This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft File: NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json) Hash identifier: QWENj/bmb+KLv8d7zzbkD/P7pVocghQIo2VD/2N7KP8= Subject key identifier: FE:6C:C9:81:F2:95:24:66:DE:9D:D3:A2:CD:5D:C6:D7:15:4A:7C:BD Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 Certificate issuer: /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Certificate serial: 019B2EFAE4AF8137F3A79052E7D871384BF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft Manifest number: 177C Signing time: Thu 18 Dec 2025 01:02:32 +0000 Manifest this update: Thu 18 Dec 2025 01:02:32 +0000 Manifest next update: Fri 19 Dec 2025 01:02:32 +0000 Files and hashes: 1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: WSu2vWmKytuLISEYZItxZuJNbiidMQMOt90vUMwobvA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:e4:af:81:37:f3:a7:90:52:e7:d8:71:38:4b:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Validity Not Before: Dec 18 01:02:32 2025 GMT Not After : Dec 19 01:02:32 2025 GMT Subject: CN=fe6cc981f2952466de9dd3a2cd5dc6d7154a7cbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:1c:c3:94:3c:52:70:b3:ca:03:75:af:dc:97: a5:2c:5e:18:e0:32:8f:56:06:9e:51:1d:6d:7e:33: 32:2a:72:c8:9d:50:6b:ff:85:a3:46:9a:7b:54:e6: 0e:01:48:73:c9:6a:59:c5:b3:49:2d:fd:1d:80:fc: cd:c9:31:17:94:8f:46:ff:76:df:a7:7f:d5:45:9b: 87:98:da:63:c1:a2:0d:22:36:06:ab:53:47:ec:af: a2:71:69:31:c8:6c:a1:d4:ff:6d:28:e6:14:58:11: cd:83:aa:08:f1:b0:47:22:36:27:c0:e7:8b:c5:84: 37:4f:cf:e6:41:df:9d:2c:16:d2:4a:10:1f:10:17: c0:f0:20:03:5f:12:43:c8:ad:2a:3a:16:07:9a:ea: aa:66:93:a6:a4:8a:57:03:9a:ab:9c:d9:67:0d:5d: a6:f5:e9:9f:96:d2:ea:ac:27:52:11:b0:b6:77:77: 13:25:43:19:ad:31:f6:7a:85:85:9d:9f:68:28:46: 77:1e:a3:0d:cf:0e:a4:79:53:11:a5:f4:15:87:6e: 5b:bb:b7:4e:37:a6:c8:d9:25:9f:97:aa:1a:41:0d: a0:d5:25:56:5f:b8:09:39:6b:89:65:0b:56:f4:b2: 50:56:5c:7d:cb:6e:00:49:88:b6:0a:77:23:01:77: bf:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:6C:C9:81:F2:95:24:66:DE:9D:D3:A2:CD:5D:C6:D7:15:4A:7C:BD X509v3 Authority Key Identifier: keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:a9:0b:ff:49:fa:f5:9f:13:0e:d2:90:29:a8:26:fd:c1:c4: 14:c3:73:36:46:ec:ca:b6:07:78:a2:bc:ec:f8:de:bc:15:63: 11:3e:81:e3:ac:09:c0:b2:f4:ec:ca:ae:0c:cf:33:b2:66:09: 60:42:5e:4e:ad:5d:20:1b:42:45:fd:93:14:df:b3:ea:d6:0f: b6:28:be:09:2a:64:a7:c3:27:2d:a0:71:e9:40:b6:d4:30:0c: ed:26:b9:1f:3b:00:2f:a5:e9:af:b7:ae:69:53:7c:7d:4e:6d: 85:58:a7:81:2c:b2:fb:a9:f0:6b:40:32:f6:62:8a:33:b7:de: 86:5b:7e:c0:57:75:ef:ec:3d:c8:05:a9:95:29:fa:73:d8:cd: fe:d2:fe:25:43:f3:57:42:0d:77:c6:97:b7:99:9a:f8:f7:76: bb:f3:79:77:c6:5d:27:db:59:87:93:ec:63:1d:13:bd:2f:94: 4f:8e:e2:3c:a6:b3:07:d9:9c:84:3d:cb:9c:7b:84:2f:d0:dd: c4:c8:ad:cc:3e:81:d3:22:e5:bf:98:11:02:fd:d0:22:b4:2a: 0b:03:8d:74:cf:94:2c:7c:80:cd:19:49:54:6b:cf:1a:b3:78: c5:fc:24:f2:7e:cc:22:2d:23:d8:76:b3:b9:7c:f5:61:47:23: 34:c0:1a:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+uSvgTfzp5BS59hxOEv3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh ZDlkNzIwHhcNMjUxMjE4MDEwMjMyWhcNMjUxMjE5MDEwMjMyWjAzMTEwLwYDVQQD EyhmZTZjYzk4MWYyOTUyNDY2ZGU5ZGQzYTJjZDVkYzZkNzE1NGE3Y2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBzDlDxScLPKA3Wv3JelLF4Y4DKP VgaeUR1tfjMyKnLInVBr/4WjRpp7VOYOAUhzyWpZxbNJLf0dgPzNyTEXlI9G/3bf p3/VRZuHmNpjwaINIjYGq1NH7K+icWkxyGyh1P9tKOYUWBHNg6oI8bBHIjYnwOeL xYQ3T8/mQd+dLBbSShAfEBfA8CADXxJDyK0qOhYHmuqqZpOmpIpXA5qrnNlnDV2m 9emfltLqrCdSEbC2d3cTJUMZrTH2eoWFnZ9oKEZ3HqMNzw6keVMRpfQVh25bu7dO N6bI2SWfl6oaQQ2g1SVWX7gJOWuJZQtW9LJQVlx9y24ASYi2CncjAXe/CQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP5syYHylSRm3p3Tos1dxtcVSny9MB8GA1UdIwQY MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKkL/0n6 9Z8TDtKQKagm/cHEFMNzNkbsyrYHeKK87PjevBVjET6B46wJwLL07MquDM8zsmYJ YEJeTq1dIBtCRf2TFN+z6tYPtii+CSpkp8MnLaBx6UC21DAM7Sa5HzsAL6Xpr7eu aVN8fU5thVingSyy+6nwa0Ay9mKKM7fehlt+wFd17+w9yAWplSn6c9jN/tL+JUPz V0INd8aXt5ma+Pd2u/N5d8ZdJ9tZh5PsYx0TvS+UT47iPKazB9mchD3LnHuEL9Dd xMitzD6B0yLlv5gRAv3QIrQqCwONdM+ULHyAzRlJVGvPGrN4xfwk8n7MIi0j2Haz uXz1YUcjNMAaDg== -----END CERTIFICATE-----Generated at Thu Dec 18 05:44:01 2025 by rpki-client