This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.mft File: NmTkRiopAqUvgm2uOFZXMe_FvdM.mft (raw, json) Hash identifier: rKdgD++G8/J+Si1RxLcirPVt6sgiIO6qbC2hzUIXI4Q= Subject key identifier: 35:FF:2A:A4:43:11:E2:11:B0:64:08:55:C4:F0:A3:D7:FD:01:9A:21 Authority key identifier: 36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3 Certificate issuer: /CN=3664e4462a2902a52f826dae38565731efc5bdd3 Certificate serial: 019B4136FE1348FC0D0387A9070C47E881C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.mft Manifest number: 16DA Signing time: Sun 21 Dec 2025 14:01:21 +0000 Manifest this update: Sun 21 Dec 2025 14:01:21 +0000 Manifest next update: Mon 22 Dec 2025 14:01:21 +0000 Files and hashes: 1: NmTkRiopAqUvgm2uOFZXMe_FvdM.crl (hash: dxb7i0a/6ehFSV3k9U5WOx2Dqc2/J/IRYDpza4/H/48=) 2: bRSiH3Ltu0n345442eKdUINyK3s.roa (hash: WObRy2TpZce8N0K21ZTeL8NwUXrbmFADn/Y+S73z7rk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.mft rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:fe:13:48:fc:0d:03:87:a9:07:0c:47:e8:81:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3664e4462a2902a52f826dae38565731efc5bdd3 Validity Not Before: Dec 21 14:01:21 2025 GMT Not After : Dec 22 14:01:21 2025 GMT Subject: CN=35ff2aa44311e211b0640855c4f0a3d7fd019a21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:bd:a6:2a:18:d8:df:7f:29:dd:c5:14:ec:be: ab:60:c9:87:f1:b1:07:61:09:c2:69:ad:8e:2f:74: 4b:d9:6f:62:32:16:4e:49:af:64:4f:48:f0:8e:bd: f0:cc:0d:33:16:d2:21:e0:7f:db:39:5c:13:c0:f0: 32:e4:c3:09:93:3f:68:d4:20:74:29:f4:72:b9:c0: fa:f8:19:1a:36:77:9f:ab:dd:37:7a:8e:47:5b:87: 25:77:ec:86:c3:38:ab:72:75:2b:22:94:42:4e:08: bb:9f:a5:05:92:d2:89:ca:e1:e2:e8:8f:7f:5d:6b: 11:03:a7:0d:b4:50:ce:23:48:dd:e3:5e:ed:ae:f6: 33:aa:96:02:f0:46:52:58:3b:ef:75:a0:ac:4f:02: 46:90:fa:ca:af:97:3d:55:03:3a:4f:6f:79:78:e9: d2:83:08:51:48:dd:d0:93:c4:a2:12:72:7c:46:23: 16:63:b4:d9:ad:bf:a7:aa:f7:6a:2f:98:c6:d7:aa: fa:b7:14:e5:c5:5c:d4:97:50:22:da:9d:b2:53:83: 3b:2f:77:b9:da:46:6b:93:8c:c1:16:b6:de:c3:d5: 6b:9e:4b:6b:04:69:b7:f5:1f:12:e0:20:07:2e:37: 97:a4:a7:a7:a6:f2:1b:09:e6:88:c6:66:15:a4:93: 77:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:FF:2A:A4:43:11:E2:11:B0:64:08:55:C4:F0:A3:D7:FD:01:9A:21 X509v3 Authority Key Identifier: keyid:36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:9b:6c:fa:83:a3:83:d6:ca:26:57:05:43:e5:10:0b:37:74: 0d:33:83:ce:35:9c:0f:8d:25:f8:b5:f7:33:2a:1f:f5:0a:ae: 93:8b:7e:b4:23:41:03:14:9e:19:a0:20:7d:23:02:b0:fd:98: 58:23:2f:5c:d6:73:17:86:38:3e:ed:56:18:9e:15:51:72:d8: 4d:4d:fd:d2:f1:79:76:a2:56:64:91:a5:f5:35:14:3d:b9:41: 00:68:a9:43:75:41:8f:6c:bb:da:29:21:f2:ef:21:6d:a4:9d: a3:10:9a:da:26:5e:27:78:1e:eb:b8:04:c0:f9:3f:3f:f4:69: 86:09:a7:0e:7f:b1:10:eb:73:26:d9:24:aa:69:c0:64:c6:7b: c7:0d:aa:5e:5f:76:49:16:aa:df:22:28:93:86:ac:67:7a:7d: 18:5b:24:3e:53:7e:b9:27:16:36:26:ba:e7:86:ba:0c:8f:71: 61:56:66:24:42:33:df:b2:41:d5:34:34:97:ad:83:06:c8:5d: 2b:9d:23:36:a6:18:c1:91:be:06:37:a3:83:c7:50:47:2a:55: fd:00:1e:17:9f:2f:a6:7e:4a:e4:31:f9:73:5f:87:d7:97:dc: 35:b9:09:d2:9f:aa:42:8e:64:9a:67:16:2b:88:41:79:37:f6: 2b:e2:b4:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNv4TSPwNA4epBwxH6IHJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2NjRlNDQ2MmEyOTAyYTUyZjgyNmRhZTM4NTY1NzMxZWZj NWJkZDMwHhcNMjUxMjIxMTQwMTIxWhcNMjUxMjIyMTQwMTIxWjAzMTEwLwYDVQQD EygzNWZmMmFhNDQzMTFlMjExYjA2NDA4NTVjNGYwYTNkN2ZkMDE5YTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq72mKhjY338p3cUU7L6rYMmH8bEH YQnCaa2OL3RL2W9iMhZOSa9kT0jwjr3wzA0zFtIh4H/bOVwTwPAy5MMJkz9o1CB0 KfRyucD6+BkaNnefq903eo5HW4cld+yGwzircnUrIpRCTgi7n6UFktKJyuHi6I9/ XWsRA6cNtFDOI0jd417trvYzqpYC8EZSWDvvdaCsTwJGkPrKr5c9VQM6T295eOnS gwhRSN3Qk8SiEnJ8RiMWY7TZrb+nqvdqL5jG16r6txTlxVzUl1Ai2p2yU4M7L3e5 2kZrk4zBFrbew9VrnktrBGm39R8S4CAHLjeXpKenpvIbCeaIxmYVpJN34wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDX/KqRDEeIRsGQIVcTwo9f9AZohMB8GA1UdIwQY MBaAFDZk5EYqKQKlL4JtrjhWVzHvxb3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEt YTQ1YjFhNGFjZTU2LzEvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEtYTQ1YjFhNGFjZTU2 LzEvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5ts+oOj g9bKJlcFQ+UQCzd0DTODzjWcD40l+LX3Myof9Qquk4t+tCNBAxSeGaAgfSMCsP2Y WCMvXNZzF4Y4Pu1WGJ4VUXLYTU390vF5dqJWZJGl9TUUPblBAGipQ3VBj2y72ikh 8u8hbaSdoxCa2iZeJ3ge67gEwPk/P/RphgmnDn+xEOtzJtkkqmnAZMZ7xw2qXl92 SRaq3yIok4asZ3p9GFskPlN+uScWNia654a6DI9xYVZmJEIz37JB1TQ0l62DBshd K50jNqYYwZG+Bjejg8dQRypV/QAeF58vpn5K5DH5c1+H15fcNbkJ0p+qQo5kmmcW K4hBeTf2K+K0nQ== -----END CERTIFICATE-----Generated at Sun Dec 21 17:31:51 2025 by rpki-client