This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json) Hash identifier: uqKOWNPz7JyUMMIMuq4aJrbJ5nbOX0n55d2Uf4mHEXg= Subject key identifier: B2:50:EC:27:2F:05:EC:19:D7:D6:E0:96:1E:9F:FC:70:DB:8D:0C:D7 Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2 Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2 Certificate serial: 019AF31BC6B510023913B20107FF3B2B8E4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 10:01:15 +0000 Manifest this update: Sat 06 Dec 2025 10:01:15 +0000 Manifest next update: Sun 07 Dec 2025 10:01:15 +0000 Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=) 2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: 17n7Khiuo63Lgsf1oXln8puftypBfW6YTAx37wNXrfk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:c6:b5:10:02:39:13:b2:01:07:ff:3b:2b:8e:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2 Validity Not Before: Dec 6 10:01:15 2025 GMT Not After : Dec 7 10:01:15 2025 GMT Subject: CN=b250ec272f05ec19d7d6e0961e9ffc70db8d0cd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e7:d4:b7:16:54:96:bb:fc:b8:58:37:05:87: 3f:13:0b:99:e1:14:fb:bd:0f:e0:e4:be:74:04:5a: ac:ca:92:ee:3c:8f:c4:88:67:99:c4:1a:49:c8:f8: 08:4d:2a:fd:6d:2a:c6:ff:6f:9c:e8:21:ca:17:06: bb:8d:1d:df:9e:24:50:97:64:c4:40:59:f1:3b:4b: 6e:df:0e:f7:f8:b7:f9:e5:8f:9b:ad:1c:7f:b6:aa: 34:4b:94:6d:96:93:79:a8:3f:1b:08:66:0a:9f:d2: 73:5b:84:ce:f1:5c:5f:9d:f9:15:5b:73:15:d1:c5: 4e:cd:e2:86:4d:78:e7:d2:6b:fe:1b:ef:92:8a:d1: 56:00:7c:d7:3e:3f:b0:b5:29:d5:a8:00:57:34:18: e7:04:5a:90:4d:03:d3:10:a1:ff:b7:0a:8c:2a:5a: 7c:dc:b7:74:56:34:7b:b5:bd:ec:74:65:4b:da:3c: db:5b:56:d8:5d:16:73:2e:9a:7d:7c:85:f1:03:03: 48:ec:45:ac:55:9c:3d:73:64:80:c7:8d:16:ec:b6: 51:be:8a:66:39:50:99:fe:49:df:8f:96:8c:b6:96: a1:92:e0:0e:2d:10:51:32:1b:bb:46:e4:51:34:1b: 7c:34:d3:5a:df:f8:ad:e8:ec:ea:b5:8b:8a:ed:4e: 78:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:50:EC:27:2F:05:EC:19:D7:D6:E0:96:1E:9F:FC:70:DB:8D:0C:D7 X509v3 Authority Key Identifier: keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:e3:8e:41:79:85:ce:63:59:2f:81:02:4c:70:9f:82:7a:a9: 29:a9:e4:0b:7b:7b:98:8f:71:59:51:0a:6b:29:99:82:4c:cc: 67:a1:6f:f2:db:39:ef:b8:57:d9:9e:7d:a2:25:a9:9b:c7:bc: bc:cd:af:ab:be:65:5e:f2:92:41:78:13:c2:b1:43:2b:21:69: de:38:c2:2f:c5:ba:55:15:0f:4d:2b:f0:78:e2:f2:05:8a:3f: 41:c5:fd:72:89:40:5d:c8:1e:00:0d:c3:fb:ca:08:5b:5f:3a: c1:f7:4e:3f:d2:84:09:17:ea:55:b5:8c:9c:99:71:bd:c9:9f: 72:79:e2:5b:8e:e3:3a:8e:4e:2a:cb:d6:34:cc:32:14:99:2e: a6:a5:a6:4a:bf:48:06:ac:cd:f0:5e:88:82:29:28:7e:73:89: 54:d4:b6:97:00:42:cf:a8:7f:ef:e1:be:18:48:f2:31:7a:4d: da:da:85:69:a7:ea:17:d1:c7:e2:b2:8a:69:ea:37:5e:cb:52: c4:8c:ae:83:ee:b2:3d:c3:df:99:89:d1:c8:e4:aa:0d:df:11: 25:63:94:a1:e2:0a:49:1f:f8:7e:90:76:8b:10:c3:df:b5:30: c9:32:15:b7:ee:e5:e1:9e:74:ed:80:09:b9:a5:af:27:60:00: 11:a1:94:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8a1EAI5E7IBB/87K45NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm MmJhYjIwHhcNMjUxMjA2MTAwMTE1WhcNMjUxMjA3MTAwMTE1WjAzMTEwLwYDVQQD EyhiMjUwZWMyNzJmMDVlYzE5ZDdkNmUwOTYxZTlmZmM3MGRiOGQwY2Q3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+fUtxZUlrv8uFg3BYc/EwuZ4RT7 vQ/g5L50BFqsypLuPI/EiGeZxBpJyPgITSr9bSrG/2+c6CHKFwa7jR3fniRQl2TE QFnxO0tu3w73+Lf55Y+brRx/tqo0S5RtlpN5qD8bCGYKn9JzW4TO8VxfnfkVW3MV 0cVOzeKGTXjn0mv+G++SitFWAHzXPj+wtSnVqABXNBjnBFqQTQPTEKH/twqMKlp8 3Ld0VjR7tb3sdGVL2jzbW1bYXRZzLpp9fIXxAwNI7EWsVZw9c2SAx40W7LZRvopm OVCZ/knfj5aMtpahkuAOLRBRMhu7RuRRNBt8NNNa3/it6OzqtYuK7U54EQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLJQ7CcvBewZ19bglh6f/HDbjQzXMB8GA1UdIwQY MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVeOOQXmF zmNZL4ECTHCfgnqpKankC3t7mI9xWVEKaymZgkzMZ6Fv8ts577hX2Z59oiWpm8e8 vM2vq75lXvKSQXgTwrFDKyFp3jjCL8W6VRUPTSvweOLyBYo/QcX9colAXcgeAA3D +8oIW186wfdOP9KECRfqVbWMnJlxvcmfcnniW47jOo5OKsvWNMwyFJkupqWmSr9I BqzN8F6IgikofnOJVNS2lwBCz6h/7+G+GEjyMXpN2tqFaafqF9HH4rKKaeo3XstS xIyug+6yPcPfmYnRyOSqDd8RJWOUoeIKSR/4fpB2ixDD37UwyTIVt+7l4Z507YAJ uaWvJ2AAEaGUww== -----END CERTIFICATE-----Generated at Sat Dec 6 17:09:17 2025 by rpki-client