This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json) Hash identifier: TLK7udZT09iQrMqOJmxFkfHeWrJ55Pg6nocrPYI3jik= Subject key identifier: C1:6A:14:78:62:AE:87:28:C1:02:38:D5:EB:21:A8:A2:FE:0E:BB:9A Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Certificate serial: 019B33E8CD5740F794BFF0E45B11ACD7787C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft Manifest number: 085C Signing time: Fri 19 Dec 2025 00:00:53 +0000 Manifest this update: Fri 19 Dec 2025 00:00:53 +0000 Manifest next update: Sat 20 Dec 2025 00:00:53 +0000 Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: 0QK1zkLBZ40K6IARYysHnFUvka1ukoYbJO7tT6u2PAk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:cd:57:40:f7:94:bf:f0:e4:5b:11:ac:d7:78:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Validity Not Before: Dec 19 00:00:53 2025 GMT Not After : Dec 20 00:00:53 2025 GMT Subject: CN=c16a147862ae8728c10238d5eb21a8a2fe0ebb9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b1:69:69:b1:b3:6a:5b:cb:1b:8b:a7:ee:00: 0d:c6:45:73:1b:18:27:5b:29:bb:22:00:d2:2f:16: f5:68:de:45:36:29:7b:cd:10:4a:53:c9:3e:06:2b: a6:d5:8c:6e:0b:9e:e0:6a:87:3a:e8:cf:83:d1:ac: 7d:cd:83:e3:c5:af:00:f6:a6:d9:b8:4a:7b:40:b9: 90:12:0d:dc:87:02:d2:51:5d:0c:70:f9:ec:24:f5: 32:83:ce:d2:fd:c9:3c:0e:ea:07:84:db:bf:46:a9: 46:9d:cc:a4:63:0f:f7:e5:81:10:1e:f9:24:a1:c2: 88:aa:8a:fb:14:80:9b:82:29:ea:26:8d:77:02:f5: 8c:1b:04:2e:b2:f0:bd:a3:2b:4b:2e:46:13:77:37: 83:d9:15:31:a8:80:dc:b8:e8:a4:c3:c8:a5:46:b0: 71:5c:bb:71:0e:ce:5b:dc:11:35:17:b8:cd:b3:5a: ef:53:d8:3c:6a:c8:4c:49:04:87:b1:49:ef:28:50: 94:69:04:cd:b6:87:cf:f5:20:3f:82:19:e1:0a:a1: b4:ae:d1:b2:06:2d:59:26:9f:f8:b4:fd:fc:00:ae: 8c:03:c9:04:95:be:08:25:3a:b4:cb:68:d5:55:e1: ab:ba:48:c4:f3:ca:34:af:1d:0d:65:74:af:4d:41: 72:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:6A:14:78:62:AE:87:28:C1:02:38:D5:EB:21:A8:A2:FE:0E:BB:9A X509v3 Authority Key Identifier: keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:6f:bb:5b:17:3a:73:ff:25:73:94:ec:cc:21:b1:e3:cd:0c: 77:d3:d5:a5:dd:1c:48:1d:c5:d5:a1:60:c8:f4:5d:e1:4c:97: 42:89:99:37:64:e6:ae:d0:4b:4e:31:ce:2e:e9:76:b5:3e:13: 65:f5:9b:a9:b9:f4:2e:c6:90:ab:9a:2f:ed:2a:15:a8:9b:0f: b8:ef:6e:66:7b:6f:0f:dd:c3:24:3c:94:85:19:c0:94:02:04: 92:11:57:d3:7b:3c:06:55:4b:e8:69:08:2e:45:b7:c0:38:a1: 54:35:48:8d:87:25:34:71:b5:b2:03:06:03:34:8d:a5:27:78: 29:da:70:74:15:a5:ab:bd:51:e0:fb:6c:2b:38:16:f7:20:80: 73:e5:7c:53:2b:25:c7:fc:1a:cb:7a:ff:55:30:e0:2b:00:75: 24:cc:24:f3:16:91:a8:cc:af:51:4a:39:a2:a1:15:56:89:41: 1c:94:53:e9:ef:c2:c8:8a:96:6b:59:dd:80:e3:1c:2e:9f:9d: a8:7a:86:76:18:83:22:af:1d:a5:ce:ba:fd:81:90:94:6b:59: 2a:76:5d:96:90:54:63:9b:db:99:15:9b:d5:6e:d5:75:cf:d1: 51:fa:10:74:a8:78:41:94:71:38:54:fd:ea:65:d6:1f:94:7c: ec:cc:97:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6M1XQPeUv/DkWxGs13h8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm NDg2OWUwHhcNMjUxMjE5MDAwMDUzWhcNMjUxMjIwMDAwMDUzWjAzMTEwLwYDVQQD EyhjMTZhMTQ3ODYyYWU4NzI4YzEwMjM4ZDVlYjIxYThhMmZlMGViYjlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbFpabGzalvLG4un7gANxkVzGxgn Wym7IgDSLxb1aN5FNil7zRBKU8k+Bium1YxuC57gaoc66M+D0ax9zYPjxa8A9qbZ uEp7QLmQEg3chwLSUV0McPnsJPUyg87S/ck8DuoHhNu/RqlGncykYw/35YEQHvkk ocKIqor7FICbginqJo13AvWMGwQusvC9oytLLkYTdzeD2RUxqIDcuOikw8ilRrBx XLtxDs5b3BE1F7jNs1rvU9g8ashMSQSHsUnvKFCUaQTNtofP9SA/ghnhCqG0rtGy Bi1ZJp/4tP38AK6MA8kElb4IJTq0y2jVVeGrukjE88o0rx0NZXSvTUFyUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMFqFHhirocowQI41eshqKL+DruaMB8GA1UdIwQY MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmG+7Wxc6 c/8lc5TszCGx480Md9PVpd0cSB3F1aFgyPRd4UyXQomZN2TmrtBLTjHOLul2tT4T ZfWbqbn0LsaQq5ov7SoVqJsPuO9uZntvD93DJDyUhRnAlAIEkhFX03s8BlVL6GkI LkW3wDihVDVIjYclNHG1sgMGAzSNpSd4KdpwdBWlq71R4PtsKzgW9yCAc+V8Uysl x/way3r/VTDgKwB1JMwk8xaRqMyvUUo5oqEVVolBHJRT6e/CyIqWa1ndgOMcLp+d qHqGdhiDIq8dpc66/YGQlGtZKnZdlpBUY5vbmRWb1W7Vdc/RUfoQdKh4QZRxOFT9 6mXWH5R87MyXHg== -----END CERTIFICATE-----Generated at Fri Dec 19 07:19:19 2025 by rpki-client