This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft File: NHkVOIV45h2IaEmiHXC6B1FJwaE.mft (raw, json) Hash identifier: wCIFOM0QgKzbgfv9yg1+k/eP7Sstj5nBN6DXQTBDdr0= Subject key identifier: 13:C1:D1:66:EA:97:67:09:35:14:3D:F1:F7:02:4B:92:7D:78:D9:21 Authority key identifier: 34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1 Certificate issuer: /CN=347915388578e61d886849a21d70ba075149c1a1 Certificate serial: 019AF12DD237A5E842E2AE72BB0AD7CF317E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft Manifest number: 0CED Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: NHkVOIV45h2IaEmiHXC6B1FJwaE.crl (hash: np3zwtwKNNxN8pId2lkiQAevKyxxwvUHSzNUHy3W54o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d2:37:a5:e8:42:e2:ae:72:bb:0a:d7:cf:31:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=347915388578e61d886849a21d70ba075149c1a1 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=13c1d166ea97670935143df1f7024b927d78d921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:67:cf:00:9b:c5:41:ed:d4:2e:43:34:a3:22: 42:5e:19:3e:14:df:b7:57:b1:75:7d:0a:72:a2:0e: ee:d1:7f:5a:06:e4:26:50:f2:0d:13:a8:be:4c:ee: 0c:28:a4:e6:74:af:de:d6:3c:83:53:20:52:7b:b1: 27:7b:f3:52:f5:01:92:13:7b:a5:4a:b7:1f:b2:4d: 4e:b6:81:e7:de:d5:d4:a0:88:dd:94:f5:c6:cc:35: 44:95:85:1e:6d:88:ea:72:db:46:c7:7b:e0:99:74: e4:87:67:13:44:93:51:1c:66:22:6a:26:87:d9:ca: 6b:c6:7f:ad:d7:be:19:2b:ee:b8:0c:62:e1:f9:1f: a1:0a:d2:94:b5:3e:53:c2:60:08:24:81:ce:62:fb: 1d:c8:39:0c:bc:fa:ee:70:8b:e9:93:0c:4b:58:99: 7d:b8:4a:b8:b6:93:f6:9f:22:1b:70:fe:f4:a7:a2: b1:cb:05:02:7b:f9:b1:ed:b2:f7:e6:18:15:ea:67: 89:b5:df:9e:81:c0:d4:27:89:2e:ed:d7:01:47:20: fd:7f:e9:96:4b:26:63:65:6f:62:8c:dd:11:2b:c3: e5:3f:a6:8a:4c:37:5b:33:70:0e:cd:8a:af:80:c7: d5:fb:ab:21:5b:d0:58:9e:65:a1:08:8d:c0:e6:da: 0e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:C1:D1:66:EA:97:67:09:35:14:3D:F1:F7:02:4B:92:7D:78:D9:21 X509v3 Authority Key Identifier: keyid:34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:94:88:12:b0:4a:de:ff:50:30:0c:5d:b4:2d:f1:db:fb:f7: b0:62:2d:4b:45:81:db:4a:f3:75:8d:e8:d5:4d:bd:dd:31:3e: 86:4a:92:96:cd:6d:23:d6:e0:16:3a:1b:cb:db:e8:a9:3b:7c: 28:97:cc:82:e1:b6:0a:da:47:37:c8:ca:cb:a4:eb:1c:61:d5: 59:21:9e:8a:f5:64:fe:b1:fb:96:bf:3d:69:3e:ec:e7:12:3c: c7:b8:43:11:7f:7d:d1:71:22:1e:bc:97:43:cd:0b:dc:0c:f2: ad:6c:ec:e3:b6:cb:96:8f:d4:d1:df:ee:63:93:71:12:40:3a: fc:e2:d2:3e:59:fb:82:3e:b1:f8:bf:17:8c:7c:5b:61:f8:68: 7c:8d:2f:e7:00:a6:69:5b:75:11:37:fc:a6:69:34:08:d7:75: 97:0d:43:91:5c:05:18:c3:bf:66:5c:10:da:0c:9d:93:e4:3e: 15:9f:86:c1:2a:cc:53:0a:99:ae:49:fd:b5:cc:b7:53:97:85: 81:1c:13:65:3d:dc:9d:ab:17:92:64:c5:69:ec:24:11:f5:de: a9:99:5c:f5:be:1b:aa:15:c6:cd:18:c9:1b:a5:72:a5:9b:be: 92:21:76:7e:f1:f0:09:cb:d0:08:6c:98:cc:99:d4:04:c7:a2: 32:39:b3:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdI3pehC4q5yuwrXzzF+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NzkxNTM4ODU3OGU2MWQ4ODY4NDlhMjFkNzBiYTA3NTE0 OWMxYTEwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD EygxM2MxZDE2NmVhOTc2NzA5MzUxNDNkZjFmNzAyNGI5MjdkNzhkOTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmfPAJvFQe3ULkM0oyJCXhk+FN+3 V7F1fQpyog7u0X9aBuQmUPINE6i+TO4MKKTmdK/e1jyDUyBSe7Ene/NS9QGSE3ul Srcfsk1OtoHn3tXUoIjdlPXGzDVElYUebYjqcttGx3vgmXTkh2cTRJNRHGYiaiaH 2cprxn+t174ZK+64DGLh+R+hCtKUtT5TwmAIJIHOYvsdyDkMvPrucIvpkwxLWJl9 uEq4tpP2nyIbcP70p6KxywUCe/mx7bL35hgV6meJtd+egcDUJ4ku7dcBRyD9f+mW SyZjZW9ijN0RK8PlP6aKTDdbM3AOzYqvgMfV+6shW9BYnmWhCI3A5toOIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBPB0Wbql2cJNRQ98fcCS5J9eNkhMB8GA1UdIwQY MBaAFDR5FTiFeOYdiGhJoh1wugdRScGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzkt ODJkOTdjMDY5NTY2LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzktODJkOTdjMDY5NTY2 LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApSIErBK 3v9QMAxdtC3x2/v3sGItS0WB20rzdY3o1U293TE+hkqSls1tI9bgFjoby9voqTt8 KJfMguG2CtpHN8jKy6TrHGHVWSGeivVk/rH7lr89aT7s5xI8x7hDEX990XEiHryX Q80L3AzyrWzs47bLlo/U0d/uY5NxEkA6/OLSPln7gj6x+L8XjHxbYfhofI0v5wCm aVt1ETf8pmk0CNd1lw1DkVwFGMO/ZlwQ2gydk+Q+FZ+GwSrMUwqZrkn9tcy3U5eF gRwTZT3cnasXkmTFaewkEfXeqZlc9b4bqhXGzRjJG6VypZu+kiF2fvHwCcvQCGyY zJnUBMeiMjmz2w== -----END CERTIFICATE-----Generated at Sat Dec 6 08:13:48 2025 by rpki-client