:25:45:9f:e8:4d:68:67:fb:32:29:f1:78:74:08:a1:f3:0c: 64:b2:01:5d:c7:d1:5c:08:aa:32:e6:81:7a:bd:2c:be:fe:b7: 91:0d:18:ed:54:ac:31:b9:be:b7:b4:99:9e:bd:c6:c1:0f:a6: 62:82:98:3b:cc:4e:e7:60:c8:3e:8b:57:06:a8:57:41:67:0d: 45:2e:4a:43:09:bc:77:35:f3:6f:f1:74:f7:88:66:ec:09:09: ad:0d:3d:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5DrQbY4vHBkf8NUr/as4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1NzgzMWMxZjVlNjAwMjU0MmJjZWJhZGVmMjQxMjhhZDg0 NmVhZjkwHhcNMjUxMjA2MDkwMDM0WhcNMjUxMjA3MDkwMDM0WjAzMTEwLwYDVQQD EygyYTBhNzNhMmM2YTViYzUzMmI4MThiZTBlY2EzNjQxM2JmNjg0MDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS7AmFDQrfmXNQ8gPrKQ0GIy2Asg ammm2b4XGQ0nFefXZrGqxVlyUE94CWgnb/xVvYNu9v16DBgsTiwbpIrN25ABw/Py YBsYgTuDMRTI1+G2da0TE4F5yyro6gQsQO8SiTQMmk4Ens03nonYC3aa4U2zcGL6 x3O+K9jbQ05VoO1FXQ/K6ptub+pOVCVtBeQLckQNkIt/vZe6VliIw8AusXPuSbmL 3wysvpHLyRC2z61pQCBBSyE0TIRQSzkHzWfvt8jZS9DUVdqJsM6jSD9o/gQd1Lj0 UUtiD29hivpVQNJOa9YSHn9dkdxWkxBoTbiNunPVFi3eld3yNKwGSe/GNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCoKc6LGpbxTK4GL4OyjZBO/aEAKMB8GA1UdIwQY MBaAFNV4McH15gAlQrzrre8kEorYRur5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVhneHdmWG1BQ1ZDdk91dDd5UVNpdGhHNnZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iMTk2NGEtMzBhZS00NDgyLTg0NWQt NzQ2MzY1ZGJhNWJiLzEvMVhneHdmWG1BQ1ZDdk91dDd5UVNpdGhHNnZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC9iMTk2NGEtMzBhZS00NDgyLTg0NWQtNzQ2MzY1ZGJhNWJi LzEvMVhneHdmWG1BQ1ZDdk91dDd5UVNpdGhHNnZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCMbYJig amaduu47N4Y4QFweAx59Bym6aeGbQBpXpsg/oeeZHjmfMLZJq39n//WPf6ifR82f Fd2+bih6Sg+rBdyInTVsstHc5n4UxmUnyDcPQMmO6Wkczi7fKUtS1ZlEPiIXxZru LGB0n3FUHQ3d9yAeMpN3bFI8q+nybkOqOwC5HLtjG+xyn0Ur7uDW6xtAfzUAxW68 yd5GKgS4+QNyE0nhXyVFn+hNaGf7MinxeHQIofMMZLIBXcfRXAiqMuaBer0svv63 kQ0Y7VSsMbm+t7SZnr3GwQ+mYoKYO8xO52DIPotXBqhXQWcNRS5KQwm8dzXzb/F0 94hm7AkJrQ09LQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:51:04 2025 by rpki-client