This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.mft File: Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.mft (raw, json) Hash identifier: o91q0T7OVJzes8Yzflxes5R+nj+K9G2FlbicO+qhYrc= Subject key identifier: 84:A0:82:71:14:3C:C0:F2:3D:E5:59:A0:AE:52:20:63:93:58:05:B8 Authority key identifier: 36:4D:48:8B:8C:73:1B:91:D4:A5:A2:B9:0A:66:6C:EE:BC:0E:18:C9 Certificate issuer: /CN=364d488b8c731b91d4a5a2b90a666ceebc0e18c9 Certificate serial: 019AF12D07FD4C8072A5DB670EF7CA142E7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.mft Manifest number: 0273 Signing time: Sat 06 Dec 2025 01:00:51 +0000 Manifest this update: Sat 06 Dec 2025 01:00:51 +0000 Manifest next update: Sun 07 Dec 2025 01:00:51 +0000 Files and hashes: 1: Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.crl (hash: 9R7gV9iELBR/b8NZBTkjgJAH6eSSbLu94yddGJfO9tk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.crl rsync://rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.mft rsync://rpki.ripe.net/repository/DEFAULT/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:07:fd:4c:80:72:a5:db:67:0e:f7:ca:14:2e:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=364d488b8c731b91d4a5a2b90a666ceebc0e18c9 Validity Not Before: Dec 6 01:00:51 2025 GMT Not After : Dec 7 01:00:51 2025 GMT Subject: CN=84a08271143cc0f23de559a0ae522063935805b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:66:72:52:bf:e2:f0:e8:2f:f7:cf:08:92:ea: e9:ad:97:11:83:eb:6e:e5:ca:c0:29:b3:65:67:f0: da:00:07:70:0b:e1:e6:31:0b:dd:e1:92:ce:df:52: 1a:82:b3:82:cc:cf:ca:90:4f:4b:35:a8:32:0d:40: f7:76:49:30:fc:e8:01:e4:e1:75:61:5f:3c:50:04: 13:f2:7d:b5:65:ea:a0:81:32:e5:ea:4e:b9:fa:d0: d3:3f:dd:42:e6:4c:59:f1:5f:73:f3:9f:ed:ca:79: c2:1d:4f:27:e6:c3:2c:b0:b0:63:21:3e:9e:09:09: 59:91:d7:71:f1:5c:ea:a6:b9:b5:cc:23:da:19:1c: 4d:81:b6:6a:24:e6:db:3e:b1:d9:29:a3:7d:60:85: 74:49:16:b1:3e:d4:1b:d0:84:18:4c:b5:7e:b4:11: f7:9e:c5:38:d6:d2:47:9c:b3:0e:70:d3:8b:12:2a: f2:9b:f7:d7:b5:73:c5:c4:d3:a8:02:8b:dd:8c:43: 09:5f:58:21:8c:71:b5:b6:ff:c8:4b:26:e1:05:3c: b2:3f:bb:5f:55:00:14:fc:40:0a:38:7b:f0:55:80: 01:32:0a:56:3d:ee:4c:11:7c:1a:1f:d4:ba:62:8f: 0d:05:42:3f:98:da:8d:d4:85:5c:c0:52:14:7b:df: b4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A0:82:71:14:3C:C0:F2:3D:E5:59:A0:AE:52:20:63:93:58:05:B8 X509v3 Authority Key Identifier: keyid:36:4D:48:8B:8C:73:1B:91:D4:A5:A2:B9:0A:66:6C:EE:BC:0E:18:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/87f2a0-e07f-4d10-aa9b-2d06eb7f299f/1/Nk1Ii4xzG5HUpaK5CmZs7rwOGMk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:7f:4f:a5:40:f5:9d:58:63:36:4a:9a:3d:8b:67:41:65:9d: 