This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft File: nlY8Qm0ark7R5_WVNnSQIgiehHk.mft (raw, json) Hash identifier: 3UgSfLFB8mtrPeMlguB43faH4Qiox/qdPipOtrC46S8= Subject key identifier: C0:51:52:2B:E3:6D:71:26:B5:B0:00:9C:23:9C:66:24:07:52:33:E3 Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79 Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479 Certificate serial: 019AF2AD38EEA59401732CD77A777A527E0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft Manifest number: 0C23 Signing time: Sat 06 Dec 2025 08:00:29 +0000 Manifest this update: Sat 06 Dec 2025 08:00:29 +0000 Manifest next update: Sun 07 Dec 2025 08:00:29 +0000 Files and hashes: 1: DLPCyIKM7jz79PsqVnrxNoMgYXE.roa (hash: +QgaTeTZpZ2fDtls8hcOtAF0lYWHQbDmqjy56TBm3AY=) 2: nlY8Qm0ark7R5_WVNnSQIgiehHk.crl (hash: yXA951IIMBwpwU4kE6ckesbud+LEPXviYQhmKmt9+W8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:38:ee:a5:94:01:73:2c:d7:7a:77:7a:52:7e:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479 Validity Not Before: Dec 6 08:00:29 2025 GMT Not After : Dec 7 08:00:29 2025 GMT Subject: CN=c051522be36d7126b5b0009c239c6624075233e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:28:77:36:7c:65:e0:c5:bf:45:00:9e:d2:2f: 8b:dd:09:74:43:86:93:f5:5b:8f:1a:41:6a:78:2e: 6b:9a:93:c5:eb:c4:78:98:65:5f:14:6f:c9:45:06: f1:8b:1d:63:3c:cc:3c:67:c5:80:12:d1:62:40:5e: 90:e2:1a:8d:58:90:3f:1e:ad:21:ad:73:ed:54:85: 4e:d4:16:98:f6:3f:e9:98:1f:da:cf:84:be:eb:e1: 5e:c0:77:39:78:be:49:be:88:dc:34:14:e3:e3:0a: d7:72:d4:b1:ef:a9:1a:a3:d6:41:aa:87:15:b5:34: e2:dc:26:9a:76:bf:85:68:ea:0b:92:9d:43:68:73: 93:de:bf:5a:ea:37:93:84:87:75:45:c0:ea:a4:fd: 3f:df:e2:80:f6:c1:e4:44:82:71:03:b5:42:c8:ad: f5:8a:cd:cb:0c:0d:12:e2:c6:a8:00:ec:e9:a0:71: 3c:d2:d3:69:0e:d6:0f:67:6d:e0:7a:fa:74:10:fc: e8:60:41:65:5f:28:35:9f:33:f5:23:4a:1e:4e:16: d3:86:9d:4f:eb:d5:53:5a:6c:2b:bb:20:37:e7:9a: 2d:5d:bb:ee:ec:c6:a7:70:4b:05:c9:c7:7a:80:fd: da:fc:57:30:50:f4:58:d3:cd:0f:6d:a3:9e:76:9f: 48:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:51:52:2B:E3:6D:71:26:B5:B0:00:9C:23:9C:66:24:07:52:33:E3 X509v3 Authority Key Identifier: keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:65:83:99:51:2c:61:0d:9e:be:db:b9:2d:60:6a:bf:4e:7a: 36:29:09:88:2c:06:17:8b:c9:a5:a2:4b:33:ef:7d:d0:1c:3a: 94:a6:89:5e:dc:0d:d8:47:03:0f:3a:32:9d:68:36:97:9d:48: 80:63:6d:e9:ac:c3:63:77:ba:07:f4:4b:c1:45:41:64:3e:ca: b3:32:96:be:06:3b:de:7b:95:0c:7b:eb:22:94:98:50:62:ef: bb:9d:dd:bc:49:ba:46:a5:a1:3f:db:ac:2e:43:ef:6d:03:48: 41:c7:d6:a5:a8:cb:5f:8b:a7:6c:90:a3:7c:ae:32:8f:4e:21: c5:0b:f6:2f:5d:0d:60:c5:60:b4:33:89:ed:7c:8d:31:2e:45: ab:05:7e:b2:cd:49:e3:3e:bd:37:cc:c0:7d:c9:c0:9f:c5:99: 41:94:53:3b:14:61:23:16:3f:5b:d9:0b:a5:87:84:a6:10:3e: 29:e9:e6:39:a6:30:87:50:72:29:3a:47:87:4f:42:93:73:39: 74:0b:7a:22:ef:32:e0:f5:65:1a:aa:47:8e:d6:b6:e7:e9:90: 2f:d6:38:0d:b7:1e:60:d0:00:6e:13:a5:97:d1:ae:57:23:68: a7:f7:e6:c2:9d:72:c8:c5:98:4d:4f:ab:70:36:53:cd:e5:de: c7:58:fb:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrTjupZQBcyzXend6Un4KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5 ZTg0NzkwHhcNMjUxMjA2MDgwMDI5WhcNMjUxMjA3MDgwMDI5WjAzMTEwLwYDVQQD EyhjMDUxNTIyYmUzNmQ3MTI2YjViMDAwOWMyMzljNjYyNDA3NTIzM2UzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCh3Nnxl4MW/RQCe0i+L3Ql0Q4aT 9VuPGkFqeC5rmpPF68R4mGVfFG/JRQbxix1jPMw8Z8WAEtFiQF6Q4hqNWJA/Hq0h rXPtVIVO1BaY9j/pmB/az4S+6+FewHc5eL5JvojcNBTj4wrXctSx76kao9ZBqocV tTTi3Caadr+FaOoLkp1DaHOT3r9a6jeThId1RcDqpP0/3+KA9sHkRIJxA7VCyK31 is3LDA0S4saoAOzpoHE80tNpDtYPZ23gevp0EPzoYEFlXyg1nzP1I0oeThbThp1P 69VTWmwruyA355otXbvu7MancEsFycd6gP3a/FcwUPRY080PbaOedp9IXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMBRUivjbXEmtbAAnCOcZiQHUjPjMB8GA1UdIwQY MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt YWZiY2YzNjZiYjA3LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3 LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMmWDmVEs YQ2evtu5LWBqv056NikJiCwGF4vJpaJLM+990Bw6lKaJXtwN2EcDDzoynWg2l51I gGNt6azDY3e6B/RLwUVBZD7KszKWvgY73nuVDHvrIpSYUGLvu53dvEm6RqWhP9us LkPvbQNIQcfWpajLX4unbJCjfK4yj04hxQv2L10NYMVgtDOJ7XyNMS5FqwV+ss1J 4z69N8zAfcnAn8WZQZRTOxRhIxY/W9kLpYeEphA+KenmOaYwh1ByKTpHh09Ck3M5 dAt6Iu8y4PVlGqpHjta25+mQL9Y4DbceYNAAbhOll9GuVyNop/fmwp1yyMWYTU+r cDZTzeXex1j7Lg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:31:18 2025 by rpki-client