This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft File: NUgzKLASxNGWj8IF3gJK8vmx2rw.mft (raw, json) Hash identifier: Qin/pV75ihlGDS9bT89a3iuHigGJqlTDzyapGOtqIvs= Subject key identifier: 57:56:3C:ED:4D:9D:FF:3E:D7:ED:87:69:8F:D6:58:D9:98:AD:5E:64 Authority key identifier: 35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC Certificate issuer: /CN=35483328b012c4d1968fc205de024af2f9b1dabc Certificate serial: 019AF509D2D4A35E40BCFED6E5130801E5B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft Manifest number: 0402 Signing time: Sat 06 Dec 2025 19:00:52 +0000 Manifest this update: Sat 06 Dec 2025 19:00:52 +0000 Manifest next update: Sun 07 Dec 2025 19:00:52 +0000 Files and hashes: 1: NUgzKLASxNGWj8IF3gJK8vmx2rw.crl (hash: pn44jP1P8Vwinfh1nIiyQgXeFPEOWO+OlG68KUPSd7c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:d2:d4:a3:5e:40:bc:fe:d6:e5:13:08:01:e5:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35483328b012c4d1968fc205de024af2f9b1dabc Validity Not Before: Dec 6 19:00:52 2025 GMT Not After : Dec 7 19:00:52 2025 GMT Subject: CN=57563ced4d9dff3ed7ed87698fd658d998ad5e64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:5d:ac:45:27:82:fb:80:01:9b:91:6a:9d:bd: dd:88:53:86:81:f3:53:8c:80:21:b0:87:1c:72:1c: 1c:65:ac:a8:6a:54:12:5f:90:e3:5b:03:94:00:28: b6:bc:e4:f0:d8:5f:9a:d1:5c:b1:6c:f6:82:61:2f: a1:82:59:a0:e1:95:f4:6d:c0:c7:b0:15:a6:4a:c0: 83:bc:27:35:0d:be:b9:90:b8:65:ae:12:a3:1c:9e: 8a:5a:a2:ef:39:7d:3d:bf:47:f3:73:bc:e3:fe:e9: 58:66:c2:0c:bb:f0:f5:8d:c4:1a:83:e2:1e:e2:a8: 8b:4d:4d:b8:85:ee:ec:3e:76:fb:6d:85:56:cd:ff: 73:1e:b4:ca:de:2d:c0:c7:b6:9e:6e:49:45:c6:7a: 49:8b:99:22:6d:d9:64:fe:36:bf:49:36:d5:76:8f: 83:7d:5f:14:71:17:8a:6e:c7:f8:d9:c8:06:87:69: 7f:82:71:1c:17:df:58:51:ef:e9:2a:5c:ce:66:66: b6:a3:21:d0:56:72:10:cb:dc:eb:c8:0c:a1:ef:50: 2c:a3:95:e6:7b:1f:ef:31:77:77:27:ec:63:f1:5f: 6e:81:3c:82:f5:11:60:cb:2d:71:1d:9c:36:ea:cb: f0:0b:be:e1:95:15:fa:34:ed:2f:5e:0f:98:05:e1: 73:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:56:3C:ED:4D:9D:FF:3E:D7:ED:87:69:8F:D6:58:D9:98:AD:5E:64 X509v3 Authority Key Identifier: keyid:35:48:33:28:B0:12:C4:D1:96:8F:C2:05:DE:02:4A:F2:F9:B1:DA:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUgzKLASxNGWj8IF3gJK8vmx2rw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/91070a-0a96-49df-acff-ec567575418b/1/NUgzKLASxNGWj8IF3gJK8vmx2rw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:3e:62:f4:54:f2:af:72:ec:5a:d4:43:4d:41:3a:19:34:b0: