This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft File: nQhzWjV9MfqK2jHinxlYam_9lZI.mft (raw, json) Hash identifier: QepyniVaqBIqDrQSkB9Uct42ATZX/yjp+UijTOZEc+Q= Subject key identifier: 1D:E0:28:44:87:88:85:C0:AD:44:38:47:37:A4:05:8F:14:BA:19:3C Authority key identifier: 9D:08:73:5A:35:7D:31:FA:8A:DA:31:E2:9F:19:58:6A:6F:FD:95:92 Certificate issuer: /CN=9d08735a357d31fa8ada31e29f19586a6ffd9592 Certificate serial: 019AF12E15215099B5AD5BE9ADCA7E07E85D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft Manifest number: 06B0 Signing time: Sat 06 Dec 2025 01:02:00 +0000 Manifest this update: Sat 06 Dec 2025 01:02:00 +0000 Manifest next update: Sun 07 Dec 2025 01:02:00 +0000 Files and hashes: 1: nQhzWjV9MfqK2jHinxlYam_9lZI.crl (hash: VWj0d3Oxa57kqNTpKPR0A1qgCj5T+AE4aP+qXPpv8Hw=) 2: zCy2TEUINZmipMaXJF_ZJiCXKXs.roa (hash: kFNybXZv7aLQUvfMaX6TQe+E+VLOfa/7bi5eq9XGzik=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.crl rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:15:21:50:99:b5:ad:5b:e9:ad:ca:7e:07:e8:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d08735a357d31fa8ada31e29f19586a6ffd9592 Validity Not Before: Dec 6 01:02:00 2025 GMT Not After : Dec 7 01:02:00 2025 GMT Subject: CN=1de02844878885c0ad44384737a4058f14ba193c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:8f:ce:4e:f6:a0:98:fb:d0:ae:a6:6b:a5:5d: 7d:70:fa:fb:ad:f9:c6:0e:a4:91:e9:41:67:f4:2c: 98:97:d9:fa:c1:55:cc:18:bd:d4:19:39:31:35:e0: f0:45:37:0b:e6:3b:d5:76:e8:c7:15:b6:89:b7:87: 03:62:01:c0:f5:e8:e8:37:21:c7:8a:a8:b3:9a:a0: 4b:c8:7e:70:bf:c1:3f:77:79:cd:31:ca:6f:00:9b: ef:11:ed:ba:a1:bb:ab:1c:dd:04:32:a0:94:6a:21: b9:a5:66:59:9a:04:1e:a6:29:cd:30:79:04:1e:12: 78:32:5d:5c:5d:fd:17:bc:47:e8:9a:73:eb:ce:12: 3b:ed:fc:48:d9:e8:16:c0:e4:0e:c8:ec:5e:5b:53: 64:b3:0b:2c:ce:9e:a3:16:a8:73:65:a1:9a:0b:e0: 30:d1:98:16:bc:76:7b:d3:52:73:8e:48:74:dc:9a: d6:39:62:7b:b7:20:2f:08:c8:4f:69:8e:c9:9a:52: c4:b8:89:7f:10:5f:bf:5c:14:4b:f8:d5:be:cc:53: 11:44:d4:e2:b4:65:f0:5a:08:6d:ef:f1:26:52:90: 83:1a:a8:f0:c3:9a:a9:ea:cc:f4:29:29:63:d5:03: e3:7e:b7:8a:6d:1d:aa:01:c1:15:ff:f9:af:83:e7: 69:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:E0:28:44:87:88:85:C0:AD:44:38:47:37:A4:05:8F:14:BA:19:3C X509v3 Authority Key Identifier: keyid:9D:08:73:5A:35:7D:31:FA:8A:DA:31:E2:9F:19:58:6A:6F:FD:95:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQhzWjV9MfqK2jHinxlYam_9lZI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cf4d9e-59c9-4f9f-8f32-a348821ca1e0/1/nQhzWjV9MfqK2jHinxlYam_9lZI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:48:ac:ad:b9:ce:6e:1c:2c:9b:88:fd:29:82:70:97:14:ec: 