This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft File: NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json) Hash identifier: otjl1x0Pi2MoWD9Q3zx4LbCbwU/1EeX6W/HShmbEOZk= Subject key identifier: D4:5C:3D:7E:1E:AB:B8:2A:9F:1F:C1:E2:E1:40:22:50:A8:14:07:5F Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24 Certificate issuer: /CN=341e78ae4f119c0184440090cf1d89acc8b22c24 Certificate serial: 019AF49BA537E140826EBB2BEB99FCB0C6AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft Manifest number: 0520 Signing time: Sat 06 Dec 2025 17:00:32 +0000 Manifest this update: Sat 06 Dec 2025 17:00:32 +0000 Manifest next update: Sun 07 Dec 2025 17:00:32 +0000 Files and hashes: 1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: w8cRia3L/HDCM3Cz/tqyn06P1PCuSOpUitH3/000ySU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:a5:37:e1:40:82:6e:bb:2b:eb:99:fc:b0:c6:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24 Validity Not Before: Dec 6 17:00:32 2025 GMT Not After : Dec 7 17:00:32 2025 GMT Subject: CN=d45c3d7e1eabb82a9f1fc1e2e1402250a814075f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:61:cb:8a:7a:e6:e2:db:c6:0c:0e:6e:ac:71: 1e:93:44:6e:91:36:0b:47:eb:40:0a:08:a5:db:9f: 80:5e:f7:db:07:32:92:4f:83:a4:23:e9:b4:7b:81: ad:a5:b5:53:b3:e9:ac:c8:bd:f7:00:6d:b5:c8:47: 4f:45:f1:cd:4b:49:20:5d:2e:2c:45:ad:ac:0f:76: c3:d9:1e:02:f8:a8:ce:ee:7d:be:e1:45:11:97:a4: 37:a1:13:78:a9:57:29:ce:71:7e:0d:5f:76:4c:9b: 01:40:c4:71:7e:75:b3:7d:b3:c2:fb:e1:38:71:1a: ae:83:e3:a8:69:35:db:3e:d4:98:dc:19:5c:ef:56: f0:d0:6a:fb:e6:5b:0a:25:00:09:56:ee:b6:fb:bb: 2a:e7:09:46:be:e6:bd:74:9d:08:99:a6:b6:16:b4: 51:52:fa:0c:e9:31:60:45:1f:74:38:d4:92:fa:2f: 14:b2:79:87:47:94:ce:db:ba:8e:35:6f:4e:69:39: 96:50:38:5a:37:d1:71:c1:76:01:5f:29:cc:44:82: 9e:45:49:d4:bc:ec:7a:67:15:72:1b:13:ee:5a:8e: 9c:2c:06:1f:e8:a0:cd:19:8a:7d:69:61:06:ff:32: 83:96:74:23:2a:08:1f:8e:2b:4a:41:a7:7c:68:38: ac:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:5C:3D:7E:1E:AB:B8:2A:9F:1F:C1:E2:E1:40:22:50:A8:14:07:5F X509v3 Authority Key Identifier: keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:e3:a7:cc:56:ad:87:a3:91:e8:13:7b:67:43:d3:63:71:65: 8b:bb:cb:51:51:c5:94:c0:32:e2:7a:a0:db:92:44:fb:b6:d3: 96:87:de:84:65:8f:b7:be:e2:aa:d0:57:25:f5:00:10:bb:63: dc:27:96:ae:32:61:ea:f8:fa:a0:e4:2f:86:c3:58:85:79:91: 66:f0:53:36:d7:67:20:ef:9e:e5:85:8b:4c:fd:cb:be:3a:6d: da:48:39:9a:23:80:77:7e:08:93:aa:5a:6d:cb:ce:b2:62:61: 3c:a7:d3:bb:f4:ea:02:60:ab:bf:55:ad:75:aa:05:4d:9d:a9: ba:27:46:b8:b4:e8:30:c9:f7:af:9c:b5:f8:05:13:fb:29:36: 24:e9:50:f7:cb:f4:54:78:f4:72:df:d5:13:03:94:59:cc:1a: 21:50:e3:5e:0b:eb:e7:a0:e5:64:19:5a:d3:7a:88:8b:ab:a3: fa:ee:2a:b7:40:45:07:e4:86:ea:3b:8f:8e:86:02:3b:2e:02: e3:be:33:c5:79:43:ea:5f:90:06:d0:7b:4d:e8:e6:2c:32:23: 3e:7a:cf:e0:05:1c:06:7f:f8:f6:27:fb:f3:e9:07:63:cc:a8: 31:1a:b5:8a:6a:50:a2:4a:4b:be:29:5c:b5:9d:a8:0e:2c:f2: c1:63:a7:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m6U34UCCbrsr65n8sMauMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi MjJjMjQwHhcNMjUxMjA2MTcwMDMyWhcNMjUxMjA3MTcwMDMyWjAzMTEwLwYDVQQD EyhkNDVjM2Q3ZTFlYWJiODJhOWYxZmMxZTJlMTQwMjI1MGE4MTQwNzVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2HLinrm4tvGDA5urHEek0RukTYL R+tACgil25+AXvfbBzKST4OkI+m0e4GtpbVTs+msyL33AG21yEdPRfHNS0kgXS4s Ra2sD3bD2R4C+KjO7n2+4UURl6Q3oRN4qVcpznF+DV92TJsBQMRxfnWzfbPC++E4 cRqug+OoaTXbPtSY3Blc71bw0Gr75lsKJQAJVu62+7sq5wlGvua9dJ0Imaa2FrRR UvoM6TFgRR90ONSS+i8UsnmHR5TO27qONW9OaTmWUDhaN9FxwXYBXynMRIKeRUnU vOx6ZxVyGxPuWo6cLAYf6KDNGYp9aWEG/zKDlnQjKggfjitKQad8aDis8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNRcPX4eq7gqnx/B4uFAIlCoFAdfMB8GA1UdIwQY MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOOnzFat h6OR6BN7Z0PTY3Fli7vLUVHFlMAy4nqg25JE+7bTlofehGWPt77iqtBXJfUAELtj 3CeWrjJh6vj6oOQvhsNYhXmRZvBTNtdnIO+e5YWLTP3Lvjpt2kg5miOAd34Ik6pa bcvOsmJhPKfTu/TqAmCrv1WtdaoFTZ2puidGuLToMMn3r5y1+AUT+yk2JOlQ98v0 VHj0ct/VEwOUWcwaIVDjXgvr56DlZBla03qIi6uj+u4qt0BFB+SG6juPjoYCOy4C 474zxXlD6l+QBtB7TejmLDIjPnrP4AUcBn/49if78+kHY8yoMRq1impQokpLvilc tZ2oDizywWOniQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:02:34 2025 by rpki-client