33:18:56:4c:c4:3b:67:d5:5f:d6:19:03:7a:9d:cb:79:1c:fd: a6:4d:a8:79:2d:0b:99:22:a6:90:15:86:87:e3:7e:80:d6:47: 29:41:3f:a5:f6:7c:09:e8:cf:51:d4:09:3f:6c:0a:aa:7e:1e: 62:15:bb:30:ed:b1:16:07:4b:35:15:ba:6a:d0:96:5a:4f:09: 0f:e5:62:83:e2:93:e6:a1:be:2a:39:cf:27:f8:c9:c4:6a:d3: f9:96:05:5b:ca:74:73:ab:03:d0:28:cb:ea:23:d1:39:bb:15: 60:60:62:58:23:93:a2:01:d5:3f:fe:8f:64:35:bc:5c:77:02: 41:7e:94:98:6c:09:03:ae:1b:a9:3b:8a:19:04:3c:9c:0a:b6: ea:f4:c6:e4:9b:23:23:9b:e7:79:6b:c6:cf:b9:8d:22:99:00: a4:89:da:3b:f3:21:d2:94:be:51:e3:4b:d8:ca:6b:c1:79:89: 6b:36:f2:ce:26:ce:fc:90:34:ac:b4:20:2a:2c:a6:a0:91:a8: 5d:f3:9e:d3:af:07:07:b8:cd:92:83:41:af:45:02:32:8f:bc: 58:03:35:3b:56:70:6e:d5:61:7d:33:e9:9c:59:d8:09:f0:d4: a9:6d:8c:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLQf9TIBypdtnDvfKFC58MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2NGQ0ODhiOGM3MzFiOTFkNGE1YTJiOTBhNjY2Y2VlYmMw ZTE4YzkwHhcNMjUxMjA2MDEwMDUxWhcNMjUxMjA3MDEwMDUxWjAzMTEwLwYDVQQD Eyg4NGEwODI3MTE0M2NjMGYyM2RlNTU5YTBhZTUyMjA2MzkzNTgwNWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ZyUr/i8Ogv988IkurprZcRg+tu 5crAKbNlZ/DaAAdwC+HmMQvd4ZLO31IagrOCzM/KkE9LNagyDUD3dkkw/OgB5OF1 YV88UAQT8n21ZeqggTLl6k65+tDTP91C5kxZ8V9z85/tynnCHU8n5sMssLBjIT6e CQlZkddx8Vzqprm1zCPaGRxNgbZqJObbPrHZKaN9YIV0SRaxPtQb0IQYTLV+tBH3 nsU41tJHnLMOcNOLEirym/fXtXPFxNOoAovdjEMJX1ghjHG1tv/ISybhBTyyP7tf VQAU/EAKOHvwVYABMgpWPe5MEXwaH9S6Yo8NBUI/mNqN1IVcwFIUe9+0YwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFISggnEUPMDyPeVZoK5SIGOTWAW4MB8GA1UdIwQY MBaAFDZNSIuMcxuR1KWiuQpmbO68DhjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmsxSWk0eHpHNUhVcGFLNUNtWnM3cndPR01rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84N2YyYTAtZTA3Zi00ZDEwLWFhOWIt MmQwNmViN2YyOTlmLzEvTmsxSWk0eHpHNUhVcGFLNUNtWnM3cndPR01rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS84N2YyYTAtZTA3Zi00ZDEwLWFhOWItMmQwNmViN2YyOTlm LzEvTmsxSWk0eHpHNUhVcGFLNUNtWnM3cndPR01rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACn9PpUD1 nVhjNkqaPYtnQWWdMxhWTMQ7Z9Vf1hkDep3LeRz9pk2oeS0LmSKmkBWGh+N+gNZH KUE/pfZ8CejPUdQJP2wKqn4eYhW7MO2xFgdLNRW6atCWWk8JD+Vig+KT5qG+KjnP J/jJxGrT+ZYFW8p0c6sD0CjL6iPRObsVYGBiWCOTogHVP/6PZDW8XHcCQX6UmGwJ A64bqTuKGQQ8nAq26vTG5JsjI5vneWvGz7mNIpkApInaO/Mh0pS+UeNL2MprwXmJ azbyzibO/JA0rLQgKiymoJGoXfOe068HB7jNkoNBr0UCMo+8WAM1O1ZwbtVhfTPp nFnYCfDUqW2Mng== -----END CERTIFICATE-----Generated at Sat Dec 6 10:18:38 2025 by rpki-client