This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft File: NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json) Hash identifier: 3eudKw+R+5NMI8M4ehodarY6do+L9ZOzdVZemd2oPPQ= Subject key identifier: A4:8A:68:EE:8E:76:9E:F0:C4:FB:B6:28:31:9D:2D:EC:09:14:30:57 Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74 Certificate issuer: /CN=349c4837d939840d5f6c74aac08366ef4bfe4874 Certificate serial: 019AF31B8526FA328F1837CC4812D7C08572 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft Manifest number: 034E Signing time: Sat 06 Dec 2025 10:00:58 +0000 Manifest this update: Sat 06 Dec 2025 10:00:58 +0000 Manifest next update: Sun 07 Dec 2025 10:00:58 +0000 Files and hashes: 1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: VhlqQBtbpQeUyD3upqMv1HQMyPmifKBP51Ty6XyZPtU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:85:26:fa:32:8f:18:37:cc:48:12:d7:c0:85:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874 Validity Not Before: Dec 6 10:00:58 2025 GMT Not After : Dec 7 10:00:58 2025 GMT Subject: CN=a48a68ee8e769ef0c4fbb628319d2dec09143057 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9d:ba:ba:2f:63:53:35:3e:8f:9e:53:b3:ad: a3:32:d0:85:03:5c:a3:b6:39:b6:65:7a:52:b3:3f: a3:fb:e7:42:13:76:cb:f9:78:ca:9a:f4:f8:5d:c5: 2e:76:50:2d:b6:af:2a:98:fa:8c:0b:dc:c9:0e:76: 41:92:31:30:f8:af:2b:e7:aa:de:ee:9a:5a:d6:92: dd:d7:1b:5a:22:fe:e1:9c:89:9f:bb:88:04:34:25: 16:0b:4c:2a:27:2d:47:44:ba:25:55:15:34:67:47: 5c:a1:c3:41:f7:6d:04:3f:69:10:e3:19:36:bc:15: 6e:67:45:14:68:ef:75:29:33:0a:54:0c:ea:f0:bb: 46:c7:a2:ee:b3:9f:16:0b:1b:ae:0a:15:33:1b:2a: 69:26:a6:79:fa:f8:ca:63:b5:12:ef:35:9a:8d:cb: 76:78:68:82:9e:4e:dc:b5:d9:5c:9b:19:94:f1:c8: 8f:55:df:55:e9:fc:a6:85:b3:83:89:93:f3:88:d2: ae:3b:0a:00:02:9d:00:52:c1:94:0e:2a:cc:c6:c1: cc:2f:cf:4d:b3:ba:0b:b6:0f:6f:96:02:3b:c1:47: 27:50:a7:22:35:54:fc:59:a0:c6:58:b4:ec:f3:01: 68:1f:66:dd:e2:5b:c0:60:7e:fd:9e:45:97:ad:f9: 6e:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:8A:68:EE:8E:76:9E:F0:C4:FB:B6:28:31:9D:2D:EC:09:14:30:57 X509v3 Authority Key Identifier: keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:58:11:27:62:2a:85:17:83:92:e9:70:8f:cf:23:44:b4:51: dd:76:4e:f7:75:5c:31:50:10:e3:45:4f:10:f9:0c:b0:02:74: 92:d9:8a:cb:de:97:25:8d:e5:93:d4:10:9c:16:78:a0:0e:7f: ca:29:c8:59:a5:1d:e5:49:b0:a4:6d:e6:f0:a6:ef:dc:db:50: 1f:d5:8c:4a:6a:12:03:f0:b8:ee:fd:30:b9:88:24:53:94:60: 64:73:b6:83:c8:1e:49:4c:df:1c:57:56:fb:07:a2:dd:cd:91: 88:3a:35:61:cc:89:7c:39:70:32:71:98:c1:36:87:05:5b:88: 15:fb:cc:a5:6f:40:6d:e2:4e:f0:f4:30:91:de:36:c1:3d:59: b4:33:91:2d:05:4c:de:a2:f1:c9:e8:03:33:44:7c:98:f6:99: 1f:d1:e6:00:dd:a0:4e:79:e6:1d:fb:56:5e:74:8a:df:fe:7f: af:48:5e:94:63:1d:b5:a7:36:ee:70:b0:c9:6d:de:20:c3:3f: d8:23:f7:88:b0:59:df:e5:14:e0:dd:98:40:63:42:42:7a:44: 25:4e:96:f4:5b:4f:7f:a2:4f:5e:e5:9f:e6:a2:ac:f7:27:d0: 47:cd:c9:b7:b6:b5:ed:07:f4:e4:5d:6a:ab:5a:8a:d5:bb:5a: 80:01:6e:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG4Um+jKPGDfMSBLXwIVyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm ZTQ4NzQwHhcNMjUxMjA2MTAwMDU4WhcNMjUxMjA3MTAwMDU4WjAzMTEwLwYDVQQD EyhhNDhhNjhlZThlNzY5ZWYwYzRmYmI2MjgzMTlkMmRlYzA5MTQzMDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp26ui9jUzU+j55Ts62jMtCFA1yj tjm2ZXpSsz+j++dCE3bL+XjKmvT4XcUudlAttq8qmPqMC9zJDnZBkjEw+K8r56re 7ppa1pLd1xtaIv7hnImfu4gENCUWC0wqJy1HRLolVRU0Z0dcocNB920EP2kQ4xk2 vBVuZ0UUaO91KTMKVAzq8LtGx6Lus58WCxuuChUzGyppJqZ5+vjKY7US7zWajct2 eGiCnk7ctdlcmxmU8ciPVd9V6fymhbODiZPziNKuOwoAAp0AUsGUDirMxsHML89N s7oLtg9vlgI7wUcnUKciNVT8WaDGWLTs8wFoH2bd4lvAYH79nkWXrfluDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKSKaO6Odp7wxPu2KDGdLewJFDBXMB8GA1UdIwQY MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0 LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlgRJ2Iq hReDkulwj88jRLRR3XZO93VcMVAQ40VPEPkMsAJ0ktmKy96XJY3lk9QQnBZ4oA5/ yinIWaUd5UmwpG3m8Kbv3NtQH9WMSmoSA/C47v0wuYgkU5RgZHO2g8geSUzfHFdW +wei3c2RiDo1YcyJfDlwMnGYwTaHBVuIFfvMpW9AbeJO8PQwkd42wT1ZtDORLQVM 3qLxyegDM0R8mPaZH9HmAN2gTnnmHftWXnSK3/5/r0helGMdtac27nCwyW3eIMM/ 2CP3iLBZ3+UU4N2YQGNCQnpEJU6W9FtPf6JPXuWf5qKs9yfQR83Jt7a17Qf05F1q q1qK1btagAFuSA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:47:29 2025 by rpki-client