This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft File: NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json) Hash identifier: uxAljp7aMdeShv831UIKJMxJMoE4uQPkvKoY3ANH/Mg= Subject key identifier: 89:3E:56:1B:78:9C:E5:75:63:5C:F8:5A:9D:69:F3:9B:D6:E0:5E:1B Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5 Certificate issuer: /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5 Certificate serial: 019AF31BB52866FD723FA84B265F827A7D42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft Manifest number: 0E59 Signing time: Sat 06 Dec 2025 10:01:10 +0000 Manifest this update: Sat 06 Dec 2025 10:01:10 +0000 Manifest next update: Sun 07 Dec 2025 10:01:10 +0000 Files and hashes: 1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: cmOOoidZgnK9TvXm2EDJ/BMRT7kBMXOAnJqYbkKjutM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:b5:28:66:fd:72:3f:a8:4b:26:5f:82:7a:7d:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5 Validity Not Before: Dec 6 10:01:10 2025 GMT Not After : Dec 7 10:01:10 2025 GMT Subject: CN=893e561b789ce575635cf85a9d69f39bd6e05e1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:14:ca:20:e5:c8:db:66:39:a5:cc:8d:bc:3a: b7:1e:59:0e:08:2c:71:50:91:05:0e:a9:c2:d3:d9: 60:c2:d6:39:2e:07:d6:00:fa:8f:1d:55:99:ba:9b: 9f:61:59:27:8b:61:06:ff:e2:b0:10:d5:48:99:57: 41:5c:bd:cf:0d:ef:6a:f0:81:6c:81:a9:30:3f:57: dc:37:61:a4:44:59:f6:61:1f:9f:86:46:ea:95:2d: ae:de:be:47:c1:a9:63:fa:74:96:9c:2d:a7:6a:90: 55:12:fe:49:60:9e:67:70:df:2c:4b:7e:f5:fa:a2: ae:33:f4:15:d3:bf:e8:03:9d:20:78:02:b2:d2:e9: b2:17:5a:fe:30:c6:98:80:10:bd:c1:aa:7f:9a:ff: 95:b9:c6:5c:a1:32:85:88:72:0c:66:f8:15:d7:1b: 34:12:31:d0:65:87:39:f4:8c:c6:0e:9f:47:88:f0: 75:32:8c:a3:06:3b:ba:1d:7f:1c:4a:60:f6:bd:5a: 92:b6:cb:72:d4:19:d4:b7:28:b1:03:a8:21:66:a4: 5f:e1:a8:23:a8:f3:2e:ac:47:b5:03:03:6a:51:af: 6c:02:0d:65:cc:de:7c:f9:c3:b3:e5:f0:fb:47:ff: 6e:75:ba:57:8c:d0:42:f0:ac:87:22:07:12:ea:05: b7:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3E:56:1B:78:9C:E5:75:63:5C:F8:5A:9D:69:F3:9B:D6:E0:5E:1B X509v3 Authority Key Identifier: keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:a9:a5:5d:ce:43:44:49:78:1d:46:5a:c5:94:2d:0b:4b:d5: e7:a0:87:62:37:45:39:b0:0f:0e:09:b2:72:7e:92:9b:7c:8a: a4:56:d1:6e:84:4a:26:02:19:e7:09:37:17:9b:8c:7d:9e:c8: b6:4e:65:8b:3d:d5:56:b7:bb:c9:38:55:26:0f:5f:d5:1c:27: d9:93:73:ff:95:04:4a:7d:fe:69:85:ef:9f:4e:2d:35:42:f8: be:b8:a8:b5:ec:24:29:52:ec:b5:1b:ca:84:e9:02:56:25:c3: 5b:b9:1a:fc:a1:6a:72:f4:ca:4e:b6:96:f8:f1:e3:a6:69:c6: 19:2e:3e:0a:19:f1:21:93:53:90:9b:19:8a:97:3d:9b:d0:d3: cd:da:54:a3:c0:58:d8:13:ba:a7:a4:f4:8b:13:7d:c9:06:8c: 0b:59:97:f0:d1:c7:4c:04:d2:d2:30:5b:f8:72:43:8d:9b:22: 29:fc:e2:57:2e:57:c1:7a:08:f1:76:01:90:aa:e1:66:b2:f7: d4:80:cf:d0:8a:3b:c1:a4:76:7c:b2:e1:c3:7a:7b:b7:60:3e: f7:ae:cf:b5:38:a8:ff:40:7c:70:dd:2a:53:36:31:d6:b2:67: 7f:65:66:d9:0d:61:9c:ca:43:ca:ee:7f:fb:27:c4:f1:ec:b4: 05:c7:98:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG7UoZv1yP6hLJl+Cen1CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz ZmY2ZDUwHhcNMjUxMjA2MTAwMTEwWhcNMjUxMjA3MTAwMTEwWjAzMTEwLwYDVQQD Eyg4OTNlNTYxYjc4OWNlNTc1NjM1Y2Y4NWE5ZDY5ZjM5YmQ2ZTA1ZTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BTKIOXI22Y5pcyNvDq3HlkOCCxx UJEFDqnC09lgwtY5LgfWAPqPHVWZupufYVkni2EG/+KwENVImVdBXL3PDe9q8IFs gakwP1fcN2GkRFn2YR+fhkbqlS2u3r5Hwalj+nSWnC2napBVEv5JYJ5ncN8sS371 +qKuM/QV07/oA50geAKy0umyF1r+MMaYgBC9wap/mv+VucZcoTKFiHIMZvgV1xs0 EjHQZYc59IzGDp9HiPB1MoyjBju6HX8cSmD2vVqStsty1BnUtyixA6ghZqRf4agj qPMurEe1AwNqUa9sAg1lzN58+cOz5fD7R/9udbpXjNBC8KyHIgcS6gW3RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIk+Vht4nOV1Y1z4Wp1p85vW4F4bMB8GA1UdIwQY MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6mlXc5D REl4HUZaxZQtC0vV56CHYjdFObAPDgmycn6Sm3yKpFbRboRKJgIZ5wk3F5uMfZ7I tk5liz3VVre7yThVJg9f1Rwn2ZNz/5UESn3+aYXvn04tNUL4vriotewkKVLstRvK hOkCViXDW7ka/KFqcvTKTraW+PHjpmnGGS4+ChnxIZNTkJsZipc9m9DTzdpUo8BY 2BO6p6T0ixN9yQaMC1mX8NHHTATS0jBb+HJDjZsiKfziVy5XwXoI8XYBkKrhZrL3 1IDP0Io7waR2fLLhw3p7t2A+967PtTio/0B8cN0qUzYx1rJnf2Vm2Q1hnMpDyu5/ +yfE8ey0BceYxw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:46:37 2025 by rpki-client