This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json) Hash identifier: E/SB2maAsTdgdyrKqfoGoLElFK1aTxk+g0D0zs8VeQ8= Subject key identifier: 9E:39:7B:EA:1D:89:B9:14:63:C6:80:F2:B6:5B:5D:F7:43:21:0E:F9 Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Certificate serial: 019B3A90297AE43DE5A9954527F971240D5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft Manifest number: 0685 Signing time: Sat 20 Dec 2025 07:01:24 +0000 Manifest this update: Sat 20 Dec 2025 07:01:24 +0000 Manifest next update: Sun 21 Dec 2025 07:01:24 +0000 Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=) 2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: PDbF/umEZUQWnZ+5ucbYwDZ9sar9ETL1jFbxyyvHIf0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:29:7a:e4:3d:e5:a9:95:45:27:f9:71:24:0d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Validity Not Before: Dec 20 07:01:24 2025 GMT Not After : Dec 21 07:01:24 2025 GMT Subject: CN=9e397bea1d89b91463c680f2b65b5df743210ef9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e1:1d:5e:8a:2a:d3:18:43:b8:39:b8:e6:b9: 41:1a:1b:4d:a4:de:61:b4:d6:22:6e:b9:66:56:0b: 92:31:41:0a:88:26:3a:ed:a8:1b:91:bb:4b:de:40: 70:76:48:8c:5c:5f:14:ec:00:bc:f5:a6:71:e8:f0: f5:be:43:71:04:8f:cd:2d:13:b5:2e:7d:1d:29:95: e3:4b:9a:70:f6:51:cf:3c:ba:ff:3c:3c:40:52:69: 29:02:ee:4b:fa:c6:e6:89:91:de:1c:39:26:f0:87: fe:8c:cd:22:ae:87:5e:a2:a0:9f:7e:54:8d:f4:a2: 6c:a2:01:6e:bb:96:33:5c:4b:da:7c:5a:d9:c6:85: 1b:88:90:4e:fc:2c:bc:81:aa:67:6c:fe:72:85:fd: 44:55:0a:3b:b8:6e:0d:15:ea:d9:01:ea:bf:a1:90: 46:20:27:cf:23:a8:83:52:2c:a8:44:76:d2:87:d9: 84:2c:44:88:b4:a3:52:e6:31:ea:88:37:f4:f1:df: 8a:67:ca:f0:aa:24:f6:8c:36:4a:ec:66:f4:5f:33: 9f:0d:91:ce:4f:fe:20:0e:95:b0:19:2e:42:b4:ad: 0d:1d:ac:bc:ec:5a:ad:c8:96:2b:ca:76:61:bc:82: 99:a7:73:13:96:55:85:6e:fa:a2:a2:4c:6f:32:dd: eb:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:39:7B:EA:1D:89:B9:14:63:C6:80:F2:B6:5B:5D:F7:43:21:0E:F9 X509v3 Authority Key Identifier: keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:fa:48:17:40:96:ed:7a:64:4e:44:5e:24:83:94:c7:09:dc: 0f:39:13:06:78:fd:11:a7:f7:dd:13:8c:18:f3:e9:b1:a2:84: af:3e:c4:5c:9a:ce:6b:06:45:7a:00:27:1c:0b:ac:9d:d3:84: ad:8a:35:e6:9b:09:bf:e7:82:c8:3b:e0:69:f4:cc:93:d3:fb: ee:85:8d:e7:b5:7c:de:9c:57:4f:d7:72:34:8e:40:54:98:5a: 51:e8:2d:22:a0:04:97:76:15:59:eb:55:00:d3:2d:f2:17:5e: 8e:87:c9:75:62:c8:af:bd:74:0c:0a:ec:85:4d:b9:99:9d:1d: 42:a7:b5:82:91:85:86:67:6e:a9:4b:ea:41:35:3a:1f:9c:90: 04:37:06:ef:9c:17:41:b1:82:c8:dc:33:7e:48:52:97:b3:80: 1c:b8:11:51:2f:34:1c:f9:8b:dc:ae:3e:ad:f6:61:77:3b:33: ce:fa:ae:4e:6a:3e:32:bb:a7:b8:46:f8:c1:06:67:fe:1d:fe: 0f:f6:4f:f4:30:0e:e8:dc:12:e3:47:de:64:f6:48:ed:69:33: 6a:44:1d:5a:63:08:28:1b:72:15:b1:bf:38:96:b7:c9:b1:a5: 94:77:4d:c9:e3:40:ef:38:40:4d:4f:20:25:05:f1:59:ca:a5: 2e:27:63:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kCl65D3lqZVFJ/lxJA1cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5 MDUwNzEwHhcNMjUxMjIwMDcwMTI0WhcNMjUxMjIxMDcwMTI0WjAzMTEwLwYDVQQD Eyg5ZTM5N2JlYTFkODliOTE0NjNjNjgwZjJiNjViNWRmNzQzMjEwZWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+EdXooq0xhDuDm45rlBGhtNpN5h tNYibrlmVguSMUEKiCY67agbkbtL3kBwdkiMXF8U7AC89aZx6PD1vkNxBI/NLRO1 Ln0dKZXjS5pw9lHPPLr/PDxAUmkpAu5L+sbmiZHeHDkm8If+jM0irodeoqCfflSN 9KJsogFuu5YzXEvafFrZxoUbiJBO/Cy8gapnbP5yhf1EVQo7uG4NFerZAeq/oZBG ICfPI6iDUiyoRHbSh9mELESItKNS5jHqiDf08d+KZ8rwqiT2jDZK7Gb0XzOfDZHO T/4gDpWwGS5CtK0NHay87FqtyJYrynZhvIKZp3MTllWFbvqiokxvMt3r2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ45e+odibkUY8aA8rZbXfdDIQ75MB8GA1UdIwQY MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaPpIF0CW 7XpkTkReJIOUxwncDzkTBnj9Eaf33ROMGPPpsaKErz7EXJrOawZFegAnHAusndOE rYo15psJv+eCyDvgafTMk9P77oWN57V83pxXT9dyNI5AVJhaUegtIqAEl3YVWetV ANMt8hdejofJdWLIr710DArshU25mZ0dQqe1gpGFhmduqUvqQTU6H5yQBDcG75wX QbGCyNwzfkhSl7OAHLgRUS80HPmL3K4+rfZhdzszzvquTmo+MrunuEb4wQZn/h3+ D/ZP9DAO6NwS40feZPZI7WkzakQdWmMIKBtyFbG/OJa3ybGllHdNyeNA7zhATU8g JQXxWcqlLidjkQ== -----END CERTIFICATE-----Generated at Sat Dec 20 10:06:48 2025 by rpki-client