This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft File: nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json) Hash identifier: 0W1D9P1l8WKZrhNc0WfT4PUKEpPXUJNMA6761p4NjaA= Subject key identifier: 84:02:B3:94:B8:89:2A:DF:92:18:9D:83:97:49:69:37:D6:32:DB:1B Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22 Certificate issuer: /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22 Certificate serial: 019AF12DD4797EA83D703645F2930D65E041 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft Manifest number: 175B Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: dPGZeM88+quE42fOyN4nFjdBeCeLnQJGN89L7fpuHUg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d4:79:7e:a8:3d:70:36:45:f2:93:0d:65:e0:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=8402b394b8892adf92189d8397496937d632db1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:06:f6:57:24:b3:a3:6a:47:89:f2:4c:13:08: bd:64:e5:e3:5c:e9:31:64:6b:8b:8e:48:21:08:4f: 62:81:96:ae:54:50:a0:78:c5:b2:c8:2c:0e:50:8c: 3b:e0:4a:6a:ee:f4:32:cc:e2:18:5e:d3:55:e5:b3: d0:9c:1a:96:70:f3:ca:cf:07:29:10:2b:82:88:2e: 3c:b7:4d:4f:29:fc:dd:b2:0a:1b:1d:49:0a:34:3c: 9f:71:cc:aa:31:98:ac:26:bd:1f:bc:1c:20:78:12: b1:17:6b:30:85:5d:b5:0a:36:70:bf:2b:ea:1b:d4: 7a:3f:90:42:74:c6:63:7c:ca:3a:50:cf:e2:4f:d2: 4e:d0:52:d7:83:8f:94:bf:4e:97:78:95:a2:f7:be: 19:53:06:4f:bf:40:b5:29:ae:1b:a4:20:d7:70:05: 7c:9b:27:d5:4e:2e:61:15:18:92:19:cf:2e:0d:f4: 2a:7e:2c:54:a6:53:6d:01:2e:9d:ef:9e:7d:aa:82: 01:b6:be:bd:8c:2c:fd:3f:b8:45:58:45:01:1d:85: 18:0b:9c:8e:b4:e5:5a:78:de:7b:dc:89:06:ca:1f: 6f:e2:71:45:34:b3:9e:2f:73:cd:e8:2f:72:ee:42: e7:7c:c2:29:72:f2:a5:d3:35:0a:aa:7c:24:35:e6: 39:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:02:B3:94:B8:89:2A:DF:92:18:9D:83:97:49:69:37:D6:32:DB:1B X509v3 Authority Key Identifier: keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:5e:3f:6e:ee:91:80:56:3c:3e:d3:5b:d8:c1:f8:75:14:c2: 9b:53:fb:4e:22:fc:a7:e4:e0:70:3a:51:80:54:7c:ec:fc:6f: 0b:87:56:62:8c:8d:21:d3:97:0c:77:76:e5:e7:26:52:55:ff: 8b:2a:9d:e9:fa:94:d1:c4:6c:9a:90:b6:64:a6:1c:d5:ea:17: f8:ae:2b:ce:03:8e:55:45:57:9b:c7:9c:53:2d:70:a9:f2:13: 0e:ea:1c:0d:68:7d:38:73:f7:76:dc:46:1e:02:14:3a:c0:6b: 8f:a4:a1:66:5e:59:f9:ed:e7:f9:e7:09:4e:e7:33:89:77:50: f0:8a:a6:8f:2f:49:13:ac:18:e0:7d:85:70:c7:f5:10:be:54: 27:50:cc:9c:21:98:87:6f:be:ef:47:24:77:0e:0e:d7:d0:2c: ed:4b:d5:3c:1d:c3:6d:58:f6:c3:4a:21:ba:d1:56:f8:e6:34: 52:5e:ae:92:49:39:6e:58:f0:bc:c4:d0:2c:da:dc:a1:f9:4a: 5f:12:8d:20:d9:3e:7d:cb:e2:3b:2b:0d:b3:d4:5f:14:65:df: e3:c9:1d:f4:71:5d:51:e2:de:11:bf:92:1a:b3:f9:70:16:b2: e3:7d:99:20:a5:7b:21:8e:9b:65:f6:eb:e1:26:4c:3b:79:90: 77:4d:ca:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdR5fqg9cDZF8pMNZeBBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2 NzJhMjIwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD Eyg4NDAyYjM5NGI4ODkyYWRmOTIxODlkODM5NzQ5NjkzN2Q2MzJkYjFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQb2VySzo2pHifJMEwi9ZOXjXOkx ZGuLjkghCE9igZauVFCgeMWyyCwOUIw74Epq7vQyzOIYXtNV5bPQnBqWcPPKzwcp ECuCiC48t01PKfzdsgobHUkKNDyfccyqMZisJr0fvBwgeBKxF2swhV21CjZwvyvq G9R6P5BCdMZjfMo6UM/iT9JO0FLXg4+Uv06XeJWi974ZUwZPv0C1Ka4bpCDXcAV8 myfVTi5hFRiSGc8uDfQqfixUplNtAS6d7559qoIBtr69jCz9P7hFWEUBHYUYC5yO tOVaeN573IkGyh9v4nFFNLOeL3PN6C9y7kLnfMIpcvKl0zUKqnwkNeY52wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQCs5S4iSrfkhidg5dJaTfWMtsbMB8GA1UdIwQY MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh14/bu6R gFY8PtNb2MH4dRTCm1P7TiL8p+TgcDpRgFR87PxvC4dWYoyNIdOXDHd25ecmUlX/ iyqd6fqU0cRsmpC2ZKYc1eoX+K4rzgOOVUVXm8ecUy1wqfITDuocDWh9OHP3dtxG HgIUOsBrj6ShZl5Z+e3n+ecJTucziXdQ8Iqmjy9JE6wY4H2FcMf1EL5UJ1DMnCGY h2++70ckdw4O19As7UvVPB3DbVj2w0ohutFW+OY0Ul6ukkk5bljwvMTQLNrcoflK XxKNINk+fcviOysNs9RfFGXf48kd9HFdUeLeEb+SGrP5cBay432ZIKV7IY6bZfbr 4SZMO3mQd03Ktw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:25:49 2025 by rpki-client