This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft File: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json) Hash identifier: r5h8gr6ARg9qAW2/J9q2lCVMy42fiDTytYgs64r30sA= Subject key identifier: 6E:05:45:EB:E0:D2:D9:31:EC:50:D7:16:73:05:53:5D:0A:2F:4C:AD Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 Certificate issuer: /CN=3541e9d600daab653543725cf1f9cf988b50d879 Certificate serial: 019AF19ACAE70EE87BC1A116198793FEB9CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft Manifest number: 0BC3 Signing time: Sat 06 Dec 2025 03:00:44 +0000 Manifest this update: Sat 06 Dec 2025 03:00:44 +0000 Manifest next update: Sun 07 Dec 2025 03:00:44 +0000 Files and hashes: 1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: kyzqIgomal5YVMprrSdAdtjeuePiNp0Kx7/XnG3IwZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:ca:e7:0e:e8:7b:c1:a1:16:19:87:93:fe:b9:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879 Validity Not Before: Dec 6 03:00:44 2025 GMT Not After : Dec 7 03:00:44 2025 GMT Subject: CN=6e0545ebe0d2d931ec50d7167305535d0a2f4cad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:27:30:e8:69:dc:fc:95:30:81:a3:c8:7b:5a: 50:fc:2d:5e:73:7d:2a:ea:99:18:1a:2b:57:8b:a3: d2:99:1b:7b:0f:f3:dd:e9:f2:c6:98:64:5a:82:34: 88:a1:6c:6a:01:a3:76:15:86:a1:6a:d4:f3:cf:c9: 95:7f:93:bd:01:73:e0:db:16:ef:83:06:3b:e2:9a: 9e:e3:6e:76:7d:70:02:db:4c:bd:50:99:54:61:c9: 8b:b2:93:60:b3:0e:50:c2:b3:ca:b2:9b:67:d0:ba: a5:41:dd:11:e7:44:4e:ce:67:83:44:3f:ff:9c:1a: 69:bd:83:af:98:5f:4d:12:75:e0:d4:c1:af:13:b9: 72:b4:1d:b1:20:d9:ed:d7:0c:cc:1a:55:96:2b:37: 71:8b:2c:d0:e7:69:72:ac:a2:e7:9f:f4:0e:50:bd: e2:26:90:bc:83:29:3e:ea:f0:67:2a:3b:0d:c0:5e: e4:96:3b:38:ea:1c:67:18:4b:ea:a7:c3:c6:7f:3a: 31:c1:b9:a4:1f:6b:5a:00:54:3d:f4:fa:7a:05:8c: e2:66:45:58:01:ec:32:cb:7b:b6:16:5f:b6:c6:58: df:95:f1:72:ff:d3:1e:e4:d3:cc:13:e9:e5:b4:78: e9:dd:60:d0:d5:62:2d:ab:3a:da:a7:dc:e3:88:a7: 6d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:05:45:EB:E0:D2:D9:31:EC:50:D7:16:73:05:53:5D:0A:2F:4C:AD X509v3 Authority Key Identifier: keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:13:5b:b6:04:fa:6c:be:79:4d:09:ea:0b:65:31:a5:f4:c0: 99:4f:c4:69:e1:20:92:af:f8:95:69:df:d5:3d:d7:33:8e:e3: ae:b2:5f:1e:1a:0a:70:7a:c2:ff:a5:1b:a0:85:6c:f0:f5:6b: 60:5f:cd:b4:57:4f:c8:5a:96:5a:3c:1e:a4:f4:fa:04:98:16: 9c:a5:df:40:a1:16:7c:ba:23:01:93:43:89:b5:73:0a:e7:d2: d7:4c:45:1f:8f:6d:c6:4d:80:78:c2:8b:95:e1:ce:d5:8d:45: 9d:d5:36:4f:2e:0b:cd:da:11:aa:0c:59:d5:f1:db:21:e2:0e: 21:e6:7d:c8:11:67:71:7a:60:01:46:5f:0f:49:7b:4e:54:a1: d0:60:47:17:c1:b0:58:f1:0b:40:a8:9f:5c:3e:aa:be:7d:48: 52:65:33:8b:1d:b3:a5:db:06:39:41:d0:5b:1c:4f:6a:da:8c: 15:07:2f:16:bb:d2:e3:9d:51:78:e4:73:0c:8d:a0:c8:f2:01: 56:80:23:49:38:47:c3:f4:ec:64:78:91:04:f8:85:4c:18:75: c8:3b:b1:40:84:59:f4:52:28:4b:8f:5c:df:d5:6d:2a:bd:a7: 04:58:1d:fd:f5:45:e1:4e:23:2f:37:86:f3:d4:21:9c:6b:d2: 16:67:66:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmsrnDuh7waEWGYeT/rnKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1 MGQ4NzkwHhcNMjUxMjA2MDMwMDQ0WhcNMjUxMjA3MDMwMDQ0WjAzMTEwLwYDVQQD Eyg2ZTA1NDVlYmUwZDJkOTMxZWM1MGQ3MTY3MzA1NTM1ZDBhMmY0Y2FkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuScw6Gnc/JUwgaPIe1pQ/C1ec30q 6pkYGitXi6PSmRt7D/Pd6fLGmGRagjSIoWxqAaN2FYahatTzz8mVf5O9AXPg2xbv gwY74pqe4252fXAC20y9UJlUYcmLspNgsw5QwrPKsptn0LqlQd0R50ROzmeDRD// nBppvYOvmF9NEnXg1MGvE7lytB2xINnt1wzMGlWWKzdxiyzQ52lyrKLnn/QOUL3i JpC8gyk+6vBnKjsNwF7kljs46hxnGEvqp8PGfzoxwbmkH2taAFQ99Pp6BYziZkVY Aewyy3u2Fl+2xljflfFy/9Me5NPME+nltHjp3WDQ1WItqzrap9zjiKdt4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG4FRevg0tkx7FDXFnMFU10KL0ytMB8GA1UdIwQY MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAohNbtgT6 bL55TQnqC2UxpfTAmU/EaeEgkq/4lWnf1T3XM47jrrJfHhoKcHrC/6UboIVs8PVr YF/NtFdPyFqWWjwepPT6BJgWnKXfQKEWfLojAZNDibVzCufS10xFH49txk2AeMKL leHO1Y1FndU2Ty4LzdoRqgxZ1fHbIeIOIeZ9yBFncXpgAUZfD0l7TlSh0GBHF8Gw WPELQKifXD6qvn1IUmUzix2zpdsGOUHQWxxPatqMFQcvFrvS451ReORzDI2gyPIB VoAjSThHw/TsZHiRBPiFTBh1yDuxQIRZ9FIoS49c39VtKr2nBFgd/fVF4U4jLzeG 89QhnGvSFmdmUw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:13 2025 by rpki-client