This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft File: nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft (raw, json) Hash identifier: h2ug4taOXxwtiaegTrEp32Xgh3MERbY8bXwprvIyphU= Subject key identifier: 86:C0:87:9D:82:96:90:51:68:6B:DF:64:B9:2D:61:CC:54:C1:FE:10 Authority key identifier: 9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A Certificate issuer: /CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a Certificate serial: 019AF31CD451750D15554D9CA476BC1BC805 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft Manifest number: 0233 Signing time: Sat 06 Dec 2025 10:02:24 +0000 Manifest this update: Sat 06 Dec 2025 10:02:24 +0000 Manifest next update: Sun 07 Dec 2025 10:02:24 +0000 Files and hashes: 1: nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl (hash: EGj6rNz9onNcfEwZsHrJFPDyLlRRk6pa6MU0nELSR6U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:d4:51:75:0d:15:55:4d:9c:a4:76:bc:1b:c8:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a Validity Not Before: Dec 6 10:02:24 2025 GMT Not After : Dec 7 10:02:24 2025 GMT Subject: CN=86c0879d82969051686bdf64b92d61cc54c1fe10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9c:6f:71:11:48:39:5d:9c:6b:ef:01:d1:e4: d0:98:25:86:c2:bd:79:08:0f:f0:8c:f5:5b:18:f3: 5f:4a:da:bf:bc:87:17:b7:e5:e8:0f:8f:fb:01:a0: 92:c0:8b:53:14:c4:7e:74:14:d5:50:e7:f4:5d:7c: 64:86:e6:95:33:0f:4a:3e:c6:03:73:bb:92:a1:53: aa:13:6c:d4:66:ab:72:cc:5c:2a:bd:4d:07:3f:f5: d0:61:54:30:95:e7:2b:f5:4a:3c:86:04:b0:bf:39: 4b:b0:41:ce:33:f9:bc:40:60:85:8a:c8:19:f3:8d: 96:e2:17:58:4d:d9:c7:c2:22:53:da:21:95:10:24: 4a:3d:92:27:45:e8:f7:1b:ea:16:84:07:d9:72:70: 2a:84:4b:40:75:34:e4:5a:7c:b7:9e:3c:c1:6f:b4: 6c:90:83:54:f6:b0:c6:99:b7:dd:94:a7:52:0e:b7: 33:73:e9:ff:5b:a2:aa:ec:9f:17:be:2e:e7:f3:3b: dc:6c:34:06:81:14:4b:e7:92:37:60:10:51:8c:f2: b9:d9:c8:79:ff:60:5f:ff:da:e7:58:9b:58:02:fd: 21:ca:d0:2d:1c:0d:42:9f:7f:31:12:7b:04:e4:94: 60:e3:5d:ad:bd:07:f5:b3:ca:2c:a1:8b:46:40:bd: 20:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:C0:87:9D:82:96:90:51:68:6B:DF:64:B9:2D:61:CC:54:C1:FE:10 X509v3 Authority Key Identifier: keyid:9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:7d:19:c1:e8:08:2d:5c:33:27:64:87:9e:a0:6b:82:1f:b8: 6a:fd:ea:3d:a2:cb:0f:91:27:d7:08:82:c7:01:9d:a8:3b:a1: 5c:3c:a7:09:ab:7a:d8:f8:e2:77:98:16:66:a2:ad:57:f1:cb: 1f:24:8b:ca:e8:8d:4f:5d:7c:ae:70:42:47:10:89:42:a2:e8: 4b:7b:e8:72:aa:89:10:16:bb:f3:8e:c1:a6:e4:13:3c:d7:60: 30:fb:e9:66:9d:8f:6a:2a:2e:c5:98:91:fe:35:42:6d:9e:12: 32:74:1c:f0:78:4a:8b:25:ed:d7:c7:fc:4b:63:5a:be:b8:5c: fa:4b:2d:dc:15:9e:81:69:14:0a:c5:85:38:66:60:09:0d:04: 08:89:49:23:12:a8:e0:a4:ad:30:5f:d4:57:77:81:e2:e7:42: 4c:4d:fe:e3:be:59:b3:12:4f:ec:cd:a4:38:41:b9:ae:82:52: 7b:a8:62:86:6f:02:b3:74:4f:f5:82:d7:53:28:5e:b5:ec:08: b0:7f:60:27:83:35:f7:9d:d1:be:1d:86:e3:48:e1:64:3d:d6: c2:bd:dc:23:5e:db:7b:fc:1d:b8:70:a5:29:ac:61:42:e7:ce: 46:3e:48:d2:73:2b:ef:5b:d0:7f:64:e8:0e:3b:4f:ff:58:27: 66:ac:e2:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHNRRdQ0VVU2cpHa8G8gFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNzY1MGU0NTNiOThmNmY0ZGQzMzM2MzNhZmZhYmJhMmMw YzhmOGEwHhcNMjUxMjA2MTAwMjI0WhcNMjUxMjA3MTAwMjI0WjAzMTEwLwYDVQQD Eyg4NmMwODc5ZDgyOTY5MDUxNjg2YmRmNjRiOTJkNjFjYzU0YzFmZTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJxvcRFIOV2ca+8B0eTQmCWGwr15 CA/wjPVbGPNfStq/vIcXt+XoD4/7AaCSwItTFMR+dBTVUOf0XXxkhuaVMw9KPsYD c7uSoVOqE2zUZqtyzFwqvU0HP/XQYVQwlecr9Uo8hgSwvzlLsEHOM/m8QGCFisgZ 842W4hdYTdnHwiJT2iGVECRKPZInRej3G+oWhAfZcnAqhEtAdTTkWny3njzBb7Rs kINU9rDGmbfdlKdSDrczc+n/W6Kq7J8Xvi7n8zvcbDQGgRRL55I3YBBRjPK52ch5 /2Bf/9rnWJtYAv0hytAtHA1Cn38xEnsE5JRg412tvQf1s8osoYtGQL0grwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbAh52ClpBRaGvfZLktYcxUwf4QMB8GA1UdIwQY MBaAFJ12UORTuY9vTdMzYzr/q7osDI+KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2It ZDI0MWY5ZWM1MDQxLzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2ItZDI0MWY5ZWM1MDQx LzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgn0ZwegI LVwzJ2SHnqBrgh+4av3qPaLLD5En1wiCxwGdqDuhXDynCat62Pjid5gWZqKtV/HL HySLyuiNT118rnBCRxCJQqLoS3vocqqJEBa7847BpuQTPNdgMPvpZp2PaiouxZiR /jVCbZ4SMnQc8HhKiyXt18f8S2Navrhc+kst3BWegWkUCsWFOGZgCQ0ECIlJIxKo 4KStMF/UV3eB4udCTE3+475ZsxJP7M2kOEG5roJSe6hihm8Cs3RP9YLXUyhetewI sH9gJ4M1953Rvh2G40jhZD3Wwr3cI17be/wduHClKaxhQufORj5I0nMr71vQf2To DjtP/1gnZqziZA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:34:23 2025 by rpki-client