This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft File: Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json) Hash identifier: rVJddgDjtv17S/eqx3VJXRRWxoCEHA8a2JxROGXV18w= Subject key identifier: 4C:BA:44:4B:36:76:57:ED:25:8C:F7:16:7D:66:FD:94:0B:60:98:6B Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90 Certificate issuer: /CN=362af487954c9b96a6e75c258d0437a38449ba90 Certificate serial: 019AF388FBD82284F7D8B0BBFD0059BBA38C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft Manifest number: 160E Signing time: Sat 06 Dec 2025 12:00:32 +0000 Manifest this update: Sat 06 Dec 2025 12:00:32 +0000 Manifest next update: Sun 07 Dec 2025 12:00:32 +0000 Files and hashes: 1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: 0E85MJX0iznRYwF5vqafkw80ph/q2Avnu0mnQVqUGrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:88:fb:d8:22:84:f7:d8:b0:bb:fd:00:59:bb:a3:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90 Validity Not Before: Dec 6 12:00:32 2025 GMT Not After : Dec 7 12:00:32 2025 GMT Subject: CN=4cba444b367657ed258cf7167d66fd940b60986b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:14:e0:00:5c:6b:7c:ec:7e:a3:2b:66:84:53: 94:65:7e:84:5e:9f:29:18:52:95:f4:40:8f:27:c6: cc:19:0e:75:71:d0:b0:ae:4f:6b:bf:9c:a3:23:ae: b2:28:c7:38:7d:d7:0a:4f:fc:03:a6:a1:96:a1:ab: 2c:c2:9d:aa:78:9e:1f:2b:f0:0c:38:1e:24:63:5b: 38:d7:fd:c3:19:b7:02:e3:a7:4d:32:77:18:14:31: f0:e0:55:06:a9:8d:c4:dc:3b:3b:74:bb:73:4a:78: a2:29:8a:3a:25:31:93:65:50:07:e3:f7:79:93:b1: 16:25:be:95:45:23:45:8b:98:65:c2:4f:4d:fd:7b: b8:0a:de:c9:d0:f9:72:37:c0:d6:2d:b9:02:0e:8b: 0b:c8:89:25:8f:b9:4f:bf:95:30:77:f2:3e:79:81: c8:10:36:08:79:fa:4b:50:e1:c1:03:ef:8e:5e:c2: c6:58:bf:24:71:e5:8e:c8:a6:3d:96:e1:36:0e:4e: 70:67:02:01:fd:a3:0f:75:50:39:bd:7b:ee:30:0b: ed:f6:52:12:fd:0e:ac:0d:c2:dd:a0:00:ac:cc:e4: f9:4d:6e:4a:3a:7b:11:0b:7c:4a:26:67:75:59:75: e3:9d:72:58:f2:40:d7:b2:87:03:30:ef:b8:55:73: 96:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:BA:44:4B:36:76:57:ED:25:8C:F7:16:7D:66:FD:94:0B:60:98:6B X509v3 Authority Key Identifier: keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:1d:41:9a:29:d0:84:0f:6f:d2:36:49:83:0c:59:1d:55:05: c3:dc:4d:6c:79:45:28:b6:05:0c:ac:8e:db:ed:85:ec:8d:04: b0:e2:57:b4:cb:02:6b:05:e2:10:6f:64:80:d7:ec:c2:a0:7f: 91:35:37:25:e1:5c:82:0b:0e:d6:88:24:c1:6a:7a:aa:48:19: 84:58:1c:c3:af:42:ec:a4:c6:10:06:bc:85:ca:b3:32:c9:03: 8e:3c:af:27:e1:4f:41:b9:7d:61:f1:b6:25:9f:56:c4:57:17: df:57:c4:23:4e:1a:e8:b3:40:25:89:f6:b9:6c:b2:0f:ac:f6: 87:db:9b:67:9a:d9:7b:74:cb:11:50:92:d9:ab:a5:75:32:af: 84:ad:1e:ad:e7:ce:cd:c1:ac:89:ad:56:46:5c:a2:42:ff:80: eb:3a:da:98:2b:dd:12:47:6d:d6:8b:d1:81:d9:9f:67:bb:47: eb:aa:8d:31:5c:71:3d:6e:0e:e1:15:eb:7f:41:52:93:ba:c7: 2c:e6:ac:d7:12:76:a9:84:97:09:17:8e:20:cc:03:75:35:df: 1a:e9:65:d8:ff:0c:31:28:a1:da:52:8e:95:2d:1d:66:89:ed: 6f:09:0b:83:ac:a2:f0:f9:27:56:78:03:65:f6:6c:04:78:ee: 31:57:d6:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziPvYIoT32LC7/QBZu6OMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0 OWJhOTAwHhcNMjUxMjA2MTIwMDMyWhcNMjUxMjA3MTIwMDMyWjAzMTEwLwYDVQQD Eyg0Y2JhNDQ0YjM2NzY1N2VkMjU4Y2Y3MTY3ZDY2ZmQ5NDBiNjA5ODZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBTgAFxrfOx+oytmhFOUZX6EXp8p GFKV9ECPJ8bMGQ51cdCwrk9rv5yjI66yKMc4fdcKT/wDpqGWoasswp2qeJ4fK/AM OB4kY1s41/3DGbcC46dNMncYFDHw4FUGqY3E3Ds7dLtzSniiKYo6JTGTZVAH4/d5 k7EWJb6VRSNFi5hlwk9N/Xu4Ct7J0PlyN8DWLbkCDosLyIklj7lPv5Uwd/I+eYHI EDYIefpLUOHBA++OXsLGWL8kceWOyKY9luE2Dk5wZwIB/aMPdVA5vXvuMAvt9lIS /Q6sDcLdoACszOT5TW5KOnsRC3xKJmd1WXXjnXJY8kDXsocDMO+4VXOWRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEy6REs2dlftJYz3Fn1m/ZQLYJhrMB8GA1UdIwQY MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2 LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANx1BminQ hA9v0jZJgwxZHVUFw9xNbHlFKLYFDKyO2+2F7I0EsOJXtMsCawXiEG9kgNfswqB/ kTU3JeFcggsO1ogkwWp6qkgZhFgcw69C7KTGEAa8hcqzMskDjjyvJ+FPQbl9YfG2 JZ9WxFcX31fEI04a6LNAJYn2uWyyD6z2h9ubZ5rZe3TLEVCS2auldTKvhK0erefO zcGsia1WRlyiQv+A6zramCvdEkdt1ovRgdmfZ7tH66qNMVxxPW4O4RXrf0FSk7rH LOas1xJ2qYSXCReOIMwDdTXfGull2P8MMSih2lKOlS0dZontbwkLg6yi8PknVngD ZfZsBHjuMVfWiA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:37:41 2025 by rpki-client