This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft File: xHC41L-HFAS8pTx3gVME7y6k4co.mft (raw, json) Hash identifier: pkdk65ACsclkFKqx5HHUul9DCZcza+lCD8o1CNXe8Ck= Subject key identifier: 3D:97:5F:30:E6:47:D6:2C:49:17:18:C0:55:F3:CD:76:6F:66:53:29 Authority key identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA Certificate issuer: /CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Certificate serial: 019AF49BA7A91603947D110E0AF197FF5173 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft Manifest number: 0148 Signing time: Sat 06 Dec 2025 17:00:32 +0000 Manifest this update: Sat 06 Dec 2025 17:00:32 +0000 Manifest next update: Sun 07 Dec 2025 17:00:32 +0000 Files and hashes: 1: N1QJr3d4xPAL0pWw7bMpfGQLYDw.roa (hash: bdncW/PZlPA4ydR5a6GdEoycfKMOIvrr26MW7cKXUvM=) 2: xHC41L-HFAS8pTx3gVME7y6k4co.crl (hash: m/jaUP1+Q1SKbKJsPDliuDCYwsRUAya0lODbjah2QUQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:a7:a9:16:03:94:7d:11:0e:0a:f1:97:ff:51:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Validity Not Before: Dec 6 17:00:32 2025 GMT Not After : Dec 7 17:00:32 2025 GMT Subject: CN=3d975f30e647d62c491718c055f3cd766f665329 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7d:3b:fe:1f:02:77:7b:fb:a1:db:e4:c9:86: be:c1:e0:e1:f3:57:9e:a1:70:ff:4e:b4:4a:05:58: 71:32:43:ee:89:ac:57:f3:b9:f0:9a:b1:86:9a:80: 14:e6:0c:6a:b4:a7:04:7c:2d:f8:2f:8b:4a:cc:53: e2:bc:1c:f7:ef:60:9d:46:06:da:51:6b:f8:74:2e: 77:42:2e:6f:fa:31:8a:27:8a:4c:ae:6a:cd:0b:e9: 8d:c2:7c:45:47:c4:29:f6:10:8c:e8:c9:06:2f:a0: 0e:b5:ea:04:51:e4:d6:05:0c:e7:d9:64:46:a0:00: c5:de:0b:a2:09:46:0f:16:0f:90:1e:a0:e4:44:af: 93:9a:6a:0d:0f:67:89:1d:d7:25:e7:c5:7a:8e:ca: 57:7d:ea:54:4d:5d:d4:f2:03:6a:42:a2:f3:b5:d2: 7c:84:0e:a5:6b:4f:f7:23:73:32:29:d4:44:59:64: e7:b1:24:aa:7f:7c:61:6e:57:02:94:ac:a6:3b:f4: 13:e3:99:cc:8d:31:1f:01:ff:32:a5:cf:22:7d:3f: f2:95:55:fc:e0:18:c3:ae:14:3c:6e:73:95:5b:fb: 76:db:69:af:0b:57:b2:b0:f9:e7:1c:50:bc:28:86: e5:76:a9:17:ae:8c:d6:6e:32:9b:bb:68:54:74:75: 81:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:97:5F:30:E6:47:D6:2C:49:17:18:C0:55:F3:CD:76:6F:66:53:29 X509v3 Authority Key Identifier: keyid:C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:d9:f5:54:1a:98:22:16:a8:83:fa:bf:4a:6d:d4:6d:0b:34: bf:da:32:6f:14:d8:a5:a1:32:90:7d:ad:6a:1c:f8:b2:42:67: 61:b7:df:48:55:1f:16:5b:e7:6f:a6:40:30:55:3e:6b:7c:9a: 66:31:39:8b:c5:de:75:1d:9d:3b:37:25:83:d6:c2:9d:2b:d2: 42:22:33:59:d4:0c:d7:4a:1f:e2:88:1a:b0:a4:f8:a3:3e:05: d0:54:b0:95:14:82:34:0d:58:2b:d1:09:47:9e:67:0a:e8:1e: dd:4a:b3:5a:cd:f5:33:9b:bd:fe:d3:bc:e2:3e:e4:ba:1f:72: 37:ee:6e:6a:9e:6f:9f:47:b3:ed:3c:f1:01:1b:27:c9:20:75: 4d:92:e7:f9:03:69:b9:cc:ec:92:5d:4c:1d:22:09:45:51:22: 47:1f:7d:74:11:e9:e0:aa:84:4b:a0:e6:b3:07:dc:15:7d:fa: 06:51:21:fa:cf:b1:ad:9f:1a:d2:2f:14:08:d9:f3:57:2c:0c: 27:38:05:04:c8:31:75:0b:6f:94:38:c2:07:cc:59:0b:2a:ab: 9c:e8:72:46:90:49:85:47:92:ad:37:8d:47:62:e8:e9:e1:bd: ea:03:bb:e1:b6:60:ab:73:81:cd:e6:a9:e6:cf:2f:fb:79:11: 4b:f9:82:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m6epFgOUfREOCvGX/1FzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NzBiOGQ0YmY4NzE0MDRiY2E1M2M3NzgxNTMwNGVmMmVh NGUxY2EwHhcNMjUxMjA2MTcwMDMyWhcNMjUxMjA3MTcwMDMyWjAzMTEwLwYDVQQD EygzZDk3NWYzMGU2NDdkNjJjNDkxNzE4YzA1NWYzY2Q3NjZmNjY1MzI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun07/h8Cd3v7odvkyYa+weDh81ee oXD/TrRKBVhxMkPuiaxX87nwmrGGmoAU5gxqtKcEfC34L4tKzFPivBz372CdRgba UWv4dC53Qi5v+jGKJ4pMrmrNC+mNwnxFR8Qp9hCM6MkGL6AOteoEUeTWBQzn2WRG oADF3guiCUYPFg+QHqDkRK+TmmoND2eJHdcl58V6jspXfepUTV3U8gNqQqLztdJ8 hA6la0/3I3MyKdREWWTnsSSqf3xhblcClKymO/QT45nMjTEfAf8ypc8ifT/ylVX8 4BjDrhQ8bnOVW/t222mvC1eysPnnHFC8KIbldqkXrozWbjKbu2hUdHWBDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD2XXzDmR9YsSRcYwFXzzXZvZlMpMB8GA1UdIwQY MBaAFMRwuNS/hxQEvKU8d4FTBO8upOHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGIt ZjYyNGVkNWY0NmZlLzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGItZjYyNGVkNWY0NmZl LzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQtn1VBqY Ihaog/q/Sm3UbQs0v9oybxTYpaEykH2tahz4skJnYbffSFUfFlvnb6ZAMFU+a3ya ZjE5i8XedR2dOzclg9bCnSvSQiIzWdQM10of4ogasKT4oz4F0FSwlRSCNA1YK9EJ R55nCuge3UqzWs31M5u9/tO84j7kuh9yN+5uap5vn0ez7TzxARsnySB1TZLn+QNp uczskl1MHSIJRVEiRx99dBHp4KqES6DmswfcFX36BlEh+s+xrZ8a0i8UCNnzVywM JzgFBMgxdQtvlDjCB8xZCyqrnOhyRpBJhUeSrTeNR2Lo6eG96gO74bZgq3OBzeap 5s8v+3kRS/mCuA== -----END CERTIFICATE-----Generated at Sun Dec 7 00:36:03 2025 by rpki-client