This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.mft File: NZ8eO4BVHpihb8K7y33YfJoO_iU.mft (raw, json) Hash identifier: aL23HOXgkNiS4b9+ZNSYta0qDPwWtJoeSWHMJ8MwQzw= Subject key identifier: 0D:E4:0D:D2:22:9F:8E:F4:9C:CE:8A:85:6F:BA:C1:3C:D8:21:53:8F Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25 Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25 Certificate serial: 019AF7664734EE19C34FD767F3B35B60DC80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.mft Manifest number: 0E90 Signing time: Sun 07 Dec 2025 06:01:06 +0000 Manifest this update: Sun 07 Dec 2025 06:01:06 +0000 Manifest next update: Mon 08 Dec 2025 06:01:06 +0000 Files and hashes: 1: NZ8eO4BVHpihb8K7y33YfJoO_iU.crl (hash: f+PwWOnf2Cddc2DxwJpj8PW4d8inqS2AqAk5WChrYAg=) 2: WQDK9xlCqpMVg3-ZBWFZfqNRgDU.roa (hash: 5EEZG5yrAU7W8n0dqk+GpepBnaLmDeUxI+tSTrknSrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f7:66:47:34:ee:19:c3:4f:d7:67:f3:b3:5b:60:dc:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25 Validity Not Before: Dec 7 06:01:06 2025 GMT Not After : Dec 8 06:01:06 2025 GMT Subject: CN=0de40dd2229f8ef49cce8a856fbac13cd821538f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:54:31:8e:1d:51:e8:a5:57:e0:af:fa:7d:af: 10:1b:bc:72:0d:31:df:57:64:08:48:4d:e5:1f:4e: a5:2c:77:d6:8c:a7:3c:a4:4c:8c:b6:35:c7:4c:a8: 9c:c4:2d:b1:bf:0f:c2:b1:14:cf:55:37:2c:e0:f1: 0c:0d:8a:70:80:69:f8:44:ec:a9:21:d1:db:8b:4a: 19:ef:b9:f1:0d:a9:7a:da:14:c5:f0:4d:5e:4c:83: 2c:48:8f:90:f8:69:db:bc:01:e7:0e:61:46:57:76: 90:13:59:92:84:f2:8c:21:b6:ad:fa:4e:e0:d5:da: 08:c3:93:09:89:76:7c:15:68:80:07:7c:8c:1e:f2: ee:21:cf:36:d0:5d:94:8c:f0:d8:4e:a2:99:49:66: 5b:d8:d2:47:ea:45:32:d6:07:9b:df:fb:f6:e0:c4: 13:ef:66:73:ee:49:6c:85:d6:1f:c3:e8:55:d6:6e: 01:c4:9c:05:62:d9:e1:8c:73:51:1b:49:33:58:f5: df:3c:92:b2:dd:ed:41:e4:dc:87:7d:06:9e:87:53: 8c:50:c0:56:cb:b4:d3:06:88:9d:e7:17:6b:5b:03: 23:65:d3:fc:69:3e:73:5a:f2:2b:c5:1c:f2:c4:5f: 9b:87:34:26:a0:0f:bf:38:e7:82:15:98:06:a6:1c: 7f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:E4:0D:D2:22:9F:8E:F4:9C:CE:8A:85:6F:BA:C1:3C:D8:21:53:8F X509v3 Authority Key Identifier: keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:b6:d5:34:98:49:c3:b8:e5:4a:77:ff:b0:b2:4e:90:d4:e2: 8c:9b:2e:17:f3:b1:c1:f9:c6:1a:cf:18:01:08:eb:25:cb:53: 13:7f:91:3a:ca:ac:f6:15:c6:55:3b:d6:53:15:36:74:85:00: 2a:2d:f4:2b:44:be:3f:39:ac:70:c8:a8:28:3c:70:2c:a3:b0: 48:60:ba:03:4f:3a:80:33:29:0c:b0:30:3e:ff:e2:5c:6e:a2: bb:b2:9c:48:9e:67:d2:98:55:5d:93:62:81:27:f5:58:b2:9c: 72:0a:0b:0f:72:c0:83:d0:b3:59:2b:9e:f4:76:16:89:07:a5: 5b:2a:37:88:6d:98:ba:80:12:9d:45:ee:11:04:9f:50:bc:02: fa:24:f3:5f:8a:d3:0c:0b:51:fb:58:fc:09:4d:43:cd:eb:27: bf:a1:75:b6:f7:85:20:22:64:ef:7d:1a:29:bb:8d:41:73:26: e4:96:c9:f2:7e:45:4a:cd:c2:42:e3:0f:6f:78:79:97:42:33: c9:b3:db:c8:1e:24:65:c2:dc:38:f0:ca:da:6e:76:ad:1b:23: 75:ed:4f:ea:d7:e9:4a:15:e5:75:9c:7b:32:a0:49:0c:48:2d: 4a:d3:72:be:80:14:d9:d9:2c:c1:b5:67:2f:aa:8d:d3:7f:d3: e7:88:21:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr3Zkc07hnDT9dn87NbYNyAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw ZWZlMjUwHhcNMjUxMjA3MDYwMTA2WhcNMjUxMjA4MDYwMTA2WjAzMTEwLwYDVQQD EygwZGU0MGRkMjIyOWY4ZWY0OWNjZThhODU2ZmJhYzEzY2Q4MjE1MzhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVQxjh1R6KVX4K/6fa8QG7xyDTHf V2QISE3lH06lLHfWjKc8pEyMtjXHTKicxC2xvw/CsRTPVTcs4PEMDYpwgGn4ROyp IdHbi0oZ77nxDal62hTF8E1eTIMsSI+Q+GnbvAHnDmFGV3aQE1mShPKMIbat+k7g 1doIw5MJiXZ8FWiAB3yMHvLuIc820F2UjPDYTqKZSWZb2NJH6kUy1geb3/v24MQT 72Zz7klshdYfw+hV1m4BxJwFYtnhjHNRG0kzWPXfPJKy3e1B5NyHfQaeh1OMUMBW y7TTBoid5xdrWwMjZdP8aT5zWvIrxRzyxF+bhzQmoA+/OOeCFZgGphx/SQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA3kDdIin470nM6KhW+6wTzYIVOPMB8GA1UdIwQY MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt M2YzYTAyNzQ4YzJhLzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLbVNJhJ w7jlSnf/sLJOkNTijJsuF/OxwfnGGs8YAQjrJctTE3+ROsqs9hXGVTvWUxU2dIUA Ki30K0S+PzmscMioKDxwLKOwSGC6A086gDMpDLAwPv/iXG6iu7KcSJ5n0phVXZNi gSf1WLKccgoLD3LAg9CzWSue9HYWiQelWyo3iG2YuoASnUXuEQSfULwC+iTzX4rT DAtR+1j8CU1Dzesnv6F1tveFICJk730aKbuNQXMm5JbJ8n5FSs3CQuMPb3h5l0Iz ybPbyB4kZcLcOPDK2m52rRsjde1P6tfpShXldZx7MqBJDEgtStNyvoAU2dkswbVn L6qN03/T54gh0A== -----END CERTIFICATE-----Generated at Sun Dec 7 09:02:07 2025 by rpki-client