94:cc:a6:a4:40:76:ac:7e:48:6b:28:7a:01:75:ec:fa:cd:b2: 82:ed:da:eb:69:fa:8b:c2:d7:98:47:b4:81:9a:41:0b:fa:cc: d8:e3:d7:b7:b6:cd:4b:a7:29:88:72:b7:2c:b5:65:04:77:61: 9b:88:eb:ad:6b:1a:71:83:78:bc:50:ab:f5:b4:6f:88:cb:0b: 8e:33:9c:21:04:81:cf:46:50:8d:46:5a:48:bd:1e:9e:ad:0e: 09:90:e3:d5:19:c3:d4:a6:e4:c2:6c:0f:bc:30:6b:d8:6c:c8: 90:20:e5:6d:76:ef:2b:04:cf:3a:c2:0d:fd:45:fd:ae:fb:60: ec:24:d8:e4:f8:69:dd:eb:1d:1b:f2:db:68:55:1c:60:29:99: bd:98:91:7c:91:3a:92:20:88:3e:00:5b:3e:ea:9f:4b:41:45: f0:d7:eb:99:cb:70:d6:af:27:f6:7b:ac:8d:eb:21:98:2a:16: df:b7:37:3c:6f:bf:31:ba:dc:bc:c5:28:43:29:05:6b:cb:30: b5:e9:2f:07:1d:5f:e7:d5:96:64:45:2b:2d:b5:84:7f:91:ca: 43:3b:ae:53:62:04:bb:a0:53:f6:85:25:6a:a0:12:4e:4e:66: 6e:e9:69:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLhUhUJm1rVvprcp+B+hdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMDg3MzVhMzU3ZDMxZmE4YWRhMzFlMjlmMTk1ODZhNmZm ZDk1OTIwHhcNMjUxMjA2MDEwMjAwWhcNMjUxMjA3MDEwMjAwWjAzMTEwLwYDVQQD EygxZGUwMjg0NDg3ODg4NWMwYWQ0NDM4NDczN2E0MDU4ZjE0YmExOTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY/OTvagmPvQrqZrpV19cPr7rfnG DqSR6UFn9CyYl9n6wVXMGL3UGTkxNeDwRTcL5jvVdujHFbaJt4cDYgHA9ejoNyHH iqizmqBLyH5wv8E/d3nNMcpvAJvvEe26oburHN0EMqCUaiG5pWZZmgQepinNMHkE HhJ4Ml1cXf0XvEfomnPrzhI77fxI2egWwOQOyOxeW1Nkswsszp6jFqhzZaGaC+Aw 0ZgWvHZ701Jzjkh03JrWOWJ7tyAvCMhPaY7JmlLEuIl/EF+/XBRL+NW+zFMRRNTi tGXwWght7/EmUpCDGqjww5qp6sz0KSlj1QPjfreKbR2qAcEV//mvg+dpXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3gKESHiIXArUQ4RzekBY8Uuhk8MB8GA1UdIwQY MBaAFJ0Ic1o1fTH6itox4p8ZWGpv/ZWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZjRkOWUtNTljOS00ZjlmLThmMzIt YTM0ODgyMWNhMWUwLzEvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9jZjRkOWUtNTljOS00ZjlmLThmMzItYTM0ODgyMWNhMWUw LzEvblFoeldqVjlNZnFLMmpIaW54bFlhbV85bFpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoEisrbnO bhwsm4j9KYJwlxTslMympEB2rH5Iayh6AXXs+s2ygu3a62n6i8LXmEe0gZpBC/rM 2OPXt7bNS6cpiHK3LLVlBHdhm4jrrWsacYN4vFCr9bRviMsLjjOcIQSBz0ZQjUZa SL0enq0OCZDj1RnD1KbkwmwPvDBr2GzIkCDlbXbvKwTPOsIN/UX9rvtg7CTY5Php 3esdG/LbaFUcYCmZvZiRfJE6kiCIPgBbPuqfS0FF8Nfrmctw1q8n9nusjeshmCoW 37c3PG+/MbrcvMUoQykFa8swtekvBx1f59WWZEUrLbWEf5HKQzuuU2IEu6BT9oUl aqASTk5mbulppA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:02:21 2025 by rpki-client