This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft File: nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft (raw, json) Hash identifier: VVvcBYuHjsCAdpg13Yfd9wed8eioBw8xgDMRq3uKZ8s= Subject key identifier: 0E:61:83:64:B3:6D:62:32:E4:85:F4:75:99:CE:EC:A0:6D:58:14:3E Authority key identifier: 9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC Certificate issuer: /CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec Certificate serial: 019AF0BEF6A18FE13C2FCC717B718EB98686 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft Manifest number: 175E Signing time: Fri 05 Dec 2025 23:00:38 +0000 Manifest this update: Fri 05 Dec 2025 23:00:38 +0000 Manifest next update: Sat 06 Dec 2025 23:00:38 +0000 Files and hashes: 1: YH77N0FEznpizquL2OaCl5vYAjI.roa (hash: YndCp+4019jEGglb/4lGICFoI/oofyeIHhlA4OhtUTc=) 2: nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl (hash: W/97hkAdAIcHW1P3frYv7YiWLY97YsbAPzjU7JIHZCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:be:f6:a1:8f:e1:3c:2f:cc:71:7b:71:8e:b9:86:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec Validity Not Before: Dec 5 23:00:38 2025 GMT Not After : Dec 6 23:00:38 2025 GMT Subject: CN=0e618364b36d6232e485f47599ceeca06d58143e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c8:2b:20:67:c5:7a:c8:9e:68:92:44:92:8f: 9f:4a:1f:c8:14:cf:fc:2e:c6:3c:a7:78:62:63:89: 28:b4:6b:c7:92:08:39:0b:11:2c:3a:0e:e1:de:a5: 87:a2:61:69:6f:03:d9:e7:3e:d4:2d:bb:14:60:ef: 04:83:00:51:a1:75:10:ee:fb:47:e3:a5:66:86:68: 72:90:a8:10:a0:86:6b:82:df:43:91:62:79:3e:b4: 0d:3f:a5:02:9c:5b:03:bc:ec:d0:c4:a9:17:7c:b0: 12:4b:f7:41:c9:6f:2e:73:ef:a1:03:99:d9:cb:e6: cd:c9:b3:ed:e1:2a:06:30:65:e1:e5:00:75:35:b4: fa:ab:52:c2:90:ee:6d:8d:7e:4a:b5:ab:3d:9e:a6: b4:91:dc:42:44:73:f1:ca:81:1d:19:d7:d4:e7:54: dd:15:50:88:82:3c:74:ca:df:22:79:e6:dd:07:92: d1:08:1f:83:00:c9:5c:52:ff:a2:77:3d:ff:5c:77: b5:bc:f1:2e:4f:53:e2:b3:67:50:21:67:7b:97:a5: ed:f0:80:7e:7d:1b:09:c9:28:ed:4c:d2:fd:3f:67: 9e:da:70:f9:a3:33:c7:5b:b3:00:15:c1:b6:61:15: d1:fc:4d:dd:8d:b6:ae:37:fd:27:a8:4b:66:1d:10: 11:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:61:83:64:B3:6D:62:32:E4:85:F4:75:99:CE:EC:A0:6D:58:14:3E X509v3 Authority Key Identifier: keyid:9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:20:b9:f8:22:c8:66:80:06:dd:61:44:92:c2:40:72:dd:23: 2a:ef:73:a2:64:4e:c5:dd:b4:b2:a8:7c:55:bc:10:7e:0e:5e: 60:89:ac:a6:70:8e:c6:e1:6f:5e:37:8e:7d:a4:3c:dd:dc:5b: 8d:e8:aa:5a:a6:49:18:2d:5e:e5:1f:33:65:fa:bc:21:ad:3d: c6:68:38:30:cb:40:7c:ca:01:b6:83:f4:a0:3c:c5:4a:dd:88: 73:63:69:da:15:34:fa:55:ca:f7:2d:83:79:5e:fe:9b:0d:da: e3:82:d4:a8:4d:6e:bf:0b:5f:d5:87:81:12:47:d0:08:34:94: 71:cb:17:8c:b6:8c:20:e1:9e:0d:e7:39:db:c6:39:1b:37:a4: 4d:5c:47:cd:3a:dc:63:a2:0e:04:a4:af:4d:b3:a4:13:f5:47: 00:f9:e1:55:a5:f4:a4:74:ea:e9:c2:75:0c:d1:4c:6d:70:aa: c0:a7:a1:f3:10:c9:40:09:31:2f:0d:8e:8e:8f:49:94:a4:39: 7b:6d:2f:b3:4f:26:25:5f:a8:69:11:01:d8:4c:45:74:39:ba: 0c:da:ae:ed:af:06:b4:85:3b:a3:4e:f3:78:3e:84:7c:1b:3f: a2:4a:24:ee:f2:f2:42:de:85:11:86:58:1a:d2:bb:7c:c3:2e: 99:15:2b:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvvahj+E8L8xxe3GOuYaGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkZmUzMGEwMTQ3ODQ2MjVkYjJjOWRjOTBhZTNjZTE1ZTU0 YTg4ZWMwHhcNMjUxMjA1MjMwMDM4WhcNMjUxMjA2MjMwMDM4WjAzMTEwLwYDVQQD EygwZTYxODM2NGIzNmQ2MjMyZTQ4NWY0NzU5OWNlZWNhMDZkNTgxNDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8grIGfFesieaJJEko+fSh/IFM/8 LsY8p3hiY4kotGvHkgg5CxEsOg7h3qWHomFpbwPZ5z7ULbsUYO8EgwBRoXUQ7vtH 46VmhmhykKgQoIZrgt9DkWJ5PrQNP6UCnFsDvOzQxKkXfLASS/dByW8uc++hA5nZ y+bNybPt4SoGMGXh5QB1NbT6q1LCkO5tjX5Ktas9nqa0kdxCRHPxyoEdGdfU51Td FVCIgjx0yt8ieebdB5LRCB+DAMlcUv+idz3/XHe1vPEuT1Pis2dQIWd7l6Xt8IB+ fRsJySjtTNL9P2ee2nD5ozPHW7MAFcG2YRXR/E3djbauN/0nqEtmHRARzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA5hg2SzbWIy5IX0dZnO7KBtWBQ+MB8GA1UdIwQY MBaAFJ3+MKAUeEYl2yydyQrjzhXlSojsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTIt NjA0ZTIzNzQ3NzY5LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTItNjA0ZTIzNzQ3NzY5 LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAliC5+CLI ZoAG3WFEksJAct0jKu9zomROxd20sqh8VbwQfg5eYImspnCOxuFvXjeOfaQ83dxb jeiqWqZJGC1e5R8zZfq8Ia09xmg4MMtAfMoBtoP0oDzFSt2Ic2Np2hU0+lXK9y2D eV7+mw3a44LUqE1uvwtf1YeBEkfQCDSUccsXjLaMIOGeDec528Y5GzekTVxHzTrc Y6IOBKSvTbOkE/VHAPnhVaX0pHTq6cJ1DNFMbXCqwKeh8xDJQAkxLw2Ojo9JlKQ5 e20vs08mJV+oaREB2ExFdDm6DNqu7a8GtIU7o07zeD6EfBs/okok7vLyQt6FEYZY GtK7fMMumRUrGA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:23:23 2025 by rpki-client