This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft File: NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json) Hash identifier: arRbfrNAQmmbMFwlxywPI9h4Ig5yKkGBsDgPnQ+0r7c= Subject key identifier: 84:11:D5:ED:FC:28:66:9A:9E:59:6E:D2:B6:9D:E6:40:18:86:DB:72 Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 Certificate issuer: /CN=3432f3546de43ce35c7871c554b8b30ef635c251 Certificate serial: 019AF19B0DB60570C96B42897874056172BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft Manifest number: 0308 Signing time: Sat 06 Dec 2025 03:01:01 +0000 Manifest this update: Sat 06 Dec 2025 03:01:01 +0000 Manifest next update: Sun 07 Dec 2025 03:01:01 +0000 Files and hashes: 1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: HE7F2n/fX1si7WthOR+C6cPhhuXJg0QJrW5iOufkFfQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:0d:b6:05:70:c9:6b:42:89:78:74:05:61:72:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251 Validity Not Before: Dec 6 03:01:01 2025 GMT Not After : Dec 7 03:01:01 2025 GMT Subject: CN=8411d5edfc28669a9e596ed2b69de6401886db72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1d:ca:84:6b:06:95:fe:31:e9:70:63:d6:b2: 90:9c:63:aa:28:82:ba:2d:ad:1d:f8:2e:fa:fc:14: c6:5e:dd:12:98:42:be:89:0b:7b:34:9e:23:83:90: e5:c8:6d:17:67:3c:57:7d:1d:fe:98:b1:6d:dc:a2: f9:8d:e6:ea:51:22:3b:fe:08:d1:b4:f2:26:e7:3e: 09:71:95:73:0f:89:16:6a:bb:59:d8:c8:39:b9:ed: 4b:36:1a:ad:f8:12:d6:71:88:af:2e:ef:d4:c8:74: a0:dd:eb:37:a1:dd:84:2b:c9:91:3b:b0:2c:e4:f7: 99:3c:ae:c7:50:96:9a:08:c9:b9:f0:ee:95:9d:ce: 2a:10:32:b3:ed:31:8b:4d:08:97:8c:91:54:c0:8b: 49:75:3b:15:ea:79:48:d0:ad:a3:b4:ef:53:f5:ea: 3a:ee:d6:c5:b4:ca:90:77:47:f8:14:59:e8:ac:d5: 0b:54:c8:04:f8:bb:6a:e2:e5:ad:5a:98:a8:d2:e8: 2a:1e:2d:2e:49:05:26:a6:fe:bc:cd:48:c4:cd:68: 98:02:39:76:3e:92:cc:6b:02:4b:11:5d:29:ab:54: f2:79:96:52:34:7b:5e:9a:b6:1a:f5:20:fe:2e:87: ef:29:27:62:a7:73:cf:c5:61:5a:f3:5d:32:b0:4a: 2a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:11:D5:ED:FC:28:66:9A:9E:59:6E:D2:B6:9D:E6:40:18:86:DB:72 X509v3 Authority Key Identifier: keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:7f:5d:17:36:ba:46:af:64:14:06:0d:42:bb:04:73:d8:52: 41:b0:46:8a:b6:63:cd:fd:5a:21:11:10:dd:45:b5:ee:73:ad: 79:12:a3:98:90:cf:80:9e:6c:7f:c8:f4:8f:8c:1f:9d:71:10: 05:74:63:4a:83:0e:39:29:2c:e6:d1:fe:fe:39:a9:e3:a3:f8: 2f:fe:07:5f:6c:7a:e0:27:57:3a:46:d9:57:df:a1:91:00:68: 48:d0:05:ff:8c:96:96:2c:67:c0:97:32:37:ff:44:36:07:00: 72:20:e7:fe:dd:50:b7:5d:cc:0e:a8:27:54:c1:b9:03:a3:65: 64:8e:c3:89:54:50:56:9f:bf:ed:4d:df:b4:db:aa:0f:ba:bf: 89:4a:5e:4d:92:bc:cc:d1:c9:77:01:bd:7c:15:3d:40:54:e8: be:4f:be:7c:a4:90:4c:41:f4:8c:3e:7b:62:dd:70:af:ba:a3: 4d:55:bc:70:9d:c3:11:37:50:10:49:72:d3:92:d4:38:b3:b6: 66:c6:4e:1d:45:70:e9:49:1c:a1:04:ea:ca:c5:12:9c:cd:0e: d8:37:fa:c8:f9:31:ab:69:da:2f:e4:33:f7:20:33:8a:df:df: 71:62:1c:65:bf:12:53:f0:0c:65:c1:d2:9e:68:4d:09:88:b3: 70:56:c8:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmw22BXDJa0KJeHQFYXK7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz NWMyNTEwHhcNMjUxMjA2MDMwMTAxWhcNMjUxMjA3MDMwMTAxWjAzMTEwLwYDVQQD Eyg4NDExZDVlZGZjMjg2NjlhOWU1OTZlZDJiNjlkZTY0MDE4ODZkYjcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux3KhGsGlf4x6XBj1rKQnGOqKIK6 La0d+C76/BTGXt0SmEK+iQt7NJ4jg5DlyG0XZzxXfR3+mLFt3KL5jebqUSI7/gjR tPIm5z4JcZVzD4kWartZ2Mg5ue1LNhqt+BLWcYivLu/UyHSg3es3od2EK8mRO7As 5PeZPK7HUJaaCMm58O6Vnc4qEDKz7TGLTQiXjJFUwItJdTsV6nlI0K2jtO9T9eo6 7tbFtMqQd0f4FFnorNULVMgE+Ltq4uWtWpio0ugqHi0uSQUmpv68zUjEzWiYAjl2 PpLMawJLEV0pq1TyeZZSNHtemrYa9SD+LofvKSdip3PPxWFa810ysEoqxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQR1e38KGaanllu0rad5kAYhttyMB8GA1UdIwQY MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3 LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjn9dFza6 Rq9kFAYNQrsEc9hSQbBGirZjzf1aIREQ3UW17nOteRKjmJDPgJ5sf8j0j4wfnXEQ BXRjSoMOOSks5tH+/jmp46P4L/4HX2x64CdXOkbZV9+hkQBoSNAF/4yWlixnwJcy N/9ENgcAciDn/t1Qt13MDqgnVMG5A6NlZI7DiVRQVp+/7U3ftNuqD7q/iUpeTZK8 zNHJdwG9fBU9QFTovk++fKSQTEH0jD57Yt1wr7qjTVW8cJ3DETdQEEly05LUOLO2 ZsZOHUVw6UkcoQTqysUSnM0O2Df6yPkxq2naL+Qz9yAzit/fcWIcZb8SU/AMZcHS nmhNCYizcFbIvw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:03:54 2025 by rpki-client