This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json) Hash identifier: KevD2qqnPMt3aUDFaCbokouDY3AKlqJ+0NejaelMxYU= Subject key identifier: 27:B7:BA:5A:C8:51:BA:DA:10:C3:EA:08:A0:D1:8E:EF:3C:DC:7C:F3 Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Certificate serial: 019AF31C6844F38757DA809011A20847407B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft Manifest number: 1328 Signing time: Sat 06 Dec 2025 10:01:56 +0000 Manifest this update: Sat 06 Dec 2025 10:01:56 +0000 Manifest next update: Sun 07 Dec 2025 10:01:56 +0000 Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=) 2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: kLqyRYJMVm0Y8M4XK9KGY9XBR4pa3VrfKeOqM1UJDEQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:68:44:f3:87:57:da:80:90:11:a2:08:47:40:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Validity Not Before: Dec 6 10:01:56 2025 GMT Not After : Dec 7 10:01:56 2025 GMT Subject: CN=27b7ba5ac851bada10c3ea08a0d18eef3cdc7cf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:3f:21:88:ef:82:24:f6:b9:77:ab:e5:0c:01: 9d:7d:f5:d2:4f:49:4c:60:ee:55:07:0f:21:fa:81: 9b:28:71:ba:20:f9:4e:33:dc:70:8a:0e:ca:d1:9c: 52:cc:75:33:9d:36:5f:51:85:c2:8a:38:8d:e4:f0: 4f:49:d8:f4:d0:cb:ae:67:c9:1c:00:d5:50:e8:a5: e3:2c:7e:23:2c:8e:26:af:d2:d5:26:bd:c3:ff:74: 9c:77:df:23:a8:31:4a:10:b2:78:e0:3b:d9:63:c2: 73:06:02:cd:ee:9d:7d:21:71:72:af:bf:0e:2b:8b: 88:6c:a2:d9:42:26:50:be:5d:10:3b:90:fd:0d:3b: fb:08:17:ad:a7:28:b7:67:00:cc:4f:33:1e:59:50: fe:0e:82:c0:ec:18:d5:f2:0b:c7:bb:8c:09:4b:c1: be:d9:fd:3e:8e:07:95:72:19:60:69:e6:87:31:0b: f2:b3:fc:c1:e4:7e:58:8b:ea:22:28:8f:68:fa:63: cf:0d:3d:3b:80:7c:b7:fa:76:43:1d:c0:b8:ed:e3: 8a:f2:bf:c2:ab:82:5d:84:f5:77:92:74:ab:58:76: 05:f2:49:4d:58:20:ff:41:ce:91:7c:93:5b:b4:0e: 0e:dd:d0:a3:1d:3b:c0:1a:bf:70:7f:cb:8f:ce:6d: 50:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:B7:BA:5A:C8:51:BA:DA:10:C3:EA:08:A0:D1:8E:EF:3C:DC:7C:F3 X509v3 Authority Key Identifier: keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:d5:80:26:a1:c9:ed:d6:62:1f:68:f5:f8:30:65:b7:27:91: c8:0f:0a:f8:16:e2:d1:68:ce:a6:3b:f5:5c:3c:ab:13:70:70: 77:fd:ac:8d:e6:1c:47:a6:ab:ad:90:71:23:c2:5f:0a:df:6b: 32:e3:9d:75:2b:b3:2c:ad:b9:93:e6:66:25:b6:b1:de:c0:9a: bb:1b:3e:b6:a7:0b:b9:8b:8f:80:0f:a8:9c:e5:4c:fd:f5:1c: 58:b4:5e:fe:84:da:e1:96:92:f4:66:29:dc:b3:54:bd:f0:90: 1d:8f:88:fa:5b:e9:37:20:6f:7e:73:ae:66:cd:87:cc:07:99: 65:c8:7a:8e:b1:03:0c:04:62:c5:50:02:d7:cf:7a:3d:ed:c4: c3:5b:ab:6e:cf:67:2b:6c:a2:b7:e9:c2:30:00:9b:0f:b7:46: 6a:0e:a1:cf:03:d7:01:fd:a0:dd:a0:e8:64:2d:3d:cc:29:b0: 05:fc:eb:a5:73:1a:0f:08:88:3d:18:5a:7a:9d:a6:b6:8c:da: ee:7f:b6:c1:5a:f3:bf:dd:7f:2d:c0:a9:84:0d:b4:03:73:c7: 71:2f:18:9f:3e:40:73:2e:ab:ad:69:72:58:71:db:1a:ea:19: f8:f6:87:7b:6f:36:92:e8:58:23:3f:a3:69:47:a1:ec:1f:4f: 62:26:67:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHGhE84dX2oCQEaIIR0B7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj M2Q1ZGEwHhcNMjUxMjA2MTAwMTU2WhcNMjUxMjA3MTAwMTU2WjAzMTEwLwYDVQQD EygyN2I3YmE1YWM4NTFiYWRhMTBjM2VhMDhhMGQxOGVlZjNjZGM3Y2YzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT8hiO+CJPa5d6vlDAGdffXST0lM YO5VBw8h+oGbKHG6IPlOM9xwig7K0ZxSzHUznTZfUYXCijiN5PBPSdj00MuuZ8kc ANVQ6KXjLH4jLI4mr9LVJr3D/3Scd98jqDFKELJ44DvZY8JzBgLN7p19IXFyr78O K4uIbKLZQiZQvl0QO5D9DTv7CBetpyi3ZwDMTzMeWVD+DoLA7BjV8gvHu4wJS8G+ 2f0+jgeVchlgaeaHMQvys/zB5H5Yi+oiKI9o+mPPDT07gHy3+nZDHcC47eOK8r/C q4JdhPV3knSrWHYF8klNWCD/Qc6RfJNbtA4O3dCjHTvAGr9wf8uPzm1QjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCe3ulrIUbraEMPqCKDRju883HzzMB8GA1UdIwQY MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAudWAJqHJ 7dZiH2j1+DBltyeRyA8K+Bbi0WjOpjv1XDyrE3Bwd/2sjeYcR6arrZBxI8JfCt9r MuOddSuzLK25k+ZmJbax3sCauxs+tqcLuYuPgA+onOVM/fUcWLRe/oTa4ZaS9GYp 3LNUvfCQHY+I+lvpNyBvfnOuZs2HzAeZZch6jrEDDARixVAC1896Pe3Ew1urbs9n K2yit+nCMACbD7dGag6hzwPXAf2g3aDoZC09zCmwBfzrpXMaDwiIPRhaep2mtoza 7n+2wVrzv91/LcCphA20A3PHcS8Ynz5Acy6rrWlyWHHbGuoZ+PaHe282kuhYIz+j aUeh7B9PYiZnGQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:04:10 2025 by rpki-client