This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json) Hash identifier: 5U4IU+FDkx/9aHNOmvYdbUqnDue6e3t3bt3ietH0qX8= Subject key identifier: D1:D7:C3:11:1F:01:EF:63:72:E9:04:01:A7:5D:3B:2B:56:BA:80:09 Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Certificate serial: 019AF12D4172E00073B635D2884FF7E98C65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft Manifest number: 09D9 Signing time: Sat 06 Dec 2025 01:01:06 +0000 Manifest this update: Sat 06 Dec 2025 01:01:06 +0000 Manifest next update: Sun 07 Dec 2025 01:01:06 +0000 Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=) 2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: k0KFONvrQz+bGPGj1Wy29fdZOmfLvUzoY7rg///cdT0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:41:72:e0:00:73:b6:35:d2:88:4f:f7:e9:8c:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Validity Not Before: Dec 6 01:01:06 2025 GMT Not After : Dec 7 01:01:06 2025 GMT Subject: CN=d1d7c3111f01ef6372e90401a75d3b2b56ba8009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:81:bb:83:52:76:0e:a0:83:22:6b:db:cc:90: d5:c0:1d:25:17:75:a9:d8:68:b8:06:f2:07:43:80: fd:5c:04:f0:91:60:07:04:43:c5:df:ec:6d:5a:d3: 06:04:71:bd:46:f7:58:94:e8:7c:9a:63:00:41:0e: 50:5b:90:05:67:27:ca:4a:42:2f:56:eb:80:8c:f5: 54:b9:3e:53:3c:54:1b:51:e6:fe:51:86:6b:20:fc: 57:28:4a:94:68:ea:4d:85:e2:51:d0:24:07:42:dc: 12:07:50:8e:9a:57:6b:69:74:17:4b:ed:69:cc:36: 62:87:19:27:fb:eb:7c:8a:c4:25:e0:74:53:41:2c: ca:e0:99:c6:65:06:48:b2:6a:cd:12:61:53:d7:b7: d5:d3:c9:62:49:d1:38:84:24:a0:1c:b4:08:51:cd: 60:10:e9:0d:62:61:6a:d0:11:7c:f1:0c:36:ab:01: 26:8f:c2:b6:6e:c6:69:e4:8a:3c:ef:31:4d:67:fa: a5:a0:34:2d:5d:86:a0:af:41:6e:ad:e7:b3:b3:0a: 48:79:31:e7:a9:15:08:c5:f2:d4:97:0f:5a:04:89: 18:76:f8:de:1c:d6:85:49:a8:e0:b2:6c:52:72:bb: a7:7f:c6:a5:6e:b0:2f:c3:e0:29:84:58:90:67:25: a9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:D7:C3:11:1F:01:EF:63:72:E9:04:01:A7:5D:3B:2B:56:BA:80:09 X509v3 Authority Key Identifier: keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:f2:41:f4:f6:4e:03:c2:c0:de:bb:f5:7f:5c:f1:e7:2a:98: 35:e0:04:33:08:2e:0f:cf:b3:29:1a:a5:a3:dc:a2:a0:90:06: 25:37:cb:74:30:77:a2:56:2d:5d:fa:3b:10:58:6d:4e:76:fa: 56:e8:81:52:33:78:7f:b8:be:9b:05:6f:73:0b:5c:30:e2:1a: 75:9a:24:21:e8:ac:86:3f:39:05:ae:b5:e2:a4:22:4e:88:74: 0c:e8:40:c3:d7:92:ac:f9:b0:c7:00:44:16:cb:e0:0b:f7:8a: ff:1a:1b:8a:e7:2d:69:1f:f6:c0:84:86:ed:09:16:0d:47:97: bb:67:b8:bd:1d:9f:16:8c:f0:7c:1e:73:d3:c5:56:4b:bd:4b: 6a:40:b2:39:68:23:49:2a:3b:2e:b9:9b:08:c8:a1:99:d9:49: c5:be:0d:f0:cf:b6:6c:1c:f2:be:2d:db:68:60:5e:17:6e:89: e5:d0:b0:ee:ff:3c:80:4e:65:e0:b5:62:62:75:57:dd:06:31: 0e:86:1c:81:1d:74:92:42:40:0f:38:fa:ec:1c:a8:0b:79:a1: d1:b6:02:41:8c:e1:59:8a:a8:38:b4:aa:db:03:5c:bd:70:36: 0a:af:08:94:8c:89:ba:ce:a4:a8:e7:38:63:29:24:ab:68:5f: 3c:a2:83:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLUFy4ABztjXSiE/36YxlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx ZTkxYTAwHhcNMjUxMjA2MDEwMTA2WhcNMjUxMjA3MDEwMTA2WjAzMTEwLwYDVQQD EyhkMWQ3YzMxMTFmMDFlZjYzNzJlOTA0MDFhNzVkM2IyYjU2YmE4MDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIG7g1J2DqCDImvbzJDVwB0lF3Wp 2Gi4BvIHQ4D9XATwkWAHBEPF3+xtWtMGBHG9RvdYlOh8mmMAQQ5QW5AFZyfKSkIv VuuAjPVUuT5TPFQbUeb+UYZrIPxXKEqUaOpNheJR0CQHQtwSB1COmldraXQXS+1p zDZihxkn++t8isQl4HRTQSzK4JnGZQZIsmrNEmFT17fV08liSdE4hCSgHLQIUc1g EOkNYmFq0BF88Qw2qwEmj8K2bsZp5Io87zFNZ/qloDQtXYagr0FureezswpIeTHn qRUIxfLUlw9aBIkYdvjeHNaFSajgsmxScrunf8albrAvw+AphFiQZyWpkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNHXwxEfAe9jcukEAaddOytWuoAJMB8GA1UdIwQY MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0 LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfJB9PZO A8LA3rv1f1zx5yqYNeAEMwguD8+zKRqlo9yioJAGJTfLdDB3olYtXfo7EFhtTnb6 VuiBUjN4f7i+mwVvcwtcMOIadZokIeishj85Ba614qQiToh0DOhAw9eSrPmwxwBE FsvgC/eK/xobiuctaR/2wISG7QkWDUeXu2e4vR2fFozwfB5z08VWS71LakCyOWgj SSo7LrmbCMihmdlJxb4N8M+2bBzyvi3baGBeF26J5dCw7v88gE5l4LViYnVX3QYx DoYcgR10kkJADzj67ByoC3mh0bYCQYzhWYqoOLSq2wNcvXA2Cq8IlIyJus6kqOc4 Yykkq2hfPKKDtg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:33:02 2025 by rpki-client