This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft File: NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json) Hash identifier: Z7YoMqO6E/ezWvqO1w0OhvjSKGk2nYbEBJIZUOPRm6Y= Subject key identifier: 47:CB:63:D0:F1:98:18:5E:AF:00:28:64:D0:AB:22:EF:DC:98:24:80 Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 Certificate issuer: /CN=3432f3546de43ce35c7871c554b8b30ef635c251 Certificate serial: 019B2F67EB45D49AE623163B36FDEF0E3BA0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft Manifest number: 0328 Signing time: Thu 18 Dec 2025 03:01:38 +0000 Manifest this update: Thu 18 Dec 2025 03:01:38 +0000 Manifest next update: Fri 19 Dec 2025 03:01:38 +0000 Files and hashes: 1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: rGJ74cXoXwrQjA6px3Qh4K2vVjaIAIN+VO1JK+3Hqt4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 03:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:eb:45:d4:9a:e6:23:16:3b:36:fd:ef:0e:3b:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251 Validity Not Before: Dec 18 03:01:38 2025 GMT Not After : Dec 19 03:01:38 2025 GMT Subject: CN=47cb63d0f198185eaf002864d0ab22efdc982480 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:29:10:21:bd:21:9a:21:96:c3:66:bb:f0:8f: 88:92:ee:78:56:7c:89:b3:b2:ed:37:cd:5c:88:90: 4b:8f:38:32:3f:0d:22:04:16:95:7d:64:e2:2d:e1: e0:23:d1:03:1b:83:15:23:92:16:17:39:6b:43:19: ef:a0:54:7f:6c:d9:06:7f:68:09:42:0d:58:0d:3b: 19:0f:48:97:bb:2d:12:5c:14:31:e5:48:85:e8:1a: d8:66:7a:53:14:ae:18:1c:ec:a7:bb:2f:51:cc:56: 10:3b:39:4e:bc:be:19:ed:b6:4d:33:ec:f6:d1:a9: b9:e4:1c:f4:64:9d:e3:a0:ff:5c:1f:5c:dd:03:56: 9f:3d:27:d9:eb:1b:ae:9d:b0:46:a1:96:61:22:38: 8d:7c:19:c8:cc:c2:7f:bf:62:80:c8:1f:86:ea:1b: 09:a6:da:00:59:54:15:3d:1b:09:5b:d7:77:a1:44: fd:eb:51:78:0f:73:62:43:2a:bd:8b:12:8f:8f:64: 13:ff:a8:b3:18:83:03:b2:70:3a:54:c0:89:2d:54: d2:42:7b:42:18:3b:e0:99:64:aa:bb:59:e9:06:5b: 44:79:a9:e2:ed:a5:40:94:1d:c3:52:e0:12:30:74: f5:ed:c5:4a:97:ab:f3:53:a2:bf:7c:ac:26:fc:9d: e0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:CB:63:D0:F1:98:18:5E:AF:00:28:64:D0:AB:22:EF:DC:98:24:80 X509v3 Authority Key Identifier: keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:bc:7a:22:cb:d8:04:49:b4:a6:8c:33:8f:8f:25:eb:24:e9: d2:8a:11:bc:43:cc:2b:5a:d3:c2:77:4e:72:a3:41:a6:5b:75: 51:f8:ee:5f:89:4e:4b:78:5f:23:19:ac:fe:88:8d:ea:ac:e0: d8:23:54:d8:86:f9:fb:48:e3:b8:cb:f0:95:ba:da:de:7b:be: c0:32:5e:fd:44:d5:42:9c:f1:83:a2:2a:f2:68:d1:84:1a:c0: 33:16:5a:d4:3d:d1:20:d6:0d:75:31:b4:06:f2:9f:08:88:ed: df:a5:07:eb:0d:c4:a7:6a:59:2f:15:9c:4e:2c:c7:7c:5d:92: eb:40:32:8e:07:a0:33:e6:28:9f:72:41:82:10:f2:13:1d:ff: 65:a1:e5:22:4a:1b:51:d5:57:ab:76:46:fd:fd:02:3f:89:ce: 3a:61:a0:cf:01:e1:d0:2d:24:9f:d5:07:36:e6:81:11:8a:f3: 7b:d9:35:3d:c8:d6:a4:1f:ad:0c:d6:d7:a0:7d:f1:2d:ce:67: e3:b1:69:95:0f:48:2d:a2:19:94:56:77:fb:fd:82:a3:1c:3e: e6:c2:ef:c8:d3:5b:72:c6:5a:3f:0a:b4:69:b3:fe:5b:3e:bc: f1:90:a8:d0:62:14:b4:bc:e0:82:c4:4c:5c:3c:6f:42:f7:0c: 3d:0a:59:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZ+tF1JrmIxY7Nv3vDjugMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz NWMyNTEwHhcNMjUxMjE4MDMwMTM4WhcNMjUxMjE5MDMwMTM4WjAzMTEwLwYDVQQD Eyg0N2NiNjNkMGYxOTgxODVlYWYwMDI4NjRkMGFiMjJlZmRjOTgyNDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSkQIb0hmiGWw2a78I+Iku54VnyJ s7LtN81ciJBLjzgyPw0iBBaVfWTiLeHgI9EDG4MVI5IWFzlrQxnvoFR/bNkGf2gJ Qg1YDTsZD0iXuy0SXBQx5UiF6BrYZnpTFK4YHOynuy9RzFYQOzlOvL4Z7bZNM+z2 0am55Bz0ZJ3joP9cH1zdA1afPSfZ6xuunbBGoZZhIjiNfBnIzMJ/v2KAyB+G6hsJ ptoAWVQVPRsJW9d3oUT961F4D3NiQyq9ixKPj2QT/6izGIMDsnA6VMCJLVTSQntC GDvgmWSqu1npBltEeani7aVAlB3DUuASMHT17cVKl6vzU6K/fKwm/J3gvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEfLY9DxmBherwAoZNCrIu/cmCSAMB8GA1UdIwQY MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3 LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATrx6IsvY BEm0powzj48l6yTp0ooRvEPMK1rTwndOcqNBplt1UfjuX4lOS3hfIxms/oiN6qzg 2CNU2Ib5+0jjuMvwlbra3nu+wDJe/UTVQpzxg6Iq8mjRhBrAMxZa1D3RINYNdTG0 BvKfCIjt36UH6w3Ep2pZLxWcTizHfF2S60AyjgegM+Yon3JBghDyEx3/ZaHlIkob UdVXq3ZG/f0CP4nOOmGgzwHh0C0kn9UHNuaBEYrze9k1PcjWpB+tDNbXoH3xLc5n 47FplQ9ILaIZlFZ3+/2Coxw+5sLvyNNbcsZaPwq0abP+Wz688ZCo0GIUtLzggsRM XDxvQvcMPQpZLQ== -----END CERTIFICATE-----Generated at Thu Dec 18 09:56:05 2025 by rpki-client