This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft File: nUkl6XatC_tz4JfaaRfoD1vObIw.mft (raw, json) Hash identifier: c2e9I02seHxeq+HffqLjjsv+mPlFCapvVylGnGGjmiw= Subject key identifier: 65:09:28:23:8D:B2:1E:6A:30:BC:8F:42:DC:A1:BB:A0:35:AD:FE:1F Authority key identifier: 9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C Certificate issuer: /CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c Certificate serial: 019AF31C2B92B0E209E93A09D53D0D26812E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft Manifest number: 11C0 Signing time: Sat 06 Dec 2025 10:01:40 +0000 Manifest this update: Sat 06 Dec 2025 10:01:40 +0000 Manifest next update: Sun 07 Dec 2025 10:01:40 +0000 Files and hashes: 1: 7Wfm8N_BNNM1ZIAzk65u_y1CoxQ.roa (hash: vGKhwTsZ6bUD5wem1afZhHCNpuoU8y3whIP7i2K9fc8=) 2: nUkl6XatC_tz4JfaaRfoD1vObIw.crl (hash: ke1RJQKHOfR8TmKpv54IpdS5MkHRW7+PgOCIPHJ1pIY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.crl rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:2b:92:b0:e2:09:e9:3a:09:d5:3d:0d:26:81:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c Validity Not Before: Dec 6 10:01:40 2025 GMT Not After : Dec 7 10:01:40 2025 GMT Subject: CN=650928238db21e6a30bc8f42dca1bba035adfe1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:3d:b7:15:55:88:03:f6:a5:a8:b9:8e:1b:48: c6:4d:5d:39:a7:75:31:78:83:f2:c5:dd:60:ad:58: 16:73:06:a9:0b:a3:95:c6:e7:db:7e:18:a7:52:aa: 9e:c2:c9:eb:ee:c6:8e:60:44:d2:23:1f:fe:09:ea: 32:34:0f:46:17:44:36:c2:17:9b:f6:9c:22:b4:d3: c4:2a:57:a2:53:e0:c3:6d:4c:d0:0c:ed:1a:03:b5: ae:65:24:a2:5c:ea:8d:9c:80:0a:6f:b9:38:90:a9: 58:f0:77:4e:fa:fa:ba:de:f8:2b:b3:48:34:8e:87: d6:ff:0b:14:b2:fb:47:bc:ac:0b:6c:02:7b:3f:ce: a2:4c:9a:32:8e:81:43:c1:d2:3c:d8:16:e8:ca:34: 92:56:1e:13:a3:ef:24:f4:da:cd:fe:43:e6:ca:5a: 78:08:30:19:2e:eb:07:ad:9b:ac:44:9e:ed:2e:84: 5c:c8:3a:aa:c6:3a:25:af:f1:d9:4e:e1:0e:1e:53: a7:9c:64:bd:ec:78:f3:0a:e5:80:5d:cd:43:13:c3: 77:76:4a:49:79:f4:2c:25:11:42:f5:1b:a0:40:fd: c5:c6:86:b3:7b:aa:c2:81:3f:f4:5f:fe:1d:1d:9d: 23:c1:33:56:ca:5a:d8:1a:b9:5a:15:60:0e:e0:2f: 31:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:09:28:23:8D:B2:1E:6A:30:BC:8F:42:DC:A1:BB:A0:35:AD:FE:1F X509v3 Authority Key Identifier: keyid:9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cc:05:75:0a:a4:94:75:16:6c:e6:82:7f:03:5d:b6:32:2d:dc: ed:56:83:5b:b3:fc:29:45:1c:11:c0:14:de:af:94:21:29:a5: ea:48:a7:95:cb:8a:3e:e8:27:55:f4:01:6b:a2:41:87:a9:be: 2e:09:34:b0:11:be:3a:fb:43:59:1c:ad:2b:5f:1d:b3:29:9b: f0:ce:a9:37:2e:92:70:17:a6:08:5c:e7:dc:77:e0:2d:a0:71: 12:65:6b:aa:9a:71:31:be:92:c9:03:4f:d0:94:9a:01:60:85: 6a:76:ed:13:fe:cc:6b:82:e7:94:f8:5a:d2:3f:d1:27:07:1a: 02:62:c3:fd:66:b8:c6:fb:fa:93:97:67:cd:14:d4:8f:ef:17: e2:e7:81:81:ff:49:8b:21:b4:52:04:5f:47:79:e9:1e:0e:76: 6c:aa:e9:65:7d:60:cc:d6:8e:de:78:d7:7a:dc:f5:b4:7c:bd: 29:1d:91:1e:8e:87:e8:42:f6:fb:60:d0:d9:d9:29:e0:86:13: 4c:df:04:bf:50:c6:0f:7e:88:d3:03:61:fa:74:d3:fb:63:8e: a9:b1:97:94:92:4f:53:f1:d8:fd:af:59:09:80:2f:66:05:1a: ce:e5:b8:28:55:c5:37:39:a0:2e:94:f7:2a:d6:58:31:af:bd: de:56:66:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHCuSsOIJ6ToJ1T0NJoEuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNDkyNWU5NzZhZDBiZmI3M2UwOTdkYTY5MTdlODBmNWJj ZTZjOGMwHhcNMjUxMjA2MTAwMTQwWhcNMjUxMjA3MTAwMTQwWjAzMTEwLwYDVQQD Eyg2NTA5MjgyMzhkYjIxZTZhMzBiYzhmNDJkY2ExYmJhMDM1YWRmZTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj23FVWIA/alqLmOG0jGTV05p3Ux eIPyxd1grVgWcwapC6OVxufbfhinUqqewsnr7saOYETSIx/+CeoyNA9GF0Q2wheb 9pwitNPEKleiU+DDbUzQDO0aA7WuZSSiXOqNnIAKb7k4kKlY8HdO+vq63vgrs0g0 jofW/wsUsvtHvKwLbAJ7P86iTJoyjoFDwdI82BboyjSSVh4To+8k9NrN/kPmylp4 CDAZLusHrZusRJ7tLoRcyDqqxjolr/HZTuEOHlOnnGS97HjzCuWAXc1DE8N3dkpJ efQsJRFC9RugQP3Fxoaze6rCgT/0X/4dHZ0jwTNWylrYGrlaFWAO4C8xKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGUJKCONsh5qMLyPQtyhu6A1rf4fMB8GA1UdIwQY MBaAFJ1JJel2rQv7c+CX2mkX6A9bzmyMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYt NGUwOWY5ZTg1NzIzLzEvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYtNGUwOWY5ZTg1NzIz LzEvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzAV1CqSU dRZs5oJ/A122Mi3c7VaDW7P8KUUcEcAU3q+UISml6kinlcuKPugnVfQBa6JBh6m+ Lgk0sBG+OvtDWRytK18dsymb8M6pNy6ScBemCFzn3HfgLaBxEmVrqppxMb6SyQNP 0JSaAWCFanbtE/7Ma4LnlPha0j/RJwcaAmLD/Wa4xvv6k5dnzRTUj+8X4ueBgf9J iyG0UgRfR3npHg52bKrpZX1gzNaO3njXetz1tHy9KR2RHo6H6EL2+2DQ2dkp4IYT TN8Ev1DGD36I0wNh+nTT+2OOqbGXlJJPU/HY/a9ZCYAvZgUazuW4KFXFNzmgLpT3 KtZYMa+93lZmow== -----END CERTIFICATE-----Generated at Sat Dec 6 15:45:35 2025 by rpki-client