This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft File: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft (raw, json) Hash identifier: pGCTl9u2CZdMUU8iwO+H9ysr796gdMQOMd1SLrJd6vI= Subject key identifier: 47:E7:F2:F3:73:FF:FB:A9:74:6A:86:C9:ED:6C:9B:35:E0:7F:30:7E Authority key identifier: 35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80 Certificate issuer: /CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080 Certificate serial: 019AF12DD27EAB86FF519110FFC06BFBC6CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft Manifest number: 10C6 Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl (hash: Sp3UJrJ8Ss0J2xFM++ZyYXQGMfc8kYtr7Y2wcQbpwHA=) 2: j7uIJiPhcZxIrIipfuK1rqo935Y.roa (hash: 7J2YXXzcaOGsarNoeRvp5q8jGItI0Hy8Dxn5tPP/JpQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d2:7e:ab:86:ff:51:91:10:ff:c0:6b:fb:c6:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3514ff67f3b8d4f6f6bda23ecbbc7b0f09fe6080 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=47e7f2f373fffba9746a86c9ed6c9b35e07f307e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:88:6a:b8:00:6c:89:d7:a5:41:fd:61:1d:2b: 05:98:37:6d:0e:d2:8c:7c:e8:89:cc:59:72:ee:ec: 52:dd:e0:e4:ed:30:07:0d:95:08:92:bc:1c:91:f3: 08:2c:24:2c:c6:fc:dc:18:13:0b:53:64:8f:17:3b: e0:2e:8e:8c:de:6e:2a:4b:7e:8c:a1:cd:b3:f9:37: d1:09:d3:eb:ad:04:a9:86:72:9c:0c:07:a0:01:fc: 0a:27:46:c0:b7:43:cd:12:52:7b:c3:4d:8b:ae:18: 15:c2:33:0e:fe:bd:0c:34:b4:97:52:13:45:7a:c8: d3:af:fe:32:6a:f8:fa:8d:ae:49:6a:2d:68:2a:e1: 68:2a:2a:8f:dc:76:cf:12:76:4c:ef:4d:ab:3f:bc: 05:1a:92:2e:88:ab:68:77:ae:14:b9:d1:b0:16:04: 3c:04:6a:ea:49:87:86:d1:3b:6e:e9:cd:12:38:99: 13:d5:0f:c6:07:80:31:ff:fb:0c:15:cd:6f:a5:82: c2:b3:43:de:c4:d4:76:7e:14:e3:69:9c:32:7d:bc: ec:43:e2:f0:df:b3:17:db:ab:aa:2f:17:2c:9f:1c: 40:bf:c9:5b:00:34:df:e5:87:38:92:5e:73:43:89: 8a:15:61:22:07:93:ac:b4:bf:e9:ca:c3:01:27:10: 3b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:E7:F2:F3:73:FF:FB:A9:74:6A:86:C9:ED:6C:9B:35:E0:7F:30:7E X509v3 Authority Key Identifier: keyid:35:14:FF:67:F3:B8:D4:F6:F6:BD:A2:3E:CB:BC:7B:0F:09:FE:60:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a815b3-c48c-4ff9-989d-8854c92d47b1/1/NRT_Z_O41Pb2vaI-y7x7Dwn-YIA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:db:cf:0a:e9:e8:ae:89:fe:0c:71:c2:20:81:84:24:b6:85: ad:26:d0:b9:a6:1f:a6:c6:7a:4e:98:72:b6:28:7a:73:a1:0b: 4b:08:41:bb:bc:77:82:67:89:9a:19:44:0a:17:55:0b:40:8c: 69:fb:d7:65:df:76:42:6f:1e:1c:20:6e:03:35:19:cd:77:6e: a7:67:4a:30:c8:e5:a1:9c:23:bc:d0:a3:8d:b1:c2:fd:53:c1: 73:c3:d3:93:95:4f:eb:78:2e:51:dc:ac:0f:ba:fb:d0:70:c9: 17:ab:57:3f:48:48:0f:14:5a:31:55:42:b6:66:9a:81:3c:6b: 6a:de:74:2a:44:9b:c2:45:5d:13:b7:09:5d:ca:c1:5c:fc:fd: 2b:f5:87:18:a0:9c:2d:3e:2b:c4:4a:eb:2f:52:9a:d6:5a:89: ec:87:ff:fb:a5:e5:6c:78:5c:19:46:0d:f6:08:cf:e2:e8:76: 77:fa:81:f8:23:e3:fa:8a:ae:e5:1c:49:c4:22:04:72:1e:01: 48:77:4a:53:8f:88:0c:cc:9d:0d:d5:d0:d4:8e:b6:ee:af:79: 5e:19:65:53:d6:a9:0a:f0:13:77:53:d2:fa:ca:63:97:d6:df: 55:d5:fc:98:b6:d9:ba:2f:13:8e:3e:c5:d3:fb:d2:7f:6c:21: a9:6b:3d:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdJ+q4b/UZEQ/8Br+8bNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MTRmZjY3ZjNiOGQ0ZjZmNmJkYTIzZWNiYmM3YjBmMDlm ZTYwODAwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD Eyg0N2U3ZjJmMzczZmZmYmE5NzQ2YTg2YzllZDZjOWIzNWUwN2YzMDdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYhquABsidelQf1hHSsFmDdtDtKM fOiJzFly7uxS3eDk7TAHDZUIkrwckfMILCQsxvzcGBMLU2SPFzvgLo6M3m4qS36M oc2z+TfRCdPrrQSphnKcDAegAfwKJ0bAt0PNElJ7w02LrhgVwjMO/r0MNLSXUhNF esjTr/4yavj6ja5Jai1oKuFoKiqP3HbPEnZM702rP7wFGpIuiKtod64UudGwFgQ8 BGrqSYeG0Ttu6c0SOJkT1Q/GB4Ax//sMFc1vpYLCs0PexNR2fhTjaZwyfbzsQ+Lw 37MX26uqLxcsnxxAv8lbADTf5Yc4kl5zQ4mKFWEiB5OstL/pysMBJxA75wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEfn8vNz//updGqGye1smzXgfzB+MB8GA1UdIwQY MBaAFDUU/2fzuNT29r2iPsu8ew8J/mCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQt ODg1NGM5MmQ0N2IxLzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hODE1YjMtYzQ4Yy00ZmY5LTk4OWQtODg1NGM5MmQ0N2Ix LzEvTlJUX1pfTzQxUGIydmFJLXk3eDdEd24tWUlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9vPCuno ron+DHHCIIGEJLaFrSbQuaYfpsZ6Tphytih6c6ELSwhBu7x3gmeJmhlEChdVC0CM afvXZd92Qm8eHCBuAzUZzXdup2dKMMjloZwjvNCjjbHC/VPBc8PTk5VP63guUdys D7r70HDJF6tXP0hIDxRaMVVCtmaagTxrat50KkSbwkVdE7cJXcrBXPz9K/WHGKCc LT4rxErrL1Ka1lqJ7If/+6XlbHhcGUYN9gjP4uh2d/qB+CPj+oqu5RxJxCIEch4B SHdKU4+IDMydDdXQ1I627q95XhllU9apCvATd1PS+spjl9bfVdX8mLbZui8Tjj7F 0/vSf2whqWs9Ug== -----END CERTIFICATE-----Generated at Sat Dec 6 11:08:04 2025 by rpki-client