This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json) Hash identifier: zdvgrTuk3Ouf4AErzgR1CQHOb8GXdMBfToUkCQoXK6Y= Subject key identifier: 0B:EB:10:8A:4B:62:0C:03:16:D3:15:4B:A0:55:FA:EE:C5:43:77:8D Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4 Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4 Certificate serial: 019AF19AF249ECC3C16BE09A3A6DA20EFFA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 03:00:54 +0000 Manifest this update: Sat 06 Dec 2025 03:00:54 +0000 Manifest next update: Sun 07 Dec 2025 03:00:54 +0000 Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=) 2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: H/d4TVQ0uOPoPCYejWQUgWOoCjBsEuV4+6cdLHSoQzs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:f2:49:ec:c3:c1:6b:e0:9a:3a:6d:a2:0e:ff:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4 Validity Not Before: Dec 6 03:00:54 2025 GMT Not After : Dec 7 03:00:54 2025 GMT Subject: CN=0beb108a4b620c0316d3154ba055faeec543778d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a3:42:59:25:e7:27:1b:b5:6b:05:38:c1:28: 79:c4:01:4c:29:df:3c:a0:32:13:03:bb:9d:23:0e: f1:7f:bc:ea:23:e4:c5:07:48:92:bb:bb:19:3f:f6: bc:bd:4c:4f:ae:62:cd:b5:db:8c:ba:62:af:1e:10: 44:0a:89:9e:06:c1:24:a6:7d:4f:65:3c:55:70:e6: 80:b5:b9:64:c7:0b:14:69:ad:61:0f:51:1e:c5:8b: a4:59:f4:1b:21:42:7d:2e:76:8d:f7:79:93:b4:44: 2b:56:ed:c7:55:90:9f:1d:37:01:99:4d:10:7d:78: 34:c3:59:63:1c:61:f0:df:39:7d:90:30:5f:65:81: c2:9c:72:29:ee:f2:e9:34:6d:8f:72:08:12:67:96: 10:5f:df:17:8f:77:bf:10:41:89:9e:9f:e7:ee:b4: 92:fe:23:ef:3e:ba:eb:13:6e:a6:7e:5c:d5:e7:86: 34:5b:a2:1b:83:26:f3:78:54:04:a6:4d:b2:64:01: 49:f8:4b:36:e1:e8:d6:49:9f:b1:2a:54:71:6b:2f: 99:5d:80:c4:c8:60:28:b4:d8:8c:88:94:41:a8:39: 5c:74:a4:8f:20:85:50:49:c7:e7:65:f5:a6:7d:d0: db:fa:05:d7:8d:aa:14:56:ac:01:c4:7e:57:96:1f: 10:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:EB:10:8A:4B:62:0C:03:16:D3:15:4B:A0:55:FA:EE:C5:43:77:8D X509v3 Authority Key Identifier: keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:e7:e3:5c:5e:d7:42:00:08:cf:84:ab:36:af:8b:b2:c0:26: 9a:5e:53:7f:8d:d6:25:a8:49:ee:33:e7:11:ed:06:c1:0b:ac: da:04:59:95:09:4f:53:a0:81:ec:22:13:04:44:ac:05:65:c3: 56:ff:ed:34:1a:fe:f4:4f:8b:e3:8f:04:f6:7d:70:d3:10:9f: 94:e9:3e:0f:78:ee:84:d5:01:a7:c4:f8:78:24:ce:83:7a:e9: e3:e5:91:85:a5:38:ff:bf:90:42:e1:c6:b8:f7:42:69:3a:36: 80:17:91:0b:1f:7e:0f:b2:eb:39:1e:b4:44:4d:a6:9c:55:6a: 42:46:27:29:d9:6d:92:bc:2e:ef:70:17:ed:61:c5:f6:f6:dc: b2:8e:c0:51:1c:e0:5e:e3:be:d4:d6:f0:0e:8a:c2:7d:4b:68: b9:43:8e:3e:6e:06:e5:6f:5a:19:bb:09:42:94:24:49:0a:fc: 6a:3c:da:b1:78:a6:cd:1e:af:9e:e3:b6:f0:af:11:cb:c9:fc: ff:d1:ce:12:02:c5:d1:14:7a:d8:91:c9:f2:a3:39:8d:59:48: e6:ed:5e:ad:8f:98:d4:ca:79:ea:f8:7d:bc:45:58:fb:72:a9: 59:22:ac:52:ef:89:85:74:34:59:52:37:e1:c9:02:b0:9b:8a: 76:67:18:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmvJJ7MPBa+CaOm2iDv+lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj ZjM4ZjQwHhcNMjUxMjA2MDMwMDU0WhcNMjUxMjA3MDMwMDU0WjAzMTEwLwYDVQQD EygwYmViMTA4YTRiNjIwYzAzMTZkMzE1NGJhMDU1ZmFlZWM1NDM3NzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6NCWSXnJxu1awU4wSh5xAFMKd88 oDITA7udIw7xf7zqI+TFB0iSu7sZP/a8vUxPrmLNtduMumKvHhBEComeBsEkpn1P ZTxVcOaAtblkxwsUaa1hD1EexYukWfQbIUJ9LnaN93mTtEQrVu3HVZCfHTcBmU0Q fXg0w1ljHGHw3zl9kDBfZYHCnHIp7vLpNG2PcggSZ5YQX98Xj3e/EEGJnp/n7rSS /iPvPrrrE26mflzV54Y0W6IbgybzeFQEpk2yZAFJ+Es24ejWSZ+xKlRxay+ZXYDE yGAotNiMiJRBqDlcdKSPIIVQScfnZfWmfdDb+gXXjaoUVqwBxH5Xlh8QGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAvrEIpLYgwDFtMVS6BV+u7FQ3eNMB8GA1UdIwQY MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0 LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+fjXF7X QgAIz4SrNq+LssAmml5Tf43WJahJ7jPnEe0GwQus2gRZlQlPU6CB7CITBESsBWXD Vv/tNBr+9E+L448E9n1w0xCflOk+D3juhNUBp8T4eCTOg3rp4+WRhaU4/7+QQuHG uPdCaTo2gBeRCx9+D7LrOR60RE2mnFVqQkYnKdltkrwu73AX7WHF9vbcso7AURzg XuO+1NbwDorCfUtouUOOPm4G5W9aGbsJQpQkSQr8ajzasXimzR6vnuO28K8Ry8n8 /9HOEgLF0RR62JHJ8qM5jVlI5u1erY+Y1Mp56vh9vEVY+3KpWSKsUu+JhXQ0WVI3 4ckCsJuKdmcYzw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:20:23 2025 by rpki-client