This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft File: nxFouFcXoUZmABtbL2yQgBmX3gY.mft (raw, json) Hash identifier: J9t9Vr1xa4RM1LoToZoaxO7jPFkCanTczxghwBR9p0A= Subject key identifier: 7D:F8:77:83:FE:EC:4F:68:96:F7:84:22:E9:9C:CC:16:B6:84:B0:10 Authority key identifier: 9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06 Certificate issuer: /CN=9f1168b85717a14666001b5b2f6c90801997de06 Certificate serial: 019AF389C2000F88F3E1D95FAC3C119A2148 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft Manifest number: 0514 Signing time: Sat 06 Dec 2025 12:01:22 +0000 Manifest this update: Sat 06 Dec 2025 12:01:22 +0000 Manifest next update: Sun 07 Dec 2025 12:01:22 +0000 Files and hashes: 1: 3aRtdaLoPOZF10CX_CZEh4-VCqI.roa (hash: OscvtFvqL/u9a9yzvKDIzZQyXS+BuqyG+0F0KwScDL8=) 2: nxFouFcXoUZmABtbL2yQgBmX3gY.crl (hash: +kswFB5KsfWwbPCQ0fwSY7x4OnkWeY7bMDqJTQQzaaA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:c2:00:0f:88:f3:e1:d9:5f:ac:3c:11:9a:21:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f1168b85717a14666001b5b2f6c90801997de06 Validity Not Before: Dec 6 12:01:22 2025 GMT Not After : Dec 7 12:01:22 2025 GMT Subject: CN=7df87783feec4f6896f78422e99ccc16b684b010 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ad:1e:98:d2:47:b3:a8:45:1e:1a:9f:4f:e0: e5:ee:17:20:02:81:bf:a4:91:3c:8d:61:2c:81:e9: 95:b6:ad:68:c9:18:4d:2c:30:89:90:4d:76:d7:49: 14:7b:91:39:3f:89:8c:ea:fe:47:05:cc:a8:ab:9e: f3:be:be:60:f0:fc:1f:2d:e6:bf:82:a0:8c:a5:06: f7:b6:b1:42:62:cd:ee:0e:6f:59:9c:b3:6d:8e:94: d4:62:d4:29:5e:3c:30:c0:c7:0d:2b:a4:ad:d7:56: 67:67:fa:de:cc:97:30:3f:98:4b:d8:a5:1c:aa:16: 90:7c:af:14:cc:eb:fc:49:ab:a3:82:ef:30:9d:76: 73:5f:ee:e1:3a:31:24:48:69:0f:7b:f3:e4:14:b4: 7f:58:b4:c8:46:4b:13:ad:00:5d:13:05:34:49:a1: 85:21:d1:43:17:44:56:21:55:46:22:f7:41:ae:37: 48:a3:f2:ca:71:c8:97:d2:3b:44:37:bb:74:f7:0e: ee:fd:a5:cf:43:62:66:98:71:1e:f7:ce:91:e8:84: 52:6f:c0:90:3f:ca:85:64:05:d4:55:c4:02:f9:33: c4:04:a3:88:01:f4:91:14:2c:fa:68:60:e7:8f:09: 27:4d:ec:65:89:76:0d:fe:8c:2e:6d:bc:e2:d0:3c: e5:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F8:77:83:FE:EC:4F:68:96:F7:84:22:E9:9C:CC:16:B6:84:B0:10 X509v3 Authority Key Identifier: keyid:9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:80:ee:b9:ff:71:9d:06:23:3d:9b:2c:0d:0a:bc:ce:e3:12: 06:64:b8:80:d0:35:9f:09:09:26:7b:e9:af:ae:be:3b:c0:aa: 87:78:6e:16:51:7d:bf:50:4a:66:4f:6f:ed:14:36:22:e5:94: 64:7c:e7:7f:4f:6e:a8:15:3c:7f:6c:81:2c:c1:cd:e6:6a:62: 07:de:58:39:ae:b4:f2:c2:cc:c6:d3:2e:b9:9f:83:c6:35:ab: e9:a3:b0:79:d8:be:a8:66:fd:85:bc:07:18:99:fb:e8:29:e4: e5:c9:a8:96:21:00:f6:b1:13:62:29:25:4f:e9:91:df:2e:ba: 50:ed:31:56:25:43:18:69:00:0d:fb:b6:89:50:a6:99:fc:2f: d9:e9:9b:6f:7f:61:6e:40:70:70:07:ce:e9:08:e7:95:22:18: ad:93:9f:5a:10:9e:39:07:1e:7e:4b:20:f6:d7:f1:44:52:74: 52:2d:e5:24:d4:f2:93:a6:95:ee:a7:65:53:c4:48:7f:11:c2: 77:2a:aa:8d:0a:0f:9b:bd:08:34:54:6a:22:4a:62:1d:d9:77: da:1a:69:65:ad:33:9e:c8:f9:83:76:59:b5:2c:24:95:c1:50: 38:6f:38:8a:5d:51:17:c1:7b:fe:6d:d4:f4:92:cf:a2:90:d0: e1:63:f1:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzicIAD4jz4dlfrDwRmiFIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMTE2OGI4NTcxN2ExNDY2NjAwMWI1YjJmNmM5MDgwMTk5 N2RlMDYwHhcNMjUxMjA2MTIwMTIyWhcNMjUxMjA3MTIwMTIyWjAzMTEwLwYDVQQD Eyg3ZGY4Nzc4M2ZlZWM0ZjY4OTZmNzg0MjJlOTljY2MxNmI2ODRiMDEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa0emNJHs6hFHhqfT+Dl7hcgAoG/ pJE8jWEsgemVtq1oyRhNLDCJkE1210kUe5E5P4mM6v5HBcyoq57zvr5g8PwfLea/ gqCMpQb3trFCYs3uDm9ZnLNtjpTUYtQpXjwwwMcNK6St11ZnZ/rezJcwP5hL2KUc qhaQfK8UzOv8Saujgu8wnXZzX+7hOjEkSGkPe/PkFLR/WLTIRksTrQBdEwU0SaGF IdFDF0RWIVVGIvdBrjdIo/LKcciX0jtEN7t09w7u/aXPQ2JmmHEe986R6IRSb8CQ P8qFZAXUVcQC+TPEBKOIAfSRFCz6aGDnjwknTexliXYN/owubbzi0DzlLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH34d4P+7E9olveEIumczBa2hLAQMB8GA1UdIwQY MBaAFJ8RaLhXF6FGZgAbWy9skIAZl94GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUt ZjQyMTliZWRkYjM3LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUtZjQyMTliZWRkYjM3 LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYDuuf9x nQYjPZssDQq8zuMSBmS4gNA1nwkJJnvpr66+O8Cqh3huFlF9v1BKZk9v7RQ2IuWU ZHznf09uqBU8f2yBLMHN5mpiB95YOa608sLMxtMuuZ+DxjWr6aOwedi+qGb9hbwH GJn76Cnk5cmoliEA9rETYiklT+mR3y66UO0xViVDGGkADfu2iVCmmfwv2embb39h bkBwcAfO6QjnlSIYrZOfWhCeOQcefksg9tfxRFJ0Ui3lJNTyk6aV7qdlU8RIfxHC dyqqjQoPm70INFRqIkpiHdl32hppZa0znsj5g3ZZtSwklcFQOG84il1RF8F7/m3U 9JLPopDQ4WPxmA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:57:16 2025 by rpki-client