b9:58:a6:03:66:31:25:c2:33:ff:bb:18:07:45:be:9e:a4:43: da:8b:c4:43:b0:be:fb:5e:8f:8d:69:d2:83:80:2f:14:bd:2f: cf:f4:ca:b7:00:c7:6b:57:0d:02:56:04:17:7f:e2:e5:8e:b5: 3b:9f:94:71:af:4e:99:14:a0:fa:b6:41:76:e3:f4:b0:6d:2d: 5e:7a:08:fe:7d:65:ef:c3:18:a0:a4:43:e8:86:2d:e8:e8:ff: af:b8:7f:aa:39:06:cc:d8:86:d9:f8:3b:13:e9:e1:4e:46:9c: 71:74:f1:c9:5e:7f:d7:dd:30:a5:0c:d3:31:62:78:42:12:43: b1:7d:7c:da:1e:8f:4c:a6:e2:05:48:a1:24:61:bf:37:a1:00: 8a:82:46:11:ca:10:ae:e9:d5:30:29:ee:a8:db:20:bd:56:f5: fb:81:1f:17:2b:ab:0f:9b:79:68:95:6f:c3:81:bd:72:bf:0b: 41:1d:a2:66:85:f3:b2:bf:5d:07:cc:40:7e:09:8b:f0:9c:28: a1:c1:d1:fe:4c:1c:9b:b2:ea:c8:7b:f0:5d:99:d8:5a:e1:ee: 61:79:21:31:28:2a:3a:35:ef:84:91:75:b9:2c:d5:ee:f6:a6: 59:30:a3:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CdLUo15AvP7W5RMIAeWyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NDgzMzI4YjAxMmM0ZDE5NjhmYzIwNWRlMDI0YWYyZjli MWRhYmMwHhcNMjUxMjA2MTkwMDUyWhcNMjUxMjA3MTkwMDUyWjAzMTEwLwYDVQQD Eyg1NzU2M2NlZDRkOWRmZjNlZDdlZDg3Njk4ZmQ2NThkOTk4YWQ1ZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF2sRSeC+4ABm5Fqnb3diFOGgfNT jIAhsIccchwcZayoalQSX5DjWwOUACi2vOTw2F+a0VyxbPaCYS+hglmg4ZX0bcDH sBWmSsCDvCc1Db65kLhlrhKjHJ6KWqLvOX09v0fzc7zj/ulYZsIMu/D1jcQag+Ie 4qiLTU24he7sPnb7bYVWzf9zHrTK3i3Ax7aebklFxnpJi5kibdlk/ja/STbVdo+D fV8UcReKbsf42cgGh2l/gnEcF99YUe/pKlzOZma2oyHQVnIQy9zryAyh71Aso5Xm ex/vMXd3J+xj8V9ugTyC9RFgyy1xHZw26svwC77hlRX6NO0vXg+YBeFzFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFdWPO1Nnf8+1+2HaY/WWNmYrV5kMB8GA1UdIwQY MBaAFDVIMyiwEsTRlo/CBd4CSvL5sdq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYt ZWM1Njc1NzU0MThiLzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85MTA3MGEtMGE5Ni00OWRmLWFjZmYtZWM1Njc1NzU0MThi LzEvTlVnektMQVN4TkdXajhJRjNnSks4dm14MnJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuj5i9FTy r3LsWtRDTUE6GTSwuVimA2YxJcIz/7sYB0W+nqRD2ovEQ7C++16PjWnSg4AvFL0v z/TKtwDHa1cNAlYEF3/i5Y61O5+Uca9OmRSg+rZBduP0sG0tXnoI/n1l78MYoKRD 6IYt6Oj/r7h/qjkGzNiG2fg7E+nhTkaccXTxyV5/190wpQzTMWJ4QhJDsX182h6P TKbiBUihJGG/N6EAioJGEcoQrunVMCnuqNsgvVb1+4EfFyurD5t5aJVvw4G9cr8L QR2iZoXzsr9dB8xAfgmL8JwoocHR/kwcm7LqyHvwXZnYWuHuYXkhMSgqOjXvhJF1 uSzV7vamWTCj0g== -----END CERTIFICATE-----Generated at Sun Dec 7 01:54:35 2025 by rpki-client