This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json) Hash identifier: H3qvdzQS7/yw7AKkorfl+NnqJucSglRQNG9O3tbEGa4= Subject key identifier: 01:80:44:FE:DE:EC:28:84:24:C7:5F:97:0F:45:A7:38:65:E2:64:F7 Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Certificate serial: 019AF19BACC789698D2D96C6449EBA1C9104 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 03:01:42 +0000 Manifest this update: Sat 06 Dec 2025 03:01:42 +0000 Manifest next update: Sun 07 Dec 2025 03:01:42 +0000 Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: uGFUl19IgKqd/0sy6xXWgA+4M+nJ+tj/UEQQFJS6mLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:ac:c7:89:69:8d:2d:96:c6:44:9e:ba:1c:91:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Validity Not Before: Dec 6 03:01:42 2025 GMT Not After : Dec 7 03:01:42 2025 GMT Subject: CN=018044fedeec288424c75f970f45a73865e264f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ca:65:1f:b2:81:7f:25:2d:f6:80:10:a5:06: ee:eb:18:9e:58:48:ad:b0:24:31:f6:04:b8:32:41: c7:03:26:7c:dd:b5:6d:36:92:50:17:01:58:d8:bb: 43:d0:ee:f1:01:b4:24:e7:ed:db:4b:40:81:35:dc: 9b:68:e7:4a:e5:d0:72:8c:bf:a5:64:a6:22:a8:fd: ba:98:d3:38:f8:0f:5d:b9:a3:9d:92:9e:d4:6c:a9: 1d:3a:00:51:7f:b9:96:a7:3e:2d:7c:53:24:06:ff: 5b:2d:f7:88:8f:eb:65:8a:b1:bf:9d:00:33:8d:10: 5e:9a:1c:14:7d:52:e3:e5:1c:f7:e9:c7:30:99:ce: ee:a6:ee:db:eb:f6:3b:55:0d:86:d1:14:64:8b:0a: b7:22:c4:4a:cc:9f:eb:75:03:9a:ba:67:6e:81:c8: 20:fa:1e:d9:dd:7e:4c:d2:5b:14:f2:65:de:3b:6f: 9c:03:5e:63:37:48:43:21:99:69:47:3c:83:2e:12: 97:b6:03:c5:fd:0d:24:06:c3:02:e0:db:3f:a4:e2: 6f:5b:16:58:59:6a:e8:78:e0:ef:c9:42:09:45:0c: 30:15:36:f7:ef:57:e0:9e:9f:1c:2f:18:cb:a6:e0: e3:c8:f0:ef:1a:aa:50:72:8c:96:25:4a:37:2b:f0: 62:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:80:44:FE:DE:EC:28:84:24:C7:5F:97:0F:45:A7:38:65:E2:64:F7 X509v3 Authority Key Identifier: keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:35:fb:b8:49:c8:96:e0:7b:68:2b:3b:e5:3e:0e:44:b9:5e: e2:42:32:f8:5a:97:3e:ff:8c:b3:cb:00:25:d9:cc:3d:54:4c: b8:f4:04:65:23:43:a7:55:7a:19:3d:1a:36:e3:eb:0a:af:51: a1:8b:bd:65:58:7b:58:22:a7:5e:1d:77:0e:c3:15:31:d8:8b: 3e:dc:54:78:f7:8e:53:86:4f:a0:d5:ae:73:b7:59:06:7d:5f: 98:21:83:8b:0f:67:d3:67:cb:b8:f6:d3:59:24:d8:8e:fe:a1: ef:bb:15:7b:5d:5b:e4:ac:ed:65:09:d7:c3:1e:e6:a2:8c:08: da:16:4e:5f:78:3e:63:97:a6:fe:c5:5e:b5:7c:7c:53:73:19: 6c:e7:ba:f2:6c:92:66:73:05:b6:c1:44:9d:1f:cd:c9:de:03: eb:b8:4c:ce:5c:1c:f8:4e:e1:92:ca:48:67:7f:b0:42:f9:4f: 90:c4:00:b2:2c:84:a3:21:e1:5e:90:01:17:64:e8:8b:d5:b8: 55:a4:02:a9:de:df:d0:a5:24:6b:91:8b:9f:d7:9b:77:6e:eb: 2e:65:23:f9:b1:c0:75:59:57:14:56:32:a3:68:cd:6f:d0:9a: d0:9c:e9:ac:d1:3c:b5:46:67:b5:1a:2f:49:a1:0a:1f:f6:ae: 9a:af:ee:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm6zHiWmNLZbGRJ66HJEEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0 ZGQzODUwHhcNMjUxMjA2MDMwMTQyWhcNMjUxMjA3MDMwMTQyWjAzMTEwLwYDVQQD EygwMTgwNDRmZWRlZWMyODg0MjRjNzVmOTcwZjQ1YTczODY1ZTI2NGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMplH7KBfyUt9oAQpQbu6xieWEit sCQx9gS4MkHHAyZ83bVtNpJQFwFY2LtD0O7xAbQk5+3bS0CBNdybaOdK5dByjL+l ZKYiqP26mNM4+A9duaOdkp7UbKkdOgBRf7mWpz4tfFMkBv9bLfeIj+tlirG/nQAz jRBemhwUfVLj5Rz36ccwmc7upu7b6/Y7VQ2G0RRkiwq3IsRKzJ/rdQOaumdugcgg +h7Z3X5M0lsU8mXeO2+cA15jN0hDIZlpRzyDLhKXtgPF/Q0kBsMC4Ns/pOJvWxZY WWroeODvyUIJRQwwFTb371fgnp8cLxjLpuDjyPDvGqpQcoyWJUo3K/Bi4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAGARP7e7CiEJMdflw9Fpzhl4mT3MB8GA1UdIwQY MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4 LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDX7uEnI luB7aCs75T4ORLle4kIy+FqXPv+Ms8sAJdnMPVRMuPQEZSNDp1V6GT0aNuPrCq9R oYu9ZVh7WCKnXh13DsMVMdiLPtxUePeOU4ZPoNWuc7dZBn1fmCGDiw9n02fLuPbT WSTYjv6h77sVe11b5KztZQnXwx7moowI2hZOX3g+Y5em/sVetXx8U3MZbOe68myS ZnMFtsFEnR/Nyd4D67hMzlwc+E7hkspIZ3+wQvlPkMQAsiyEoyHhXpABF2Toi9W4 VaQCqd7f0KUka5GLn9ebd27rLmUj+bHAdVlXFFYyo2jNb9Ca0JzprNE8tUZntRov SaEKH/aumq/uNQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:20:41 2025 by rpki-client