This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json) Hash identifier: CtkjT8GxwMiIhKYkUVSSu7Gsv3HPGBQ5bOfRh2dP30E= Subject key identifier: 94:EC:C7:BC:5B:E5:E2:72:E8:8A:9B:F3:94:00:A5:02:7B:E5:11:4A Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d Certificate serial: 019AF2097F85881E5D00E04A684EE2D049A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft Manifest number: 0E46 Signing time: Sat 06 Dec 2025 05:01:40 +0000 Manifest this update: Sat 06 Dec 2025 05:01:40 +0000 Manifest next update: Sun 07 Dec 2025 05:01:40 +0000 Files and hashes: 1: NCPzn1GpZq4vT4gRDeBcmpEUhRQ.roa (hash: Vq8Q1+OKJnlcLx/yX0O6NcYNdeQRXSpw2T1WMWL6+Zw=) 2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: O8x2OWR9cT0NQE8V4ZqDQ5c/HGNsGV4/kDTnsGLwBiE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:7f:85:88:1e:5d:00:e0:4a:68:4e:e2:d0:49:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d Validity Not Before: Dec 6 05:01:40 2025 GMT Not After : Dec 7 05:01:40 2025 GMT Subject: CN=94ecc7bc5be5e272e88a9bf39400a5027be5114a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8c:ea:5e:ae:20:2a:9c:19:7d:c1:84:fb:cd: fc:9f:07:5f:b9:e1:90:f0:e9:82:64:77:1c:41:48: 9c:97:d4:d7:77:63:60:02:ec:62:73:f7:1c:c8:17: 58:9e:3c:38:9e:04:37:5b:25:9f:76:9d:98:34:a9: 8c:ae:97:f3:3c:73:47:78:5b:f8:3d:35:23:b7:f4: d7:a3:a3:eb:1d:d2:0f:7d:74:51:fc:90:6b:7a:06: fc:21:9f:5d:b2:25:ae:9f:8a:c1:ad:3c:30:5c:b4: 61:2f:9a:70:1f:04:13:b5:61:68:82:fd:16:eb:82: 91:aa:dc:9b:b5:a1:d1:cb:5d:65:e4:41:b8:fa:34: ea:79:12:f3:1a:96:be:02:98:46:84:a9:8b:4e:89: 4d:0b:07:08:4a:04:6d:25:e6:5c:a3:a6:bc:f8:b5: 11:f3:33:38:86:f0:80:43:74:6f:58:54:f7:51:6c: 23:d0:3b:44:5e:03:20:97:f4:e3:3b:eb:82:ba:44: 29:70:ea:d1:6d:e1:ca:28:96:08:14:1a:89:e0:f6: 49:55:a9:17:a6:90:54:e8:80:d5:ed:eb:97:2d:b1: 76:d7:5b:63:70:95:03:de:a8:0e:36:95:b6:94:f8: f2:ed:7f:a0:07:59:ef:e6:02:05:f2:b6:b9:f5:5d: 00:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:EC:C7:BC:5B:E5:E2:72:E8:8A:9B:F3:94:00:A5:02:7B:E5:11:4A X509v3 Authority Key Identifier: keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:ae:e5:9f:c4:15:5c:36:ed:78:99:3c:4d:a4:18:4b:2e:8e: 54:90:5c:9c:cc:82:0d:3d:b2:38:9e:a1:cb:f6:86:2f:56:17: 63:57:8b:fd:6c:47:c6:7e:1e:5a:6f:41:93:62:40:7b:78:30: 17:c0:2d:76:1e:11:50:a5:0d:ee:2b:67:26:c3:d7:3e:4b:9a: d5:77:fb:d5:05:6c:01:d1:f6:f4:02:cb:20:1d:a8:03:90:2c: 2b:f6:51:13:6b:78:87:67:f4:82:90:5c:7c:63:3e:a3:12:77: 50:53:76:5a:ff:64:71:24:b9:74:66:5a:c4:6b:bf:2f:77:d0: 90:8c:42:7c:f9:71:e1:02:c8:0f:b5:ad:c9:84:3b:e1:b7:0c: c7:5b:9b:63:56:a3:cd:19:e9:d6:c7:35:db:c1:61:1f:93:5d: bc:d6:21:62:3c:74:0c:04:87:8c:15:fd:89:ed:58:dd:f6:2a: e3:96:65:47:6c:27:5e:15:79:0a:ad:ff:41:b8:60:10:ec:68: 5b:c0:a5:44:67:3f:a0:4f:bb:02:c2:8c:b5:84:88:f7:97:45: c6:e3:4c:5a:4b:9e:a6:5a:f3:d6:9c:42:17:de:40:3d:56:4a: 9f:b2:9e:d5:e2:51:90:f7:e5:0d:6c:a6:a6:b2:70:86:b5:db: 25:02:d4:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCX+FiB5dAOBKaE7i0EmmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4 YzAyOGQwHhcNMjUxMjA2MDUwMTQwWhcNMjUxMjA3MDUwMTQwWjAzMTEwLwYDVQQD Eyg5NGVjYzdiYzViZTVlMjcyZTg4YTliZjM5NDAwYTUwMjdiZTUxMTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYzqXq4gKpwZfcGE+838nwdfueGQ 8OmCZHccQUicl9TXd2NgAuxic/ccyBdYnjw4ngQ3WyWfdp2YNKmMrpfzPHNHeFv4 PTUjt/TXo6PrHdIPfXRR/JBregb8IZ9dsiWun4rBrTwwXLRhL5pwHwQTtWFogv0W 64KRqtybtaHRy11l5EG4+jTqeRLzGpa+AphGhKmLTolNCwcISgRtJeZco6a8+LUR 8zM4hvCAQ3RvWFT3UWwj0DtEXgMgl/TjO+uCukQpcOrRbeHKKJYIFBqJ4PZJVakX ppBU6IDV7euXLbF211tjcJUD3qgONpW2lPjy7X+gB1nv5gIF8ra59V0AnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJTsx7xb5eJy6Iqb85QApQJ75RFKMB8GA1UdIwQY MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACq7ln8QV XDbteJk8TaQYSy6OVJBcnMyCDT2yOJ6hy/aGL1YXY1eL/WxHxn4eWm9Bk2JAe3gw F8Atdh4RUKUN7itnJsPXPkua1Xf71QVsAdH29ALLIB2oA5AsK/ZRE2t4h2f0gpBc fGM+oxJ3UFN2Wv9kcSS5dGZaxGu/L3fQkIxCfPlx4QLID7WtyYQ74bcMx1ubY1aj zRnp1sc128FhH5NdvNYhYjx0DASHjBX9ie1Y3fYq45ZlR2wnXhV5Cq3/QbhgEOxo W8ClRGc/oE+7AsKMtYSI95dFxuNMWkueplrz1pxCF95APVZKn7Ke1eJRkPflDWym prJwhrXbJQLUYw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:30:17 2025 by rpki-client