This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.mft File: nlf4Q7F__OqpuGNlgf5NVONG3cw.mft (raw, json) Hash identifier: GbE0eCiPNk5cL9Xb4UV1fXIFENEMmTkUCZxWe2NbO7I= Subject key identifier: D0:7A:C7:B2:42:B1:23:68:A3:45:A7:88:AB:B3:29:9C:41:41:64:E7 Authority key identifier: 9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC Certificate issuer: /CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc Certificate serial: 019B3DC7941C3C2643B2204096EB5CBA807D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.mft Manifest number: 0DDD Signing time: Sat 20 Dec 2025 22:00:48 +0000 Manifest this update: Sat 20 Dec 2025 22:00:48 +0000 Manifest next update: Sun 21 Dec 2025 22:00:48 +0000 Files and hashes: 1: IFXNgHuEN8ycsfhuA4dEpX7GYeY.roa (hash: 0NAgcHKOW4VLEuD8zIQn9OzSwjmjjTPr1tkjSBELdjk=) 2: nlf4Q7F__OqpuGNlgf5NVONG3cw.crl (hash: w5bIS2DxxtZj3Znnzh0pcIMhC7qFa7FEjTpSKntTuIY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.crl rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.mft rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:94:1c:3c:26:43:b2:20:40:96:eb:5c:ba:80:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc Validity Not Before: Dec 20 22:00:48 2025 GMT Not After : Dec 21 22:00:48 2025 GMT Subject: CN=d07ac7b242b12368a345a788abb3299c414164e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:9d:82:68:c4:e5:f5:14:1a:e3:54:3b:e0:3e: 34:57:a0:ef:a2:92:08:a4:15:89:bf:6e:ad:5d:13: 93:45:b7:6d:ce:34:1a:44:63:19:0b:b0:94:7b:1d: 9f:0a:f2:a0:d8:bf:30:85:59:3f:4a:9a:cc:c0:87: 6d:3f:c2:bc:83:85:1e:f6:08:ee:df:a2:f8:d9:56: aa:29:b3:21:b5:ff:fa:b6:d5:51:7b:0e:fe:b1:64: 00:90:cd:34:82:56:8e:50:fd:df:5c:21:e2:d1:2f: e9:31:81:6a:bb:d1:04:1d:11:6c:69:6d:2a:be:96: 8a:b7:f0:2e:01:c8:d7:c8:27:ae:bd:30:f0:90:19: 6d:b1:4d:1c:35:d1:8e:f0:e1:9a:38:9c:5a:21:c5: 5e:3b:d1:c8:32:db:3c:9e:7c:8d:48:b1:30:53:92: 99:e1:86:83:39:f5:90:5a:f5:39:63:46:70:c1:83: c7:5b:f9:33:26:8e:71:d4:4f:77:cd:05:eb:93:7d: 87:50:c5:82:ce:ef:44:d2:86:66:1e:9a:7c:44:24: f7:b8:75:f7:65:81:99:96:db:68:82:6d:5b:84:27: 36:2a:1a:71:a7:d1:b3:1b:3e:0e:01:2f:d5:e4:d3: 3a:23:62:e8:a2:26:a6:ed:2d:d9:cc:b7:dd:40:19: 98:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:7A:C7:B2:42:B1:23:68:A3:45:A7:88:AB:B3:29:9C:41:41:64:E7 X509v3 Authority Key Identifier: keyid:9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:47:25:a0:46:eb:c6:5f:b0:93:65:0d:af:37:ac:22:9a:7b: 2c:1b:64:4b:64:30:dd:1d:0a:a1:d9:49:43:7d:bf:cc:0a:f9: ce:3b:c5:66:ef:8d:ab:38:08:1e:a1:95:b2:63:29:01:2f:a7: e7:7d:23:00:ea:aa:21:ce:50:35:a4:2d:6f:7a:7a:e1:06:19: f3:41:e2:37:99:d7:e8:98:6e:7e:63:f7:7f:e8:c8:0b:6b:7a: 39:9d:bd:af:57:eb:f1:29:23:d2:ee:94:b3:0f:5d:f4:85:6b: d7:db:62:d2:88:82:bd:61:ea:d4:60:bc:42:fe:37:87:ac:a9: c0:a3:4a:7a:0e:3b:6b:ed:82:39:dd:b2:ff:d7:1a:c3:0a:65: 24:5d:27:48:43:c7:55:35:0c:61:cd:e8:2a:40:e1:0d:0a:a3: d2:03:6d:dc:ec:9b:5d:43:50:94:16:46:6f:2e:1a:3d:86:4f: e1:74:57:c8:1d:6e:47:ca:75:fa:98:80:53:fc:68:49:d3:d3: a1:9a:ff:08:6a:69:68:05:fa:43:09:b5:be:2e:60:8b:46:c3: 0f:81:90:3b:78:41:a4:93:fc:1c:4d:a3:1d:72:cd:d7:95:57: c1:05:dc:bb:1b:29:1d:05:f9:a7:06:27:ce:91:84:31:1b:ac: 24:02:ea:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x5QcPCZDsiBAlutcuoB9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllNTdmODQzYjE3ZmZjZWFhOWI4NjM2NTgxZmU0ZDU0ZTM0 NmRkY2MwHhcNMjUxMjIwMjIwMDQ4WhcNMjUxMjIxMjIwMDQ4WjAzMTEwLwYDVQQD EyhkMDdhYzdiMjQyYjEyMzY4YTM0NWE3ODhhYmIzMjk5YzQxNDE2NGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt52CaMTl9RQa41Q74D40V6DvopII pBWJv26tXROTRbdtzjQaRGMZC7CUex2fCvKg2L8whVk/SprMwIdtP8K8g4Ue9gju 36L42VaqKbMhtf/6ttVRew7+sWQAkM00glaOUP3fXCHi0S/pMYFqu9EEHRFsaW0q vpaKt/AuAcjXyCeuvTDwkBltsU0cNdGO8OGaOJxaIcVeO9HIMts8nnyNSLEwU5KZ 4YaDOfWQWvU5Y0ZwwYPHW/kzJo5x1E93zQXrk32HUMWCzu9E0oZmHpp8RCT3uHX3 ZYGZlttogm1bhCc2Khpxp9GzGz4OAS/V5NM6I2Looiam7S3ZzLfdQBmYHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNB6x7JCsSNoo0WniKuzKZxBQWTnMB8GA1UdIwQY MBaAFJ5X+EOxf/zqqbhjZYH+TVTjRt3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTIt MGUyMzA4MDZiNTc5LzEvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTItMGUyMzA4MDZiNTc5 LzEvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUcloEbr xl+wk2UNrzesIpp7LBtkS2Qw3R0KodlJQ32/zAr5zjvFZu+NqzgIHqGVsmMpAS+n 530jAOqqIc5QNaQtb3p64QYZ80HiN5nX6JhufmP3f+jIC2t6OZ29r1fr8Skj0u6U sw9d9IVr19ti0oiCvWHq1GC8Qv43h6ypwKNKeg47a+2COd2y/9cawwplJF0nSEPH VTUMYc3oKkDhDQqj0gNt3OybXUNQlBZGby4aPYZP4XRXyB1uR8p1+piAU/xoSdPT oZr/CGppaAX6Qwm1vi5gi0bDD4GQO3hBpJP8HE2jHXLN15VXwQXcuxspHQX5pwYn zpGEMRusJALqLw== -----END CERTIFICATE-----Generated at Sun Dec 21 05:41:59 2025 by rpki-client