This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json) Hash identifier: t/HW2v+n0Stteao+ussrEYSAi+JfBQMSxoIQESx3SSg= Subject key identifier: 7D:0D:26:C9:A2:78:E1:3E:DD:35:A8:21:20:32:EA:60:07:3B:C3:6E Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27 Certificate serial: 019AF1D1A8589591C737F94A8DA8F4506170 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft Manifest number: 41 Signing time: Sat 06 Dec 2025 04:00:40 +0000 Manifest this update: Sat 06 Dec 2025 04:00:40 +0000 Manifest next update: Sun 07 Dec 2025 04:00:40 +0000 Files and hashes: 1: DdDaxfuDMZLmyhuw8yZ5MS08ias.roa (hash: xJixleOcp32TuE8FVysJEHDhjJvV5vi+KN5Idb3e7K4=) 2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: M3/qN9t8rPFOGhFMN0valvU32WSOqPgDB3PNEZRwZ04=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a8:58:95:91:c7:37:f9:4a:8d:a8:f4:50:61:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27 Validity Not Before: Dec 6 04:00:40 2025 GMT Not After : Dec 7 04:00:40 2025 GMT Subject: CN=7d0d26c9a278e13edd35a8212032ea60073bc36e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c3:08:11:1a:f9:bf:99:ee:8a:66:48:c5:3b: 8f:c6:24:39:1e:24:46:af:25:41:10:57:04:ad:e9: 0e:42:60:82:79:d1:07:a6:d8:3b:b1:dd:62:18:c2: d4:7d:73:37:7b:61:e5:b6:77:e5:6f:d0:89:75:51: 6f:08:81:1e:59:33:66:2d:08:3c:23:36:3e:67:39: fb:d3:f5:7a:b3:ea:ba:03:76:07:18:8c:62:ec:91: d4:d5:7a:c3:64:a1:28:e7:ac:bc:1c:46:73:87:9f: 05:a7:45:6b:f9:88:48:7a:5b:09:57:d7:b5:d9:ed: f5:11:a8:1c:bf:2b:8f:57:ea:da:43:e2:29:35:ea: 96:6f:8e:90:a4:d6:f6:ad:0b:36:7b:aa:0c:75:f7: 59:18:8a:f9:68:96:71:be:fd:01:9b:cf:01:67:71: 42:6c:45:c5:b3:fc:22:26:98:60:00:52:a7:07:11: dc:0e:4d:90:3e:6f:9b:25:94:f4:e1:67:99:d6:78: ad:45:f2:7c:63:fc:ed:bd:60:d2:2a:74:09:c7:45: a3:f0:7a:3a:28:4e:b9:46:1e:5c:da:84:bd:65:8a: fb:01:80:c8:22:6c:e4:66:c1:af:1e:55:72:1f:56: 32:51:2e:7a:a9:d7:e2:06:d0:91:30:44:41:81:d0: 88:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:0D:26:C9:A2:78:E1:3E:DD:35:A8:21:20:32:EA:60:07:3B:C3:6E X509v3 Authority Key Identifier: keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:38:b1:52:7e:76:e8:68:0a:22:a0:78:55:0c:32:e9:38:cc: 80:10:d9:1d:c4:3d:64:7d:22:4a:9d:fe:44:35:bd:cc:2a:0d: 71:1b:86:3f:d7:96:6c:08:d3:72:37:17:e8:d4:cd:93:65:20: bc:f3:a3:e5:3c:a0:36:0e:3c:e0:4a:80:af:e6:57:5a:58:a0: b8:43:39:11:47:78:09:6b:bc:a9:99:ee:6e:67:e1:a3:46:40: 3d:f9:c1:f2:3f:8e:4e:e5:98:2b:bc:ce:d6:72:9f:cb:52:73: fd:b5:d4:61:e2:89:3e:7c:74:cb:7e:3b:ca:6b:75:3f:ef:1d: 96:35:0f:90:ec:b1:89:78:aa:36:87:89:11:49:dc:a2:e9:a0: bd:10:ee:37:a8:4d:4c:15:9c:2f:7c:ee:70:b8:c1:8c:9a:9b: ae:85:7b:ed:d7:db:e4:fd:01:50:a9:6b:bc:28:88:c5:46:1b: d7:53:e2:21:29:46:ab:75:0e:65:43:22:5e:d8:31:1e:18:2e: b4:99:91:1c:7d:ad:ba:d5:fc:81:c6:02:fe:a4:47:e1:b2:0d: 38:05:55:72:c4:6f:71:d2:53:fa:c2:a4:40:8d:56:a1:9a:93: 13:d1:cb:8b:d0:52:b3:7b:f4:82:f6:81:11:88:35:c6:f0:ec: 92:38:6c:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ahYlZHHN/lKjaj0UGFwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz NzNjMjcwHhcNMjUxMjA2MDQwMDQwWhcNMjUxMjA3MDQwMDQwWjAzMTEwLwYDVQQD Eyg3ZDBkMjZjOWEyNzhlMTNlZGQzNWE4MjEyMDMyZWE2MDA3M2JjMzZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusMIERr5v5nuimZIxTuPxiQ5HiRG ryVBEFcErekOQmCCedEHptg7sd1iGMLUfXM3e2Hltnflb9CJdVFvCIEeWTNmLQg8 IzY+Zzn70/V6s+q6A3YHGIxi7JHU1XrDZKEo56y8HEZzh58Fp0Vr+YhIelsJV9e1 2e31EagcvyuPV+raQ+IpNeqWb46QpNb2rQs2e6oMdfdZGIr5aJZxvv0Bm88BZ3FC bEXFs/wiJphgAFKnBxHcDk2QPm+bJZT04WeZ1nitRfJ8Y/ztvWDSKnQJx0Wj8Ho6 KE65Rh5c2oS9ZYr7AYDIImzkZsGvHlVyH1YyUS56qdfiBtCRMERBgdCIaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH0NJsmieOE+3TWoISAy6mAHO8NuMB8GA1UdIwQY MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHTixUn52 6GgKIqB4VQwy6TjMgBDZHcQ9ZH0iSp3+RDW9zCoNcRuGP9eWbAjTcjcX6NTNk2Ug vPOj5TygNg484EqAr+ZXWliguEM5EUd4CWu8qZnubmfho0ZAPfnB8j+OTuWYK7zO 1nKfy1Jz/bXUYeKJPnx0y347ymt1P+8dljUPkOyxiXiqNoeJEUncoumgvRDuN6hN TBWcL3zucLjBjJqbroV77dfb5P0BUKlrvCiIxUYb11PiISlGq3UOZUMiXtgxHhgu tJmRHH2tutX8gcYC/qRH4bINOAVVcsRvcdJT+sKkQI1WoZqTE9HLi9BSs3v0gvaB EYg1xvDskjhsCA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:02:38 2025 by rpki-client