This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft File: NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json) Hash identifier: ECLP7E/6O3xCnwVRrI3UuSb/pKnS8ysMItDShtRvpSo= Subject key identifier: 52:12:B3:B5:40:A3:CA:1A:9C:5E:35:D4:72:76:C2:5A:18:E1:F5:12 Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B Certificate issuer: /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b Certificate serial: 019AF31D0416209F05FF4157B8E6A4BBCC27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft Manifest number: 0F70 Signing time: Sat 06 Dec 2025 10:02:36 +0000 Manifest this update: Sat 06 Dec 2025 10:02:36 +0000 Manifest next update: Sun 07 Dec 2025 10:02:36 +0000 Files and hashes: 1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: 4GHfL2/I6yfrsGbYf2CpJeOW12/e2yjG6FQndJKhO+U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:04:16:20:9f:05:ff:41:57:b8:e6:a4:bb:cc:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b Validity Not Before: Dec 6 10:02:36 2025 GMT Not After : Dec 7 10:02:36 2025 GMT Subject: CN=5212b3b540a3ca1a9c5e35d47276c25a18e1f512 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:cb:d2:c1:3d:4e:7f:75:64:31:89:5b:e8:8c: 19:c2:c4:64:c2:9f:30:83:c9:05:78:81:4c:0b:7c: 87:5c:07:db:d7:11:14:b6:16:85:b6:ee:97:a0:a2: 8a:a5:6a:e4:e2:67:6f:19:c4:ac:c7:5c:5d:28:60: 77:b4:97:13:f8:5a:e6:8d:6c:f7:ff:95:04:f7:8d: dd:99:fb:bb:e9:24:a6:e3:3a:88:f1:90:c5:33:e4: be:b2:ae:15:8c:ff:0b:f4:d1:d5:61:9e:22:d3:aa: b4:99:74:a9:4d:78:44:17:a1:88:45:26:42:3c:a4: e3:e6:06:c4:20:ab:bd:47:06:cd:72:4d:58:71:6b: 19:7b:af:8f:d7:80:16:75:0c:67:f0:75:51:4b:06: 51:ce:30:1f:0c:f1:55:a4:f1:d9:50:2a:57:5b:d2: 85:e3:b4:19:35:f3:50:49:05:ed:73:8f:06:36:de: 6e:e4:ca:65:39:8a:47:c2:0d:87:ae:8f:37:60:e9: 69:89:df:be:96:cd:a4:d7:c9:6c:d3:c2:72:25:2b: 32:22:ae:a1:72:6d:3a:bd:11:2e:43:aa:0f:e9:f7: 10:02:29:0b:d0:eb:04:9d:7c:4c:0d:b0:cd:89:e8: d6:a9:5f:7f:81:47:0f:5d:bb:bf:89:da:5f:d3:2d: 16:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:12:B3:B5:40:A3:CA:1A:9C:5E:35:D4:72:76:C2:5A:18:E1:F5:12 X509v3 Authority Key Identifier: keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:e9:38:21:4d:3a:86:39:c0:92:19:29:8a:37:64:cb:74:51: ac:17:77:c3:9d:a6:f9:ec:17:69:73:32:94:f1:89:58:3d:ea: b9:1d:c3:e5:ba:44:d4:c9:88:87:b0:c6:0d:fa:aa:bb:94:7f: d4:8a:83:40:2e:2f:6c:4d:2b:27:71:ad:43:37:46:67:c6:bd: b5:62:9e:ef:55:cc:25:2b:3f:87:36:5d:a3:7a:5b:87:8d:69: d6:77:25:92:16:54:67:d7:a9:70:3b:a2:0c:dc:18:b2:77:5c: 48:d9:6e:7c:63:bb:9b:69:19:c1:13:98:47:5f:4f:2d:a4:f4: 98:1c:a2:05:50:53:21:63:3d:53:56:96:56:53:94:05:aa:d7: b4:27:e5:88:12:fd:0a:85:6e:5b:05:04:b0:01:3f:74:e6:0d: 62:2f:33:e2:68:de:54:dd:49:62:7d:e3:95:a3:4a:31:28:b0: 81:26:68:4f:af:17:c8:d4:10:fb:7c:1b:04:e5:36:c2:e9:6f: 84:c1:d7:f4:09:30:0d:9f:45:8d:4c:27:5b:59:28:b7:17:a8: 2d:f6:c4:44:b5:ac:40:73:56:67:01:80:fc:ba:71:78:1b:ca: b8:1f:a4:53:ec:e4:37:b9:fd:da:87:de:e7:c4:c7:8e:d0:97: 77:1f:d3:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHQQWIJ8F/0FXuOaku8wnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl NTY0NmIwHhcNMjUxMjA2MTAwMjM2WhcNMjUxMjA3MTAwMjM2WjAzMTEwLwYDVQQD Eyg1MjEyYjNiNTQwYTNjYTFhOWM1ZTM1ZDQ3Mjc2YzI1YTE4ZTFmNTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4svSwT1Of3VkMYlb6IwZwsRkwp8w g8kFeIFMC3yHXAfb1xEUthaFtu6XoKKKpWrk4mdvGcSsx1xdKGB3tJcT+FrmjWz3 /5UE943dmfu76SSm4zqI8ZDFM+S+sq4VjP8L9NHVYZ4i06q0mXSpTXhEF6GIRSZC PKTj5gbEIKu9RwbNck1YcWsZe6+P14AWdQxn8HVRSwZRzjAfDPFVpPHZUCpXW9KF 47QZNfNQSQXtc48GNt5u5MplOYpHwg2Hro83YOlpid++ls2k18ls08JyJSsyIq6h cm06vREuQ6oP6fcQAikL0OsEnXxMDbDNiejWqV9/gUcPXbu/idpf0y0WRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFISs7VAo8oanF411HJ2wloY4fUSMB8GA1UdIwQY MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuk4IU06 hjnAkhkpijdky3RRrBd3w52m+ewXaXMylPGJWD3quR3D5bpE1MmIh7DGDfqqu5R/ 1IqDQC4vbE0rJ3GtQzdGZ8a9tWKe71XMJSs/hzZdo3pbh41p1nclkhZUZ9epcDui DNwYsndcSNlufGO7m2kZwROYR19PLaT0mByiBVBTIWM9U1aWVlOUBarXtCfliBL9 CoVuWwUEsAE/dOYNYi8z4mjeVN1JYn3jlaNKMSiwgSZoT68XyNQQ+3wbBOU2wulv hMHX9AkwDZ9FjUwnW1kotxeoLfbERLWsQHNWZwGA/LpxeBvKuB+kU+zkN7n92ofe 58THjtCXdx/Tyg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:33:16 2025 by rpki-client