This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft File: nzbQijzYpC9Goslt_XLtjO4nlHc.mft (raw, json) Hash identifier: MZ4WIl8HV9BYfb+CyaE5rprcT5btiClQmqrpRuKAUIg= Subject key identifier: 2F:D9:8F:16:B8:3A:1A:4F:F2:84:A3:21:C5:91:33:B1:24:8A:EC:48 Authority key identifier: 9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77 Certificate issuer: /CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477 Certificate serial: 019AF2767124EFD49B93698BDA4089BBA90F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft Manifest number: 0D69 Signing time: Sat 06 Dec 2025 07:00:39 +0000 Manifest this update: Sat 06 Dec 2025 07:00:39 +0000 Manifest next update: Sun 07 Dec 2025 07:00:39 +0000 Files and hashes: 1: nzbQijzYpC9Goslt_XLtjO4nlHc.crl (hash: 9dMnJxb7dRIiAi5zHnaeQrTI0lnLtDs6QrWJIVNu+w8=) 2: twzQnUgBAT35ET2oNZWOjjEoBE4.roa (hash: HIWNIMTAhxf1Wnub1ymBGmdU28kJ6snFsV9+PWAEB7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:71:24:ef:d4:9b:93:69:8b:da:40:89:bb:a9:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477 Validity Not Before: Dec 6 07:00:39 2025 GMT Not After : Dec 7 07:00:39 2025 GMT Subject: CN=2fd98f16b83a1a4ff284a321c59133b1248aec48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:4a:d8:f4:45:0e:97:1a:ea:22:18:79:2e:fa: cb:fa:bf:4d:fd:75:b8:2c:1e:03:5b:d4:e1:91:2e: bf:23:a5:ac:d3:b8:9e:cb:4d:e1:eb:cd:3a:73:27: c5:c9:c6:82:cc:08:6f:5d:91:b4:a2:c3:96:64:c6: 6c:3b:b1:18:d3:69:8a:da:ec:7f:4a:61:39:cb:7a: 1e:90:4b:7e:2b:9c:93:ee:1c:99:f8:03:f9:2f:eb: 4e:08:b7:b3:0a:d0:3d:7e:74:18:20:6a:8e:f3:53: 9b:37:8b:b7:c5:0b:8a:d4:02:9e:bd:5c:7c:71:36: 93:dc:99:4a:f4:78:f0:c1:28:08:ad:25:20:26:f6: 5e:3c:36:ce:e4:5c:f7:ef:5c:98:4d:3e:58:3f:7e: 53:10:3c:6c:2b:e5:75:22:b0:a7:5f:c8:16:81:2c: 80:b0:02:75:15:ca:3a:8a:96:d6:14:95:81:e8:fb: 5a:d6:02:cc:21:b4:cc:9d:f9:73:d4:76:16:dc:27: 28:c5:a0:a1:c8:11:2a:80:ea:5a:95:58:41:8e:9f: e9:2d:77:48:0f:35:d7:b7:19:3c:08:70:9c:ee:d0: ac:ea:9a:d5:be:c3:2c:23:b6:07:a6:b0:79:59:87: ff:b1:c7:ab:09:ba:84:fa:12:c5:bd:72:fd:f2:d7: cb:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:D9:8F:16:B8:3A:1A:4F:F2:84:A3:21:C5:91:33:B1:24:8A:EC:48 X509v3 Authority Key Identifier: keyid:9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:fd:4c:5c:10:5b:8e:03:f6:3e:c1:7d:ab:fa:52:2e:b1:6d: 85:c4:d7:9a:44:eb:a7:ee:29:f9:d5:a0:15:9b:57:93:f7:a4: 1b:f1:c9:bb:03:c2:54:00:75:3d:93:63:92:8d:ef:d1:9c:35: 6d:7d:62:3f:54:7b:a5:fb:83:5b:84:74:c7:68:2f:e3:f2:c2: 37:77:c1:78:fa:71:bc:c4:b3:18:76:e8:bf:31:27:2b:14:9d: 64:0f:92:77:88:2d:02:a6:2e:8a:91:70:87:be:0c:64:e6:7c: f7:84:57:9b:d3:21:73:b2:dc:67:98:cd:3a:ba:6c:f1:73:a1: 63:a5:70:15:f2:59:4e:14:d3:ae:35:ec:e3:ef:6e:c2:82:66: cc:37:93:04:ac:59:1b:27:64:af:2f:de:05:f1:2a:0c:9e:d4: 24:81:4d:2a:c6:87:c4:81:10:7a:34:6e:75:7f:eb:b3:f0:81: dc:2e:6a:dc:80:d0:9d:af:d3:27:f7:c5:c6:2e:86:da:5e:5f: 13:e9:f9:c3:5d:df:9f:fb:ca:68:79:2f:4f:44:f4:61:9e:fc: 30:b0:90:42:8b:a2:b7:bf:9e:b1:40:72:27:8c:85:28:65:2d: 11:79:d9:4c:74:7d:eb:0b:5f:4b:76:9b:80:8d:13:a1:2f:99: 6a:a6:2a:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydnEk79Sbk2mL2kCJu6kPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMzZkMDhhM2NkOGE0MmY0NmEyYzk2ZGZkNzJlZDhjZWUy Nzk0NzcwHhcNMjUxMjA2MDcwMDM5WhcNMjUxMjA3MDcwMDM5WjAzMTEwLwYDVQQD EygyZmQ5OGYxNmI4M2ExYTRmZjI4NGEzMjFjNTkxMzNiMTI0OGFlYzQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUrY9EUOlxrqIhh5LvrL+r9N/XW4 LB4DW9ThkS6/I6Ws07iey03h6806cyfFycaCzAhvXZG0osOWZMZsO7EY02mK2ux/ SmE5y3oekEt+K5yT7hyZ+AP5L+tOCLezCtA9fnQYIGqO81ObN4u3xQuK1AKevVx8 cTaT3JlK9HjwwSgIrSUgJvZePDbO5Fz371yYTT5YP35TEDxsK+V1IrCnX8gWgSyA sAJ1Fco6ipbWFJWB6Pta1gLMIbTMnflz1HYW3CcoxaChyBEqgOpalVhBjp/pLXdI DzXXtxk8CHCc7tCs6prVvsMsI7YHprB5WYf/scerCbqE+hLFvXL98tfL+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC/Zjxa4OhpP8oSjIcWRM7EkiuxIMB8GA1UdIwQY MBaAFJ820Io82KQvRqLJbf1y7YzuJ5R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3Mjct YzMzMzcyYzlkNTA3LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3MjctYzMzMzcyYzlkNTA3 LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATP1MXBBb jgP2PsF9q/pSLrFthcTXmkTrp+4p+dWgFZtXk/ekG/HJuwPCVAB1PZNjko3v0Zw1 bX1iP1R7pfuDW4R0x2gv4/LCN3fBePpxvMSzGHbovzEnKxSdZA+Sd4gtAqYuipFw h74MZOZ894RXm9Mhc7LcZ5jNOrps8XOhY6VwFfJZThTTrjXs4+9uwoJmzDeTBKxZ Gydkry/eBfEqDJ7UJIFNKsaHxIEQejRudX/rs/CB3C5q3IDQna/TJ/fFxi6G2l5f E+n5w13fn/vKaHkvT0T0YZ78MLCQQouit7+esUByJ4yFKGUtEXnZTHR96wtfS3ab gI0ToS+ZaqYqGA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:51:07 2025 by rpki-client