This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.mft File: xyKtQ0cbYGvMhTu6EbjtZjwVGII.mft (raw, json) Hash identifier: XKS39OMWCIiAyuZfkfzlFv0fu41jLaxtzx/yrgNdsLo= Subject key identifier: C3:D9:D2:BA:52:76:AC:CD:F7:80:AF:EF:5D:F5:E4:D9:C7:2B:FC:06 Authority key identifier: C7:22:AD:43:47:1B:60:6B:CC:85:3B:BA:11:B8:ED:66:3C:15:18:82 Certificate issuer: /CN=c722ad43471b606bcc853bba11b8ed663c151882 Certificate serial: 019AF20930B3FAE56C6A8923C48BA961C175 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyKtQ0cbYGvMhTu6EbjtZjwVGII.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.mft Manifest number: 0E4E Signing time: Sat 06 Dec 2025 05:01:19 +0000 Manifest this update: Sat 06 Dec 2025 05:01:19 +0000 Manifest next update: Sun 07 Dec 2025 05:01:19 +0000 Files and hashes: 1: G5_4IPMG5NHZjmfzPhI-Ht0hMBo.roa (hash: UQfSOOWEfVsgKWPp7JPv9q8rf4PIS8Inp9Mcfn7NDVc=) 2: xyKtQ0cbYGvMhTu6EbjtZjwVGII.crl (hash: ZKFVyU0Egt/mj10C/oYhUJNqpnQMwIgXj2TwKCrjD+A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.mft rsync://rpki.ripe.net/repository/DEFAULT/xyKtQ0cbYGvMhTu6EbjtZjwVGII.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:30:b3:fa:e5:6c:6a:89:23:c4:8b:a9:61:c1:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c722ad43471b606bcc853bba11b8ed663c151882 Validity Not Before: Dec 6 05:01:19 2025 GMT Not After : Dec 7 05:01:19 2025 GMT Subject: CN=c3d9d2ba5276accdf780afef5df5e4d9c72bfc06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:37:d0:27:7f:b4:08:30:4a:13:8d:0e:e5:95: b0:cb:85:d0:70:47:85:34:7a:82:9a:1e:63:f4:9c: 76:48:fd:a0:28:30:17:0c:c2:43:b8:ee:bd:aa:57: ca:06:0f:0c:d8:c0:06:fa:4c:48:b0:47:66:91:6f: 30:87:e5:02:d1:8a:6c:a0:91:82:77:5b:2d:64:84: a5:81:d6:f4:78:49:12:41:26:69:20:f2:47:c5:3f: df:75:7b:34:40:f7:42:fa:74:b4:09:73:89:b0:45: 5a:80:3d:4a:13:b4:d8:96:37:3c:e2:43:e3:9c:cb: 1b:f4:47:ea:99:27:55:47:f9:dd:d2:a8:52:ac:da: de:50:f2:27:66:5b:47:16:1d:c9:8c:35:c9:7e:dd: 2f:15:ec:09:37:8e:da:4b:fc:b4:4a:75:91:7a:c1: 42:cc:e5:d1:bf:55:ee:72:a1:c1:46:a1:e4:2a:e2: 2a:d0:19:e3:b6:a6:26:6c:d5:b1:24:cf:e8:9e:e6: f5:5c:2e:60:55:42:5b:37:86:d6:b1:6f:2a:f1:74: 27:e7:04:d4:c3:6d:73:c8:d6:0a:c9:0d:82:56:0d: 1f:b3:9b:af:59:3f:3d:44:c0:7f:46:34:50:f6:72: f9:e8:77:13:35:19:c2:df:a3:18:42:34:54:c4:f9: fa:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:D9:D2:BA:52:76:AC:CD:F7:80:AF:EF:5D:F5:E4:D9:C7:2B:FC:06 X509v3 Authority Key Identifier: keyid:C7:22:AD:43:47:1B:60:6B:CC:85:3B:BA:11:B8:ED:66:3C:15:18:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyKtQ0cbYGvMhTu6EbjtZjwVGII.