This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json) Hash identifier: m73CN4kI9cDnVw4uLKx4nfXNsn146VbpUW3DZmRChlw= Subject key identifier: 6D:7A:88:35:73:4F:9A:FB:1B:45:F4:24:F6:3C:B3:96:AD:D8:F1:3D Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9 Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9 Certificate serial: 019AF1D19C90200F10E87E0FDE465C2D1E13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft Manifest number: 0FFA Signing time: Sat 06 Dec 2025 04:00:37 +0000 Manifest this update: Sat 06 Dec 2025 04:00:37 +0000 Manifest next update: Sun 07 Dec 2025 04:00:37 +0000 Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=) 2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: I1Yw4oOegZwqIFShdVbBqDf7YWd30Q6GKDc533gdySo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:9c:90:20:0f:10:e8:7e:0f:de:46:5c:2d:1e:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9 Validity Not Before: Dec 6 04:00:37 2025 GMT Not After : Dec 7 04:00:37 2025 GMT Subject: CN=6d7a8835734f9afb1b45f424f63cb396add8f13d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:51:a9:fc:50:53:5f:a7:98:08:c3:46:7f:9b: 19:4f:29:fc:da:99:e6:4f:ca:9d:db:25:1e:56:8e: b7:87:af:3a:24:f5:d2:e5:5b:55:c8:d0:7d:c1:05: 28:64:61:c5:85:20:60:d2:93:05:82:0d:11:3f:57: b0:48:98:bc:b4:83:be:92:dd:d0:3b:5e:ae:35:1b: 4b:33:82:04:36:bc:5e:69:71:ea:5c:28:38:8e:6e: 25:a9:f5:8c:e2:f1:9f:55:04:c6:ad:1d:4f:66:59: be:0f:a6:e1:3a:21:a3:a9:1f:ea:91:21:ce:e2:27: 6e:2e:6c:7b:78:7d:e1:95:5e:55:a2:df:d0:5f:78: bd:a3:23:ad:79:ce:cd:40:90:70:95:b9:5e:29:b6: df:cf:68:f9:45:5d:70:4d:c0:af:3a:6f:60:c4:8d: 83:64:ab:c5:d9:f3:bd:22:1f:de:af:9a:64:15:27: 25:93:33:a2:77:79:aa:02:c5:ff:7e:37:ff:25:c5: 50:97:b6:46:1e:11:01:85:cb:f1:3d:d7:f0:38:9a: 85:36:0c:1a:7e:84:48:c1:1c:cf:2b:2c:d8:61:c5: cf:66:fc:90:71:46:60:e0:20:f4:13:4c:70:a2:75: 31:bd:8f:5c:a4:a8:f0:3f:e9:58:37:d0:35:8a:71: 8f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:7A:88:35:73:4F:9A:FB:1B:45:F4:24:F6:3C:B3:96:AD:D8:F1:3D X509v3 Authority Key Identifier: keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:6e:be:8a:57:3c:80:da:ed:44:03:5e:24:2f:51:57:a8:d9: b4:06:73:a7:c0:ab:45:53:2b:c5:fa:18:29:fe:07:4b:a8:82: 51:ba:6c:fd:a6:20:04:61:50:85:e4:a5:03:fa:55:b1:b6:12: 18:f2:b4:7f:27:2c:a8:fc:32:76:3c:4b:aa:a1:7a:29:34:85: 26:8d:66:dc:79:44:e5:9b:8a:1c:d2:14:bb:b7:2c:60:3e:7b: 1e:da:57:59:57:cf:a9:db:ce:b2:23:45:13:a9:20:2c:b0:9b: a5:35:5d:7a:42:73:82:b7:24:a2:86:ac:80:a2:83:11:81:a4: 93:e3:a4:d3:fd:e6:7b:a7:bb:7d:13:0e:d5:8f:92:e9:d2:dd: bc:2d:05:16:0c:8e:ee:e5:74:fd:af:9d:0a:c3:75:52:fc:5a: ed:77:ae:d7:a7:90:e4:7b:4d:45:02:b1:38:72:ac:c8:f1:cc: 57:50:dd:05:33:f6:ed:25:bb:47:35:69:b7:0d:a3:6a:8c:cf: 1f:ae:b5:eb:f0:ad:2f:c8:33:c6:9b:1e:ef:7a:33:af:9f:7c: 58:1c:db:d8:c9:d9:5e:d0:10:cb:ff:24:01:60:49:c5:ba:bd: 2d:6d:9b:24:ae:7c:0d:42:d8:98:16:d4:f2:f5:30:e1:24:d5: 94:1c:ba:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ZyQIA8Q6H4P3kZcLR4TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx ZTdkYTkwHhcNMjUxMjA2MDQwMDM3WhcNMjUxMjA3MDQwMDM3WjAzMTEwLwYDVQQD Eyg2ZDdhODgzNTczNGY5YWZiMWI0NWY0MjRmNjNjYjM5NmFkZDhmMTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFGp/FBTX6eYCMNGf5sZTyn82pnm T8qd2yUeVo63h686JPXS5VtVyNB9wQUoZGHFhSBg0pMFgg0RP1ewSJi8tIO+kt3Q O16uNRtLM4IENrxeaXHqXCg4jm4lqfWM4vGfVQTGrR1PZlm+D6bhOiGjqR/qkSHO 4iduLmx7eH3hlV5Vot/QX3i9oyOtec7NQJBwlbleKbbfz2j5RV1wTcCvOm9gxI2D ZKvF2fO9Ih/er5pkFSclkzOid3mqAsX/fjf/JcVQl7ZGHhEBhcvxPdfwOJqFNgwa foRIwRzPKyzYYcXPZvyQcUZg4CD0E0xwonUxvY9cpKjwP+lYN9A1inGP9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG16iDVzT5r7G0X0JPY8s5at2PE9MB8GA1UdIwQY MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABm6+ilc8 gNrtRANeJC9RV6jZtAZzp8CrRVMrxfoYKf4HS6iCUbps/aYgBGFQheSlA/pVsbYS GPK0fycsqPwydjxLqqF6KTSFJo1m3HlE5ZuKHNIUu7csYD57HtpXWVfPqdvOsiNF E6kgLLCbpTVdekJzgrckooasgKKDEYGkk+Ok0/3me6e7fRMO1Y+S6dLdvC0FFgyO 7uV0/a+dCsN1Uvxa7Xeu16eQ5HtNRQKxOHKsyPHMV1DdBTP27SW7RzVptw2jaozP H6616/CtL8gzxpse73ozr598WBzb2MnZXtAQy/8kAWBJxbq9LW2bJK58DULYmBbU 8vUw4STVlBy6rQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:39:23 2025 by rpki-client