This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft File: ndVRnFTz4jtOEhKogIM58pXaSzQ.mft (raw, json) Hash identifier: x2F2kF2nnO+d7Kmi/jOOnGiF2OOmy79FbelTwXD10JI= Subject key identifier: C0:68:75:2D:89:65:0F:7D:C4:65:E5:47:C9:D9:DF:A5:29:82:A1:6E Authority key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34 Certificate issuer: /CN=9dd5519c54f3e23b4e1212a8808339f295da4b34 Certificate serial: 019AF3C02E975BFAE5E8E7D1A821F81D44F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 13:00:49 +0000 Manifest this update: Sat 06 Dec 2025 13:00:49 +0000 Manifest next update: Sun 07 Dec 2025 13:00:49 +0000 Files and hashes: 1: ndVRnFTz4jtOEhKogIM58pXaSzQ.crl (hash: FEd8nkXKWcYGdcQV1O1Qi5VVgOt04QAG63q/q35OL/0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:2e:97:5b:fa:e5:e8:e7:d1:a8:21:f8:1d:44:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34 Validity Not Before: Dec 6 13:00:49 2025 GMT Not After : Dec 7 13:00:49 2025 GMT Subject: CN=c068752d89650f7dc465e547c9d9dfa52982a16e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:15:9b:c4:f0:4d:e5:62:0a:08:be:d4:77:a0: 25:2c:22:80:ef:7d:dc:8e:5b:eb:b3:86:23:1f:d4: 3b:cd:96:9d:c9:e5:c6:5c:b6:2d:23:c6:4c:14:63: c5:a2:39:3c:b2:1c:d1:ed:35:6b:39:4f:09:d8:97: b4:2e:23:88:6e:f0:67:02:b4:1c:ed:78:70:ab:e9: c9:76:b6:00:ed:ba:f6:96:88:b3:c8:91:bf:8d:54: 71:a1:89:d9:5d:ed:ff:74:c0:99:65:2c:a4:7e:f3: 08:b9:50:d3:a0:63:e7:a6:df:b1:31:33:1f:18:41: cc:d1:df:e5:74:eb:c7:2e:5d:8c:5a:99:88:c3:2e: d8:1b:0c:ac:ca:15:f0:c8:5d:0d:c6:6b:40:9b:92: 9d:de:3c:cc:44:79:1d:e6:f0:cd:24:e5:8d:ff:8e: e7:54:a1:79:ea:09:6d:43:53:49:95:b0:ab:41:27: f8:4c:8f:4e:dd:b9:4e:90:c4:00:8c:74:20:48:40: 42:1d:90:2b:8f:59:ba:8c:db:12:58:32:df:d0:f6: 7d:b8:ee:9a:71:1e:0f:97:fa:22:08:b3:17:f7:fb: 3f:ff:b0:96:53:72:04:34:9a:cb:e6:ac:bc:71:55: 7b:48:9f:0e:0f:eb:ea:f9:0b:95:94:62:d1:b9:d6: 79:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:68:75:2D:89:65:0F:7D:C4:65:E5:47:C9:D9:DF:A5:29:82:A1:6E X509v3 Authority Key Identifier: keyid:9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:26:3b:4f:78:b9:dc:03:d7:f3:45:a2:b8:5e:ff:54:d9:a9: 85:e2:47:a4:06:90:0d:a2:1b:07:92:dc:eb:63:9b:e9:aa:bc: d0:0b:87:b5:8c:2d:e3:ac:10:31:5f:81:81:72:3f:91:02:d5: 72:94:99:f2:d2:6b:5a:0f:6c:e1:9c:66:da:9e:0a:3c:35:a7: ab:6b:57:88:f0:c5:8f:1a:84:e0:ee:07:b1:3a:e4:97:28:c5: 6a:cd:31:f8:61:c1:2b:15:72:c3:e0:0c:4e:e2:d6:7e:8c:27: 95:9d:77:78:95:c8:5a:d7:23:c7:a5:48:3c:66:2a:87:10:1a: 37:33:e4:86:ab:71:c4:70:f8:24:14:68:15:51:4e:6b:22:66: 64:1f:a8:65:17:0f:54:4c:cb:b8:d3:df:c6:eb:61:03:c2:a6: 00:60:d5:61:f7:54:07:65:50:f8:a6:0d:51:fb:ea:79:f1:70: 1a:5f:33:eb:9f:52:d0:b6:71:32:dc:cb:d4:d6:16:6a:9d:e1: 12:50:f5:0d:ff:44:16:33:87:42:af:2f:bc:ed:99:e2:7f:3e: a1:31:14:6e:e4:4a:45:d4:d4:70:f8:db:94:77:90:7c:40:41: a0:d1:4c:00:e6:bb:0b:e1:54:b9:90:ab:8a:ca:8a:6b:14:08: d5:e6:ee:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwC6XW/rl6OfRqCH4HUTwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkZDU1MTljNTRmM2UyM2I0ZTEyMTJhODgwODMzOWYyOTVk YTRiMzQwHhcNMjUxMjA2MTMwMDQ5WhcNMjUxMjA3MTMwMDQ5WjAzMTEwLwYDVQQD EyhjMDY4NzUyZDg5NjUwZjdkYzQ2NWU1NDdjOWQ5ZGZhNTI5ODJhMTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRWbxPBN5WIKCL7Ud6AlLCKA733c jlvrs4YjH9Q7zZadyeXGXLYtI8ZMFGPFojk8shzR7TVrOU8J2Je0LiOIbvBnArQc 7Xhwq+nJdrYA7br2loizyJG/jVRxoYnZXe3/dMCZZSykfvMIuVDToGPnpt+xMTMf GEHM0d/ldOvHLl2MWpmIwy7YGwysyhXwyF0NxmtAm5Kd3jzMRHkd5vDNJOWN/47n VKF56gltQ1NJlbCrQSf4TI9O3blOkMQAjHQgSEBCHZArj1m6jNsSWDLf0PZ9uO6a cR4Pl/oiCLMX9/s//7CWU3IENJrL5qy8cVV7SJ8OD+vq+QuVlGLRudZ5ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMBodS2JZQ99xGXlR8nZ36UpgqFuMB8GA1UdIwQY MBaAFJ3VUZxU8+I7ThISqICDOfKV2ks0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYt OGY4YTc3MTE3MTdmLzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYtOGY4YTc3MTE3MTdm LzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATiY7T3i5 3APX80WiuF7/VNmpheJHpAaQDaIbB5Lc62Ob6aq80AuHtYwt46wQMV+BgXI/kQLV cpSZ8tJrWg9s4Zxm2p4KPDWnq2tXiPDFjxqE4O4HsTrklyjFas0x+GHBKxVyw+AM TuLWfownlZ13eJXIWtcjx6VIPGYqhxAaNzPkhqtxxHD4JBRoFVFOayJmZB+oZRcP VEzLuNPfxuthA8KmAGDVYfdUB2VQ+KYNUfvqefFwGl8z659S0LZxMtzL1NYWap3h ElD1Df9EFjOHQq8vvO2Z4n8+oTEUbuRKRdTUcPjblHeQfEBBoNFMAOa7C+FUuZCr isqKaxQI1ebuZQ== -----END CERTIFICATE-----Generated at Sat Dec 6 23:01:18 2025 by rpki-client