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/d3a0b1-08a0-44dd-8774-066ffefd0cab/1/xyKtQ0cbYGvMhTu6EbjtZjwVGII.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:9e:b3:57:94:8e:8c:03:12:db:76:37:ea:64:e9:d6:49:a3: fc:69:8a:fc:b1:a8:db:2e:de:69:d6:b5:46:27:c4:ce:44:0e: 54:4d:b5:61:46:2f:ea:5a:07:07:bf:cd:fc:85:c0:ad:65:1c: a6:63:95:be:eb:e4:98:f8:e1:23:61:de:f6:79:8c:05:f9:28: c7:f3:4c:19:63:7e:4c:0c:6e:19:b7:30:2b:e3:34:30:39:72: e5:52:64:22:60:93:19:d4:94:46:12:8c:93:c2:ff:18:ee:9c: 88:5b:12:c2:a5:d7:55:61:1b:20:25:5b:1a:39:77:ee:8f:ae: 75:6a:ee:3d:ec:c0:72:91:c7:b1:54:21:0e:22:f6:01:3d:35: b6:c0:30:88:4e:bd:2b:a9:54:51:d2:74:b9:18:ab:8d:92:5c: fa:09:52:a3:a9:6f:3a:f4:24:02:e3:ad:55:6f:7c:8d:8d:fe: ef:40:24:c2:66:7c:eb:60:ef:ae:cc:3a:fc:21:bd:22:91:ed: bd:a4:3a:9e:d5:29:df:e0:02:8a:2e:c7:c0:ab:d8:ab:83:9b: 73:09:cd:d2:10:89:27:7e:00:1a:79:91:80:ea:78:c6:ea:28: 5f:f9:43:c5:17:77:d2:aa:c0:5d:7e:be:fa:7f:04:94:13:48: 03:36:a3:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCTCz+uVsaokjxIupYcF1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MjJhZDQzNDcxYjYwNmJjYzg1M2JiYTExYjhlZDY2M2Mx NTE4ODIwHhcNMjUxMjA2MDUwMTE5WhcNMjUxMjA3MDUwMTE5WjAzMTEwLwYDVQQD EyhjM2Q5ZDJiYTUyNzZhY2NkZjc4MGFmZWY1ZGY1ZTRkOWM3MmJmYzA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jfQJ3+0CDBKE40O5ZWwy4XQcEeF NHqCmh5j9Jx2SP2gKDAXDMJDuO69qlfKBg8M2MAG+kxIsEdmkW8wh+UC0YpsoJGC d1stZISlgdb0eEkSQSZpIPJHxT/fdXs0QPdC+nS0CXOJsEVagD1KE7TYljc84kPj nMsb9EfqmSdVR/nd0qhSrNreUPInZltHFh3JjDXJft0vFewJN47aS/y0SnWResFC zOXRv1XucqHBRqHkKuIq0BnjtqYmbNWxJM/onub1XC5gVUJbN4bWsW8q8XQn5wTU w21zyNYKyQ2CVg0fs5uvWT89RMB/RjRQ9nL56HcTNRnC36MYQjRUxPn6dwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPZ0rpSdqzN94Cv71315NnHK/wGMB8GA1UdIwQY MBaAFMcirUNHG2BrzIU7uhG47WY8FRiCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHlLdFEwY2JZR3ZNaFR1NkVianRaandWR0lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9kM2EwYjEtMDhhMC00NGRkLTg3NzQt MDY2ZmZlZmQwY2FiLzEveHlLdFEwY2JZR3ZNaFR1NkVianRaandWR0lJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9kM2EwYjEtMDhhMC00NGRkLTg3NzQtMDY2ZmZlZmQwY2Fi LzEveHlLdFEwY2JZR3ZNaFR1NkVianRaandWR0lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv56zV5SO jAMS23Y36mTp1kmj/GmK/LGo2y7eada1RifEzkQOVE21YUYv6loHB7/N/IXArWUc pmOVvuvkmPjhI2He9nmMBfkox/NMGWN+TAxuGbcwK+M0MDly5VJkImCTGdSURhKM k8L/GO6ciFsSwqXXVWEbICVbGjl37o+udWruPezAcpHHsVQhDiL2AT01tsAwiE69 K6lUUdJ0uRirjZJc+glSo6lvOvQkAuOtVW98jY3+70AkwmZ862Dvrsw6/CG9IpHt vaQ6ntUp3+ACii7HwKvYq4ObcwnN0hCJJ34AGnmRgOp4xuooX/lDxRd30qrAXX6+ +n8ElBNIAzajtg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:58:15 2025 by rpki-client