This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft File: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft (raw, json) Hash identifier: J2iq5pmQMKjsL75HkUxgdf0MEYTaww4aod26aoLbZ6k= Subject key identifier: 05:AE:15:B8:20:57:AB:CD:76:B9:24:A7:06:B4:2F:53:8B:FA:52:D0 Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78 Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78 Certificate serial: 019AF352917A78B4944DFA9C3C261FB7CC17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 11:01:05 +0000 Manifest this update: Sat 06 Dec 2025 11:01:05 +0000 Manifest next update: Sun 07 Dec 2025 11:01:05 +0000 Files and hashes: 1: 9v5VLNQmHUC6c_AtiguXiv9VBlw.roa (hash: iNy4HwSBG8Jz28fsrZBO8bxra5HKthytWN8pQ51S61o=) 2: nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl (hash: t86SDeAC3n2qOEpNi0i1fGZr3WHCKDIQZPyH1e3ek4w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:91:7a:78:b4:94:4d:fa:9c:3c:26:1f:b7:cc:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78 Validity Not Before: Dec 6 11:01:05 2025 GMT Not After : Dec 7 11:01:05 2025 GMT Subject: CN=05ae15b82057abcd76b924a706b42f538bfa52d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:79:b1:54:ee:8d:d3:2a:34:0c:ae:14:4d:d8: be:9f:c1:e2:b0:db:f2:01:47:4a:08:f7:e8:a1:6b: b7:5b:78:02:1c:78:2a:df:7f:91:b4:5f:97:08:38: 52:2f:8e:2a:d5:b8:1b:e5:b5:04:3f:71:87:c0:b8: 65:18:64:f5:da:d4:54:a4:e6:34:c3:c0:f4:f5:d1: fc:51:ce:69:76:f7:f0:64:b5:ca:1c:2f:eb:42:4b: 3f:74:2d:05:56:e8:46:86:fe:6a:ca:5f:2e:79:8f: 96:e9:fa:f2:33:93:bd:e3:2e:e0:3d:cf:19:8f:1e: 46:d7:78:30:af:61:d4:33:1f:d8:19:dc:06:fb:4a: f7:5b:a9:e5:e5:58:31:a0:ad:03:c5:c1:25:76:56: 11:d5:21:dc:17:e7:d7:a4:d3:5c:c4:cc:e3:da:52: 32:53:8f:66:06:d7:62:bb:60:b6:5f:82:42:95:26: bc:51:9b:06:1c:51:a3:25:7c:c4:52:f7:14:da:42: 19:88:6d:46:da:6f:a4:0b:7f:b9:b1:1a:8b:62:5a: 96:10:39:c0:1e:af:40:a9:f1:15:81:a3:27:15:d7: 57:bc:db:1f:57:5a:f5:b5:eb:85:fe:14:ac:c3:b3: 42:09:31:d5:fd:90:5f:6d:1a:74:3e:83:ee:83:82: 11:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:AE:15:B8:20:57:AB:CD:76:B9:24:A7:06:B4:2F:53:8B:FA:52:D0 X509v3 Authority Key Identifier: keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:07:14:8e:2c:a7:49:88:c2:53:b0:74:0e:98:55:c6:5c:b1: e8:38:16:1d:e6:ac:09:6f:03:99:00:7e:a4:a3:2a:d3:78:2c: 56:ad:ec:91:9d:ad:85:55:15:36:f9:b1:ab:4d:20:6e:01:ac: 41:67:a2:d1:12:f8:08:17:ff:ee:af:7f:5b:39:ec:7a:5a:72: 02:89:a5:09:53:c4:86:e1:c6:75:b6:34:67:b6:1a:c9:8e:b3: 90:d9:73:af:d8:35:4c:8a:2c:40:15:f3:85:ef:34:c4:6b:1c: 0b:4e:54:51:c7:ce:50:1a:37:3e:01:86:9c:18:53:41:d7:2a: 74:4b:31:fb:08:80:4c:38:c0:f1:21:50:b0:48:23:99:dc:99: 7e:8a:db:94:20:32:1c:18:a9:68:60:07:e8:76:9a:93:83:56: 88:0c:02:a1:49:ca:e9:35:c4:52:ae:a6:25:ab:d7:38:4b:e7: e8:c7:a5:56:a3:a9:c0:77:ac:02:af:14:ca:88:40:c1:c5:8f: 07:b8:ed:bf:c5:68:8e:c6:5a:7e:f2:f7:a3:ff:8b:14:d0:10: b8:4b:06:97:be:9e:01:c4:68:27:cb:80:43:72:6f:f2:1d:66: d6:f2:6c:7f:30:d8:ed:ac:e9:84:64:ef:1c:57:ca:89:d7:29: 6e:d8:97:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUpF6eLSUTfqcPCYft8wXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi ZDRiNzgwHhcNMjUxMjA2MTEwMTA1WhcNMjUxMjA3MTEwMTA1WjAzMTEwLwYDVQQD EygwNWFlMTViODIwNTdhYmNkNzZiOTI0YTcwNmI0MmY1MzhiZmE1MmQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXmxVO6N0yo0DK4UTdi+n8HisNvy AUdKCPfooWu3W3gCHHgq33+RtF+XCDhSL44q1bgb5bUEP3GHwLhlGGT12tRUpOY0 w8D09dH8Uc5pdvfwZLXKHC/rQks/dC0FVuhGhv5qyl8ueY+W6fryM5O94y7gPc8Z jx5G13gwr2HUMx/YGdwG+0r3W6nl5VgxoK0DxcEldlYR1SHcF+fXpNNcxMzj2lIy U49mBtdiu2C2X4JClSa8UZsGHFGjJXzEUvcU2kIZiG1G2m+kC3+5sRqLYlqWEDnA Hq9AqfEVgaMnFddXvNsfV1r1teuF/hSsw7NCCTHV/ZBfbRp0PoPug4IRCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAWuFbggV6vNdrkkpwa0L1OL+lLQMB8GA1UdIwQY MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt MDg1NDI0NTRkMTZiLzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQcUjiyn SYjCU7B0DphVxlyx6DgWHeasCW8DmQB+pKMq03gsVq3skZ2thVUVNvmxq00gbgGs QWei0RL4CBf/7q9/WznselpyAomlCVPEhuHGdbY0Z7YayY6zkNlzr9g1TIosQBXz he80xGscC05UUcfOUBo3PgGGnBhTQdcqdEsx+wiATDjA8SFQsEgjmdyZforblCAy HBipaGAH6Haak4NWiAwCoUnK6TXEUq6mJavXOEvn6MelVqOpwHesAq8UyohAwcWP B7jtv8VojsZafvL3o/+LFNAQuEsGl76eAcRoJ8uAQ3Jv8h1m1vJsfzDY7azphGTv HFfKidcpbtiXgA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:02:42 2025 by rpki-client