This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft File: nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json) Hash identifier: A7z0lBzk4NAGVz+it5KcA5+JZ8SvbPXUYRptkaW4dUA= Subject key identifier: 28:B7:DA:79:C1:95:86:5F:91:22:BD:93:42:66:E4:CA:B7:90:04:92 Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B Certificate issuer: /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b Certificate serial: 019AF12DAC1F8173C4866A8EA3AED566EA7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft Manifest number: 0215 Signing time: Sat 06 Dec 2025 01:01:33 +0000 Manifest this update: Sat 06 Dec 2025 01:01:33 +0000 Manifest next update: Sun 07 Dec 2025 01:01:33 +0000 Files and hashes: 1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: NAesqtItJaP7lrT+xqiT7o8vEvJSIvWjUHdsxOo9D+0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ac:1f:81:73:c4:86:6a:8e:a3:ae:d5:66:ea:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b Validity Not Before: Dec 6 01:01:33 2025 GMT Not After : Dec 7 01:01:33 2025 GMT Subject: CN=28b7da79c195865f9122bd934266e4cab7900492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6c:2d:b1:86:87:58:da:2b:03:dd:28:dd:77: a8:35:22:47:fd:94:64:a9:e6:76:6a:c0:84:0a:27: 68:9a:33:ff:78:ec:42:05:2d:ee:10:3e:3f:c0:b3: f8:62:b5:26:b9:fa:1e:06:46:c2:e4:ec:00:26:54: 1f:dc:17:ef:a3:27:b2:e6:b6:60:f6:7e:6e:9d:86: d1:44:76:bf:53:31:8b:7d:fc:1f:9e:c2:92:d0:5b: c9:eb:21:b9:3e:5e:45:20:ee:82:8d:a3:47:94:cf: 24:4a:02:36:2d:33:46:61:f8:82:87:cf:7a:25:29: e3:49:7d:d3:a3:4e:76:d2:98:03:e2:d5:7c:ee:b5: 48:8e:52:28:a0:66:69:bc:39:b2:06:17:d3:55:df: 4f:f0:52:4e:02:01:45:7c:f4:66:26:5a:b1:70:90: 80:0d:90:59:27:16:40:6d:20:06:55:54:27:14:46: 46:2c:7b:7d:8e:99:47:00:0b:99:e1:2d:84:e5:b6: 17:e7:c6:13:bd:23:20:b7:14:68:70:b3:b0:1e:0e: 47:38:b3:ba:66:d5:e7:15:d1:c2:21:78:d3:02:9f: 58:bc:65:f4:fd:9f:03:fb:5c:70:25:27:12:f7:11: 31:3a:91:01:66:3f:c2:9c:11:31:b0:74:5e:07:36: 90:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:B7:DA:79:C1:95:86:5F:91:22:BD:93:42:66:E4:CA:B7:90:04:92 X509v3 Authority Key Identifier: keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:53:69:38:e1:91:80:e6:b3:cf:3a:ca:d5:1c:49:11:eb:93: a0:16:5f:09:97:b3:93:f6:14:3c:af:8e:96:b8:fe:15:e8:30: d9:48:c1:3c:e7:fa:6a:1b:dd:fa:b1:69:11:6f:6d:7b:84:f5: 00:87:e6:10:5a:ad:85:5c:5b:0d:70:de:e3:6b:cd:69:a2:56: 76:9f:72:df:d6:fa:c2:2f:41:e8:d3:75:bf:c8:59:29:f2:4e: 8a:91:d6:51:f4:f7:6f:bc:ce:23:7a:fa:f2:38:51:42:70:61: 61:b5:d5:ee:1b:04:0d:5a:b0:77:2d:1e:4a:e1:c6:df:86:a5: 03:59:1e:8e:a0:f2:1f:1e:44:d5:27:37:f1:6c:a6:d9:f7:9e: 1e:7f:c0:54:83:4b:58:16:20:09:ac:93:06:25:46:ab:fe:70: d3:61:3a:64:93:b3:82:88:c8:21:cd:36:10:92:3b:20:10:fc: 3d:d8:45:e3:56:df:16:c5:d7:8e:98:8c:72:75:88:81:74:21: 9e:ea:ba:39:25:1d:e6:ab:9c:e9:bb:4d:8e:81:45:1a:f5:5d: f3:2f:47:07:01:41:30:65:68:69:4b:9b:ca:c7:97:93:2b:cf: 11:bd:56:e6:d3:6e:4d:75:af:f7:86:80:8d:d2:e6:30:1d:fb: 36:cd:ab:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLawfgXPEhmqOo67VZup/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj ZjZhMmIwHhcNMjUxMjA2MDEwMTMzWhcNMjUxMjA3MDEwMTMzWjAzMTEwLwYDVQQD EygyOGI3ZGE3OWMxOTU4NjVmOTEyMmJkOTM0MjY2ZTRjYWI3OTAwNDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2wtsYaHWNorA90o3XeoNSJH/ZRk qeZ2asCECidomjP/eOxCBS3uED4/wLP4YrUmufoeBkbC5OwAJlQf3Bfvoyey5rZg 9n5unYbRRHa/UzGLffwfnsKS0FvJ6yG5Pl5FIO6CjaNHlM8kSgI2LTNGYfiCh896 JSnjSX3To0520pgD4tV87rVIjlIooGZpvDmyBhfTVd9P8FJOAgFFfPRmJlqxcJCA DZBZJxZAbSAGVVQnFEZGLHt9jplHAAuZ4S2E5bYX58YTvSMgtxRocLOwHg5HOLO6 ZtXnFdHCIXjTAp9YvGX0/Z8D+1xwJScS9xExOpEBZj/CnBExsHReBzaQbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCi32nnBlYZfkSK9k0Jm5Mq3kASSMB8GA1UdIwQY MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXVNpOOGR gOazzzrK1RxJEeuToBZfCZezk/YUPK+Olrj+Fegw2UjBPOf6ahvd+rFpEW9te4T1 AIfmEFqthVxbDXDe42vNaaJWdp9y39b6wi9B6NN1v8hZKfJOipHWUfT3b7zOI3r6 8jhRQnBhYbXV7hsEDVqwdy0eSuHG34alA1kejqDyHx5E1Sc38Wym2feeHn/AVINL WBYgCayTBiVGq/5w02E6ZJOzgojIIc02EJI7IBD8PdhF41bfFsXXjpiMcnWIgXQh nuq6OSUd5quc6btNjoFFGvVd8y9HBwFBMGVoaUubyseXkyvPEb1W5tNuTXWv94aA jdLmMB37Ns2r9g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:43 2025 by rpki-client