This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft File: nDKfMzH1ND8pDrSkHxbENjooLJA.mft (raw, json) Hash identifier: BPvbaC1trlM914ve96h1A4Gc2cHrwHki52XpKtWtgKA= Subject key identifier: 43:06:38:9D:2C:D0:EC:D8:10:2E:BB:87:0B:8D:5D:AC:B3:1F:A4:36 Authority key identifier: 9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90 Certificate issuer: /CN=9c329f3331f5343f290eb4a41f16c4363a282c90 Certificate serial: 019AF19B3D824C2513DCE7453E9031C1FF9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 03:01:14 +0000 Manifest this update: Sat 06 Dec 2025 03:01:14 +0000 Manifest next update: Sun 07 Dec 2025 03:01:14 +0000 Files and hashes: 1: nDKfMzH1ND8pDrSkHxbENjooLJA.crl (hash: qcaG0R0WSCqL8+2Tekau0x06NbuX3zDcdtO8YkMd5q0=) 2: xXqtZaQE8p1BJ-LrGDHK3ctGl88.roa (hash: 19HlQM5dbXIMn5dc2AbBJAmDmCjDbQENEnPoWF/ZUJA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:3d:82:4c:25:13:dc:e7:45:3e:90:31:c1:ff:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c329f3331f5343f290eb4a41f16c4363a282c90 Validity Not Before: Dec 6 03:01:14 2025 GMT Not After : Dec 7 03:01:14 2025 GMT Subject: CN=4306389d2cd0ecd8102ebb870b8d5dacb31fa436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:6d:8e:17:75:43:3b:37:34:74:70:1f:ff:cf: 76:5f:02:2d:6e:56:15:7d:80:5b:fe:8d:11:b4:df: 9d:2d:23:26:ea:31:ed:81:a0:df:71:92:ce:74:b9: f4:09:73:d0:08:f9:93:32:29:36:a5:d6:32:a7:a8: 21:51:1c:45:c0:7a:ac:cc:b4:f3:a3:6c:eb:a4:37: 1a:ac:43:f1:44:8d:e7:4d:34:50:0d:94:a6:d0:58: a8:d5:15:2b:7f:e4:fb:93:f5:1d:90:74:7c:c0:7a: 7e:68:01:0f:13:f5:9b:10:53:a8:78:a3:95:07:bd: 4e:19:a6:51:4b:e1:5b:2c:db:d2:2a:45:8a:16:53: fe:2e:99:a7:d7:b3:f2:5f:cd:ad:36:ff:b9:45:14: 59:83:e1:da:7c:ac:6b:07:fb:c9:f0:64:40:3e:13: bc:db:02:f4:95:43:bf:6b:73:bb:9c:6e:9c:cd:1d: a4:f7:1c:35:03:a0:d8:6c:d2:21:eb:af:01:b3:be: 73:92:ed:89:41:47:06:87:33:a7:bf:09:e9:90:a8: 9b:04:b7:f4:d6:15:07:86:af:88:39:f7:11:cc:1e: c8:e8:85:1d:b2:18:12:70:7f:b5:30:23:0c:7a:64: f6:d8:d4:ee:e5:0c:37:58:2c:98:79:19:21:84:bf: dc:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:06:38:9D:2C:D0:EC:D8:10:2E:BB:87:0B:8D:5D:AC:B3:1F:A4:36 X509v3 Authority Key Identifier: keyid:9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:4a:e3:38:ff:e1:51:b0:1f:08:34:40:e6:c6:97:3f:c9:62: 2e:1b:c2:37:5a:a1:dd:5e:e3:86:fd:83:52:da:6b:4a:0d:66: 2e:ae:d5:3d:41:d7:28:c0:ae:ba:64:da:dd:79:7a:2f:5f:5c: 8d:96:4e:cb:d3:e7:65:c7:8c:f8:0b:8d:87:f7:5b:57:73:1c: 94:2a:34:ef:07:31:85:d7:ed:21:6d:8a:7d:41:a8:e3:0f:62: 9b:3c:8b:f3:9f:cd:92:73:c2:99:99:2e:62:d8:31:d9:e2:2a: 59:f8:d2:f8:11:98:80:49:de:11:9b:d0:6f:7b:d9:10:1c:94: 6a:1d:fc:24:2e:75:c7:1b:08:0d:59:a7:67:c1:c2:74:6e:e9: b6:fa:8c:36:a4:3f:1b:d2:f1:6e:6d:a7:08:f4:0f:03:d2:25: e4:99:ba:2a:99:d7:bf:b8:be:e5:55:2f:d1:86:5e:fa:3c:21: 8a:f1:16:35:4a:0c:10:89:d1:a9:95:4d:34:1b:d1:57:b6:f6: f1:db:87:d1:0c:fe:e0:a5:7d:7e:da:93:30:73:51:b6:f8:3a: 4a:92:2f:14:76:f7:75:71:d1:b4:0c:0b:a4:2f:18:59:ff:6f: 98:74:9a:fe:3c:39:34:d8:4d:97:2a:b7:44:36:7f:52:27:9a: 5f:48:a1:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmz2CTCUT3OdFPpAxwf+eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljMzI5ZjMzMzFmNTM0M2YyOTBlYjRhNDFmMTZjNDM2M2Ey ODJjOTAwHhcNMjUxMjA2MDMwMTE0WhcNMjUxMjA3MDMwMTE0WjAzMTEwLwYDVQQD Eyg0MzA2Mzg5ZDJjZDBlY2Q4MTAyZWJiODcwYjhkNWRhY2IzMWZhNDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W2OF3VDOzc0dHAf/892XwItblYV fYBb/o0RtN+dLSMm6jHtgaDfcZLOdLn0CXPQCPmTMik2pdYyp6ghURxFwHqszLTz o2zrpDcarEPxRI3nTTRQDZSm0Fio1RUrf+T7k/UdkHR8wHp+aAEPE/WbEFOoeKOV B71OGaZRS+FbLNvSKkWKFlP+Lpmn17PyX82tNv+5RRRZg+HafKxrB/vJ8GRAPhO8 2wL0lUO/a3O7nG6czR2k9xw1A6DYbNIh668Bs75zku2JQUcGhzOnvwnpkKibBLf0 1hUHhq+IOfcRzB7I6IUdshgScH+1MCMMemT22NTu5Qw3WCyYeRkhhL/c6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEMGOJ0s0OzYEC67hwuNXayzH6Q2MB8GA1UdIwQY MBaAFJwynzMx9TQ/KQ60pB8WxDY6KCyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmIt YjdmNWQ0Mzk1Y2MwLzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmItYjdmNWQ0Mzk1Y2Mw LzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbErjOP/h UbAfCDRA5saXP8liLhvCN1qh3V7jhv2DUtprSg1mLq7VPUHXKMCuumTa3Xl6L19c jZZOy9PnZceM+AuNh/dbV3MclCo07wcxhdftIW2KfUGo4w9imzyL85/NknPCmZku Ytgx2eIqWfjS+BGYgEneEZvQb3vZEByUah38JC51xxsIDVmnZ8HCdG7ptvqMNqQ/ G9Lxbm2nCPQPA9Il5Jm6KpnXv7i+5VUv0YZe+jwhivEWNUoMEInRqZVNNBvRV7b2 8duH0Qz+4KV9ftqTMHNRtvg6SpIvFHb3dXHRtAwLpC8YWf9vmHSa/jw5NNhNlyq3 RDZ/UieaX0ihMg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:17:21 2025 by rpki-client