This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json) Hash identifier: zP7gfnR7ZLKopqvGTqKuOaf/wEMiunKYCpgumaPoeMY= Subject key identifier: 22:2F:D2:66:A6:C3:1F:C9:88:D2:7A:D9:5C:7F:8C:B4:5A:0B:6A:01 Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Certificate serial: 019AF23FD3EC3EC0CDDE797AA1D8920516BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft Manifest number: 083A Signing time: Sat 06 Dec 2025 06:01:00 +0000 Manifest this update: Sat 06 Dec 2025 06:01:00 +0000 Manifest next update: Sun 07 Dec 2025 06:01:00 +0000 Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: H069EWdZbQeNPOT+zBRq6iyaUziPJlpLKiB0QbxpAWE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:d3:ec:3e:c0:cd:de:79:7a:a1:d8:92:05:16:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Validity Not Before: Dec 6 06:01:00 2025 GMT Not After : Dec 7 06:01:00 2025 GMT Subject: CN=222fd266a6c31fc988d27ad95c7f8cb45a0b6a01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f7:e3:24:3d:41:9b:e2:1a:74:e1:2e:e2:78: 37:37:f2:d2:56:3a:06:ec:ae:fa:2a:9f:a2:ba:9d: 02:3b:fd:4b:dd:cb:79:c3:2a:f4:c7:62:11:38:fa: 56:13:0a:b4:e4:db:7a:1a:73:4b:a3:bd:39:e0:08: 50:80:8f:c3:2e:59:27:49:b6:13:71:cd:2d:a7:03: 89:b4:a3:71:6c:1d:db:71:74:fc:b8:e2:2e:f4:d0: 20:e7:06:bf:46:06:e1:31:b4:94:84:1b:4a:c8:9b: 9c:2b:a6:35:aa:ff:15:e7:d1:c2:39:df:21:76:ff: 3b:62:98:3a:61:2e:6b:89:17:f5:9b:10:40:c2:1c: c8:28:e2:59:63:5d:9a:10:4d:f4:ae:24:35:f0:be: a3:ff:fd:56:99:5a:6e:09:3f:a0:41:db:35:1f:b7: 4c:3e:bb:5e:0a:81:6d:6c:22:5f:c7:a0:d8:b6:d7: 1d:c0:ce:de:51:49:d4:69:1b:a9:bd:3c:bf:ed:99: cc:7f:39:91:56:6c:0f:10:a4:4f:61:16:f2:dd:21: 7c:5f:22:f5:ef:5d:be:ea:e3:a5:c6:d0:94:73:35: 75:87:05:16:76:fb:e2:aa:5b:b8:67:9a:a3:2b:7d: d8:ce:86:1e:17:25:52:e1:db:a9:68:f2:aa:ef:a3: 78:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:2F:D2:66:A6:C3:1F:C9:88:D2:7A:D9:5C:7F:8C:B4:5A:0B:6A:01 X509v3 Authority Key Identifier: keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:75:00:cc:f5:e0:6b:c7:4b:52:5f:8c:97:a2:72:25:da:5b: db:f4:40:31:99:ac:97:ec:fb:f1:7a:b8:4b:22:98:9c:d2:c6: d5:8d:5b:ab:94:8d:ca:94:ce:88:d3:dd:28:40:07:64:06:6f: 1c:49:60:37:2a:f9:30:29:7d:aa:81:ac:b3:61:c6:48:d9:0d: 9b:6c:d3:5c:54:87:98:32:58:96:41:ac:a7:3b:49:f0:63:dc: 5c:8b:e5:b1:b2:e8:c4:f6:f2:59:a2:9d:dd:94:30:4a:73:d7: 38:08:30:48:c0:d1:ff:ac:2c:c7:fa:18:0d:60:5b:b1:48:58: b3:f5:3f:b6:3a:5b:39:62:07:c2:c8:85:86:cc:3c:2c:5b:60: 0b:6e:33:0e:a2:b4:d4:61:d2:90:5b:31:7a:f9:1f:0f:21:e2: 7e:22:5b:72:82:d5:b0:d4:a4:1c:56:21:35:5a:71:ec:62:79: f0:e7:6e:19:e0:1c:61:90:2c:6c:c2:bd:17:f1:0d:e9:bb:74: 13:ce:74:90:60:90:6f:a3:8e:99:a7:ef:93:8a:bb:83:39:9e: 26:cb:f0:61:dd:f8:45:b7:4a:39:33:11:90:ff:6b:85:ee:68: 68:df:cd:8a:e9:8a:ea:cc:82:68:14:22:c7:cb:bc:76:3d:39: 2b:37:d1:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP9PsPsDN3nl6odiSBRa+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm NDg2OWUwHhcNMjUxMjA2MDYwMTAwWhcNMjUxMjA3MDYwMTAwWjAzMTEwLwYDVQQD EygyMjJmZDI2NmE2YzMxZmM5ODhkMjdhZDk1YzdmOGNiNDVhMGI2YTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/fjJD1Bm+IadOEu4ng3N/LSVjoG 7K76Kp+iup0CO/1L3ct5wyr0x2IROPpWEwq05Nt6GnNLo7054AhQgI/DLlknSbYT cc0tpwOJtKNxbB3bcXT8uOIu9NAg5wa/RgbhMbSUhBtKyJucK6Y1qv8V59HCOd8h dv87Ypg6YS5riRf1mxBAwhzIKOJZY12aEE30riQ18L6j//1WmVpuCT+gQds1H7dM PrteCoFtbCJfx6DYttcdwM7eUUnUaRupvTy/7ZnMfzmRVmwPEKRPYRby3SF8XyL1 712+6uOlxtCUczV1hwUWdvviqlu4Z5qjK33YzoYeFyVS4dupaPKq76N4cwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCIv0mamwx/JiNJ62Vx/jLRaC2oBMB8GA1UdIwQY MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANHUAzPXg a8dLUl+Ml6JyJdpb2/RAMZmsl+z78Xq4SyKYnNLG1Y1bq5SNypTOiNPdKEAHZAZv HElgNyr5MCl9qoGss2HGSNkNm2zTXFSHmDJYlkGspztJ8GPcXIvlsbLoxPbyWaKd 3ZQwSnPXOAgwSMDR/6wsx/oYDWBbsUhYs/U/tjpbOWIHwsiFhsw8LFtgC24zDqK0 1GHSkFsxevkfDyHifiJbcoLVsNSkHFYhNVpx7GJ58OduGeAcYZAsbMK9F/EN6bt0 E850kGCQb6OOmafvk4q7gzmeJsvwYd34RbdKOTMRkP9rhe5oaN/NiumK6syCaBQi x8u8dj05KzfR9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:07 2025 by rpki-client