This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft File: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft (raw, json) Hash identifier: atnpIwVyxOOEcXvt74bGIqUO/dl0hultmWRniRW97Bs= Subject key identifier: E3:A2:DC:E5:F1:81:C2:FF:C8:DF:B2:0A:DB:DB:36:26:DE:D6:91:D0 Authority key identifier: 9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA Certificate issuer: /CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa Certificate serial: 019AF389D6AC6D6E4160191FEB3512958E48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft Manifest number: 05EF Signing time: Sat 06 Dec 2025 12:01:28 +0000 Manifest this update: Sat 06 Dec 2025 12:01:28 +0000 Manifest next update: Sun 07 Dec 2025 12:01:28 +0000 Files and hashes: 1: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl (hash: 0OCvMCBUavv6lHsr3WbrNBEjTSAS3iVLRTmVehkvwLE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:d6:ac:6d:6e:41:60:19:1f:eb:35:12:95:8e:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa Validity Not Before: Dec 6 12:01:28 2025 GMT Not After : Dec 7 12:01:28 2025 GMT Subject: CN=e3a2dce5f181c2ffc8dfb20adbdb3626ded691d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ab:ca:36:25:4b:30:c3:be:cf:79:82:dc:84: 72:33:25:ff:68:cf:1e:6c:8e:8b:5c:69:44:1a:94: 3f:19:66:9a:16:6f:cd:b7:d0:a5:f8:db:d4:40:6e: 99:73:2f:b3:af:9c:a2:48:1b:52:05:73:b4:9b:6e: 1e:b0:00:b7:6a:af:de:1d:b8:31:59:46:c6:4d:b8: ef:cd:e1:1d:91:ad:b8:6b:14:f9:c0:b3:59:cd:fd: df:8d:72:04:1c:f3:08:d0:a3:98:e2:e5:b1:23:75: f0:ba:49:5c:3f:b7:be:e8:af:6d:1e:53:72:07:7a: 5b:f0:60:ac:6d:e0:a5:c9:f9:6a:58:96:d8:4f:24: 63:09:55:62:49:75:2c:ce:45:5c:63:33:5f:6d:a8: 98:1b:e5:39:bd:5d:6b:16:09:00:05:5b:35:c0:d7: af:10:88:c3:91:a4:f4:c4:51:dc:94:9f:54:d5:6b: 60:f3:d2:e9:42:3f:a8:6f:c3:c8:43:9f:df:43:16: 0d:40:39:1b:2e:c7:0a:f1:07:d7:85:73:2d:b6:af: 19:ed:1e:8c:c6:6d:35:01:5d:27:90:d0:58:41:f2: 0c:e7:29:a5:57:d9:6a:f2:d4:4b:a9:10:d1:98:e9: 21:ee:2c:72:e7:b0:bc:10:db:a2:7c:6a:35:69:a9: 3e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A2:DC:E5:F1:81:C2:FF:C8:DF:B2:0A:DB:DB:36:26:DE:D6:91:D0 X509v3 Authority Key Identifier: keyid:9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:8b:43:7b:d7:e7:90:40:40:ee:c3:40:50:75:ed:90:51:ee: 15:e5:63:a7:60:fb:e3:3a:1e:2c:e0:1b:58:ae:76:6a:27:56: ef:43:12:98:98:1f:7f:a8:d0:f5:48:dd:3d:c7:2b:37:ad:75: 2a:84:15:a3:94:a8:b7:71:b1:57:c6:0d:e4:fb:87:ff:bf:87: 1f:a2:f1:8f:98:cf:b7:9f:f8:a9:9c:db:57:b9:41:90:02:ad: 74:01:9f:aa:2f:1a:21:ea:62:77:9f:1a:53:f8:25:ea:69:0b: 50:7a:0a:79:b7:db:c1:7b:fb:2c:1b:5b:07:16:3d:27:a3:32: ab:1a:a6:62:84:74:d9:e8:50:0c:e8:66:c5:80:bc:13:97:d3: fd:ce:4a:2c:ab:27:f4:cb:8e:ed:32:13:c5:5a:18:1b:f4:92: 2e:37:20:0f:41:cf:1c:27:1b:1f:b7:b2:6b:5c:ad:0c:ae:b3: eb:0e:bf:b0:7c:aa:b4:5f:5e:40:e8:eb:ef:3e:c9:53:aa:d8: 27:2e:03:cc:23:2a:b4:3c:c1:c3:0f:2f:10:dc:5e:2f:59:c1: 4c:a0:b1:ce:69:94:26:7e:c5:06:c0:52:88:6b:b3:7f:5a:f2: 97:91:9b:64:3b:04:ed:db:e0:da:55:e0:dd:0c:4a:31:80:95: ed:6c:cd:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzidasbW5BYBkf6zUSlY5IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljZjA1ZDRiZDVkNDJiNDE3NWFjYzYzNGFjY2YwZmZhMTg3 M2YwYWEwHhcNMjUxMjA2MTIwMTI4WhcNMjUxMjA3MTIwMTI4WjAzMTEwLwYDVQQD EyhlM2EyZGNlNWYxODFjMmZmYzhkZmIyMGFkYmRiMzYyNmRlZDY5MWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAravKNiVLMMO+z3mC3IRyMyX/aM8e bI6LXGlEGpQ/GWaaFm/Nt9Cl+NvUQG6Zcy+zr5yiSBtSBXO0m24esAC3aq/eHbgx WUbGTbjvzeEdka24axT5wLNZzf3fjXIEHPMI0KOY4uWxI3XwuklcP7e+6K9tHlNy B3pb8GCsbeClyflqWJbYTyRjCVViSXUszkVcYzNfbaiYG+U5vV1rFgkABVs1wNev EIjDkaT0xFHclJ9U1Wtg89LpQj+ob8PIQ5/fQxYNQDkbLscK8QfXhXMttq8Z7R6M xm01AV0nkNBYQfIM5ymlV9lq8tRLqRDRmOkh7ixy57C8ENuifGo1aak+TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOOi3OXxgcL/yN+yCtvbNibe1pHQMB8GA1UdIwQY MBaAFJzwXUvV1CtBdazGNKzPD/oYc/CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEt OGJiYTVmYTNjMzE3LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEtOGJiYTVmYTNjMzE3 LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMotDe9fn kEBA7sNAUHXtkFHuFeVjp2D74zoeLOAbWK52aidW70MSmJgff6jQ9UjdPccrN611 KoQVo5Sot3GxV8YN5PuH/7+HH6Lxj5jPt5/4qZzbV7lBkAKtdAGfqi8aIepid58a U/gl6mkLUHoKebfbwXv7LBtbBxY9J6MyqxqmYoR02ehQDOhmxYC8E5fT/c5KLKsn 9MuO7TITxVoYG/SSLjcgD0HPHCcbH7eya1ytDK6z6w6/sHyqtF9eQOjr7z7JU6rY Jy4DzCMqtDzBww8vENxeL1nBTKCxzmmUJn7FBsBSiGuzf1ryl5GbZDsE7dvg2lXg 3QxKMYCV7WzNLQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:29:05 2025 by rpki-client