This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft File: NufP3RKRk-IZw3ASHKFiUOQptYs.mft (raw, json) Hash identifier: cQ76ZEqFdUaiQuWV/NebIVoPP2+9fGyGR1nwk6fsZgM= Subject key identifier: 35:81:29:FD:FE:95:CD:98:AB:3D:E1:40:C1:E3:2C:28:04:79:A1:59 Authority key identifier: 36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B Certificate issuer: /CN=36e7cfdd129193e219c370121ca16250e429b58b Certificate serial: 019AF19AD88D5C0E4A2C7991F61FC695199F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft Manifest number: 1152 Signing time: Sat 06 Dec 2025 03:00:48 +0000 Manifest this update: Sat 06 Dec 2025 03:00:48 +0000 Manifest next update: Sun 07 Dec 2025 03:00:48 +0000 Files and hashes: 1: NufP3RKRk-IZw3ASHKFiUOQptYs.crl (hash: c4GpUvl/J/EfxsqHHOXy2kTg7snp7d0Ozk5mDogh4TI=) 2: TQTaN9R3PROnWSlPAnOimZ3OkV0.roa (hash: 6MvOdY9qe95Xeb6bYl6JjgUIxMzjpmO+qyLURJWgUDA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.crl rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:d8:8d:5c:0e:4a:2c:79:91:f6:1f:c6:95:19:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36e7cfdd129193e219c370121ca16250e429b58b Validity Not Before: Dec 6 03:00:48 2025 GMT Not After : Dec 7 03:00:48 2025 GMT Subject: CN=358129fdfe95cd98ab3de140c1e32c280479a159 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:4f:46:2a:dc:4f:ed:e6:b5:a9:7e:f3:f6:79: ec:6e:76:fa:d9:ba:cf:62:50:09:5c:03:69:7c:e7: a5:71:94:c5:5f:f1:b8:ba:9a:26:da:eb:6a:6b:e5: 39:73:72:c2:a5:f5:80:7f:04:af:ca:b2:e9:49:d8: 37:92:17:80:fc:ee:2a:b0:6c:9e:09:b0:e6:c5:0b: 88:1f:94:76:e5:a5:4b:9b:08:59:eb:06:26:e1:33: 9c:e3:45:7a:25:c1:28:ef:b3:6d:6c:13:e5:aa:e8: f5:cc:8c:49:da:2c:8b:93:f5:c1:a1:9e:da:b3:0d: a0:53:74:06:70:31:bb:e9:dd:03:53:23:7c:4f:15: 36:81:87:b7:de:16:e7:6c:d8:12:5a:a8:5c:0a:ba: fb:b4:fe:17:16:e3:59:05:c1:0d:3d:cb:1a:a1:bf: 0b:40:01:c3:16:d2:aa:57:a0:e3:5a:e5:a7:7e:74: 33:59:63:8f:de:33:61:65:a0:24:e2:bd:5c:1c:e5: e3:8f:53:90:39:3d:5f:c7:55:d2:10:5e:34:83:2b: e1:0d:7c:63:39:75:3b:5f:4b:02:99:2a:58:3b:13: 96:bd:72:b0:41:97:1f:c8:4f:1d:db:8d:b3:d7:e0: 9a:2c:13:68:27:3b:66:39:72:ff:d9:d3:91:7d:fa: 7d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:81:29:FD:FE:95:CD:98:AB:3D:E1:40:C1:E3:2C:28:04:79:A1:59 X509v3 Authority Key Identifier: keyid:36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:83:88:e7:53:4a:12:54:f9:aa:e9:ea:13:3e:bd:8f:17:b4: de:cd:78:02:d3:95:eb:2a:7a:e7:af:7c:00:09:00:8e:bb:a6: 53:ef:b5:a6:0f:ef:6c:23:b3:96:66:90:32:35:8f:e3:aa:c8: d8:b9:7b:4f:64:92:25:48:11:84:72:29:cd:d3:0a:2c:ab:ac: 5b:ce:bb:20:7b:ca:b1:1f:7e:36:60:d4:46:62:6d:70:fe:24: 59:89:78:19:0d:47:57:97:73:39:0c:f4:bf:15:9d:49:11:3e: 79:1c:69:d3:43:63:ae:be:cd:07:f3:b3:4f:d4:0c:df:0e:42: 47:1d:aa:15:27:60:8d:47:e7:8e:19:1b:04:31:77:55:68:c5: b8:b5:fa:ae:e5:96:e6:a8:12:20:16:89:ec:99:0f:80:23:68: e3:29:12:eb:76:f1:f5:7b:e9:f7:b3:2a:86:f3:88:4c:66:94: c9:50:50:00:9e:bc:fb:98:30:36:cb:f4:53:ca:44:09:50:6b: 37:1d:6c:21:e5:9a:d7:7d:c2:17:bc:37:7b:db:e9:8d:a7:9a: 02:a3:a9:31:31:fa:20:b0:06:bb:39:92:ee:40:43:6a:74:8a: da:12:17:7d:5e:6d:c3:28:9f:81:55:ea:d1:3a:b6:21:6d:57: 8d:73:e3:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmtiNXA5KLHmR9h/GlRmfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZTdjZmRkMTI5MTkzZTIxOWMzNzAxMjFjYTE2MjUwZTQy OWI1OGIwHhcNMjUxMjA2MDMwMDQ4WhcNMjUxMjA3MDMwMDQ4WjAzMTEwLwYDVQQD EygzNTgxMjlmZGZlOTVjZDk4YWIzZGUxNDBjMWUzMmMyODA0NzlhMTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U9GKtxP7ea1qX7z9nnsbnb62brP YlAJXANpfOelcZTFX/G4upom2utqa+U5c3LCpfWAfwSvyrLpSdg3kheA/O4qsGye CbDmxQuIH5R25aVLmwhZ6wYm4TOc40V6JcEo77NtbBPlquj1zIxJ2iyLk/XBoZ7a sw2gU3QGcDG76d0DUyN8TxU2gYe33hbnbNgSWqhcCrr7tP4XFuNZBcENPcsaob8L QAHDFtKqV6DjWuWnfnQzWWOP3jNhZaAk4r1cHOXjj1OQOT1fx1XSEF40gyvhDXxj OXU7X0sCmSpYOxOWvXKwQZcfyE8d242z1+CaLBNoJztmOXL/2dORffp9PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDWBKf3+lc2Yqz3hQMHjLCgEeaFZMB8GA1UdIwQY MBaAFDbnz90SkZPiGcNwEhyhYlDkKbWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWIt ZGQxN2JmZDY3Y2QzLzEvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWItZGQxN2JmZDY3Y2Qz LzEvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYOI51NK ElT5qunqEz69jxe03s14AtOV6yp65698AAkAjrumU++1pg/vbCOzlmaQMjWP46rI 2Ll7T2SSJUgRhHIpzdMKLKusW867IHvKsR9+NmDURmJtcP4kWYl4GQ1HV5dzOQz0 vxWdSRE+eRxp00Njrr7NB/OzT9QM3w5CRx2qFSdgjUfnjhkbBDF3VWjFuLX6ruWW 5qgSIBaJ7JkPgCNo4ykS63bx9Xvp97MqhvOITGaUyVBQAJ68+5gwNsv0U8pECVBr Nx1sIeWa133CF7w3e9vpjaeaAqOpMTH6ILAGuzmS7kBDanSK2hIXfV5twyifgVXq 0Tq2IW1XjXPj1g== -----END CERTIFICATE-----Generated at Sat Dec 6 11:50:56 2025 by rpki-client