This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json) Hash identifier: 3rJiQbQqp8SK1Ynql0j5F+NSQJ9snaijE1LEA1zR+ME= Subject key identifier: 02:E5:ED:8A:87:21:76:04:69:7F:44:E1:8D:11:63:D0:A1:F4:4D:BA Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67 Certificate serial: 019AF12D55BAF8A79EF8B598477B24537162 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft Manifest number: 0E41 Signing time: Sat 06 Dec 2025 01:01:11 +0000 Manifest this update: Sat 06 Dec 2025 01:01:11 +0000 Manifest next update: Sun 07 Dec 2025 01:01:11 +0000 Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=) 2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: 6ojkyhBALI+iYaSdAXEIjha8OZW65LNVkKg2Re8LWJE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:55:ba:f8:a7:9e:f8:b5:98:47:7b:24:53:71:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67 Validity Not Before: Dec 6 01:01:11 2025 GMT Not After : Dec 7 01:01:11 2025 GMT Subject: CN=02e5ed8a87217604697f44e18d1163d0a1f44dba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:78:12:91:3e:02:e3:c1:28:68:47:80:f0:5e: cf:0c:1e:6f:93:85:47:f9:da:f2:89:0c:6e:c8:63: 30:e7:18:c5:24:6d:24:31:d1:84:8c:ab:d0:d9:97: c2:22:da:65:da:9f:cf:34:5b:b8:6e:ab:56:83:fb: 45:79:3e:c4:fd:9f:c7:dc:a2:e8:68:ac:69:78:b8: 23:66:ee:78:a4:b7:f6:e7:a4:e0:0f:d0:30:35:96: 82:23:cd:fa:a3:cc:8d:02:9e:46:1b:ae:13:14:38: be:09:ea:d4:27:b5:22:02:71:e1:29:12:2d:83:75: 43:75:98:b3:94:01:f5:d8:e9:9d:31:8a:20:a9:ee: 62:bb:20:63:62:95:25:51:f1:52:39:2a:56:b0:dd: 49:2e:73:88:b2:8b:21:a9:1b:7a:27:94:26:83:0a: 1d:66:c3:1d:ed:18:67:83:d7:02:c5:ad:ae:2a:70: dd:83:f5:e3:08:bc:bb:ed:e8:3a:9f:87:fc:71:1e: 59:b7:77:2a:f9:5d:61:e8:58:f0:f5:d0:fb:ed:ea: 84:f0:f2:5d:4b:d4:5e:c2:ea:d1:3a:dc:12:45:da: d1:86:f1:e3:9b:05:a7:67:33:38:ff:75:43:22:b5: 89:f5:49:63:be:2e:8d:2e:27:da:77:8f:dd:b4:df: da:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:E5:ED:8A:87:21:76:04:69:7F:44:E1:8D:11:63:D0:A1:F4:4D:BA X509v3 Authority Key Identifier: keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:40:38:e0:45:a6:86:75:33:3e:81:80:98:62:e7:3b:45:68: 33:da:93:fd:a0:1b:49:ba:12:56:78:4f:3b:0b:b6:95:95:7f: 5c:83:04:07:4a:ba:78:b3:4f:ff:d1:9a:91:d0:c1:2d:35:3e: ca:c4:67:ba:fa:79:f2:ad:d9:bf:0d:69:81:77:2b:6c:4c:71: 71:c7:a6:3a:64:21:21:fa:f3:fa:75:67:21:90:88:85:08:52: bd:05:01:4c:9e:a8:2b:52:9a:6b:d7:6b:e7:b8:8e:75:72:45: d7:f9:32:72:52:3d:44:42:8d:c1:8a:7a:12:fd:94:4b:d6:5f: 89:ef:17:33:e1:30:98:03:b8:93:8d:98:1a:cb:29:00:54:d6: 0d:6d:61:a9:fe:8b:d0:ed:70:70:c4:12:22:ac:8f:7f:91:2f: 21:ed:f5:c7:eb:f3:1e:02:ba:b7:9c:ef:df:f6:66:2a:3a:86: 55:b8:22:0c:f0:7a:44:9e:fd:99:84:63:3d:cc:70:ff:02:34: 6c:41:9b:85:76:6d:bb:c4:48:9a:d1:4d:39:c1:cd:fb:0f:f4: 39:e0:ee:da:84:c8:80:fa:bf:da:7c:6d:45:56:3f:d2:ed:d1: 95:5c:50:33:04:ba:e5:6e:6a:13:ea:95:2a:46:37:05:79:02: b7:52:ac:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLVW6+Kee+LWYR3skU3FiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2 OTJlNjcwHhcNMjUxMjA2MDEwMTExWhcNMjUxMjA3MDEwMTExWjAzMTEwLwYDVQQD EygwMmU1ZWQ4YTg3MjE3NjA0Njk3ZjQ0ZTE4ZDExNjNkMGExZjQ0ZGJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvngSkT4C48EoaEeA8F7PDB5vk4VH +dryiQxuyGMw5xjFJG0kMdGEjKvQ2ZfCItpl2p/PNFu4bqtWg/tFeT7E/Z/H3KLo aKxpeLgjZu54pLf256TgD9AwNZaCI836o8yNAp5GG64TFDi+CerUJ7UiAnHhKRIt g3VDdZizlAH12OmdMYogqe5iuyBjYpUlUfFSOSpWsN1JLnOIsoshqRt6J5Qmgwod ZsMd7Rhng9cCxa2uKnDdg/XjCLy77eg6n4f8cR5Zt3cq+V1h6Fjw9dD77eqE8PJd S9RewurROtwSRdrRhvHjmwWnZzM4/3VDIrWJ9Uljvi6NLifad4/dtN/a7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFALl7YqHIXYEaX9E4Y0RY9Ch9E26MB8GA1UdIwQY MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0A44EWm hnUzPoGAmGLnO0VoM9qT/aAbSboSVnhPOwu2lZV/XIMEB0q6eLNP/9GakdDBLTU+ ysRnuvp58q3Zvw1pgXcrbExxccemOmQhIfrz+nVnIZCIhQhSvQUBTJ6oK1Kaa9dr 57iOdXJF1/kyclI9REKNwYp6Ev2US9Zfie8XM+EwmAO4k42YGsspAFTWDW1hqf6L 0O1wcMQSIqyPf5EvIe31x+vzHgK6t5zv3/ZmKjqGVbgiDPB6RJ79mYRjPcxw/wI0 bEGbhXZtu8RImtFNOcHN+w/0OeDu2oTIgPq/2nxtRVY/0u3RlVxQMwS65W5qE+qV KkY3BXkCt1Ks6g== -----END CERTIFICATE-----Generated at Sat Dec 6 11:41:33 2025 by rpki-client