This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft File: NM-cB0OwPV4EX0bprPToAKnxio4.mft (raw, json) Hash identifier: cPJIeTM3zBa10d2MvT+MvmLnjBoYGDiJy1FZntKa6ts= Subject key identifier: F0:7E:29:EE:F7:97:5F:A4:BC:4E:91:96:51:60:22:F5:13:0F:33:45 Authority key identifier: 34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E Certificate issuer: /CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e Certificate serial: 019B27AE65E85CF6C13CC19BDB13F853DFEA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft Manifest number: 0C89 Signing time: Tue 16 Dec 2025 15:01:39 +0000 Manifest this update: Tue 16 Dec 2025 15:01:39 +0000 Manifest next update: Wed 17 Dec 2025 15:01:39 +0000 Files and hashes: 1: NM-cB0OwPV4EX0bprPToAKnxio4.crl (hash: aErE0zv+roy4xfnKH92rFXqXSGdmClDluexeYeOnjmc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:ae:65:e8:5c:f6:c1:3c:c1:9b:db:13:f8:53:df:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e Validity Not Before: Dec 16 15:01:39 2025 GMT Not After : Dec 17 15:01:39 2025 GMT Subject: CN=f07e29eef7975fa4bc4e9196516022f5130f3345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:04:92:41:60:50:91:db:b9:43:50:2c:f5:89: fc:44:c1:a7:ad:8e:d7:35:d1:5f:fe:1f:9a:ef:99: 35:e3:e8:f4:be:44:62:4a:70:56:a9:5a:fa:64:09: 19:7f:b1:5e:d5:cb:92:5e:13:ed:39:a0:85:01:5b: 98:54:74:6b:51:91:19:1e:84:92:01:12:48:26:5d: 7b:e9:a5:63:b1:a1:ff:87:a0:f5:4c:fc:e3:12:03: 13:75:7d:77:b5:07:fe:f0:b5:2d:22:f8:d6:66:45: bc:39:c4:77:0c:d7:6c:98:5c:3f:1d:0f:cd:eb:d1: 2f:b7:36:14:25:cb:a3:c7:98:fe:d9:4c:10:63:ee: 3c:c4:3b:dd:f3:16:c6:b4:61:98:0c:4e:7d:10:d8: b0:66:9d:5d:20:89:ca:1b:3f:c6:8d:52:5e:4d:67: 5d:b8:ed:3e:d8:08:55:f4:cd:c0:32:7a:35:20:e4: a0:12:d5:24:e6:71:a1:3d:de:fd:14:4f:3e:f5:66: d9:76:ed:23:6d:55:4f:5a:30:1f:31:04:af:a0:a9: 49:51:fe:70:80:47:41:f0:40:f6:68:4b:00:f9:e7: 67:6f:71:be:f4:84:86:07:de:29:bd:18:dd:6a:b4: fc:97:d5:2f:d3:8d:d9:cc:5c:41:23:43:c9:a9:73: 25:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:7E:29:EE:F7:97:5F:A4:BC:4E:91:96:51:60:22:F5:13:0F:33:45 X509v3 Authority Key Identifier: keyid:34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:b2:02:d0:c8:3a:d9:a2:73:3b:8f:34:7f:66:c1:38:1d:2e: b0:22:a7:c6:f7:e0:85:eb:68:55:ef:89:bc:1b:47:45:c4:11: eb:d6:a0:0c:dc:6f:20:a8:1b:0c:28:2c:dd:d2:f8:eb:9c:b2: f5:d2:9b:b5:d5:5d:56:6b:6b:81:08:69:e8:36:e5:31:b1:5f: 85:21:c9:d9:73:c6:cb:cb:08:63:f1:0d:5b:2b:4c:fa:0d:b0: 57:dc:de:93:78:79:dc:6a:4d:97:aa:fe:c7:bb:42:e3:8e:2a: 2b:dc:40:c6:c1:da:a6:ca:9e:f6:53:99:59:da:f6:fe:59:df: a3:56:e0:d7:4b:e9:8f:9e:ac:e9:f5:c6:73:15:83:5e:1e:c2: d5:ee:d9:fb:d6:5c:73:f4:79:1c:5e:27:e8:3e:1d:69:67:85: 22:28:eb:0a:83:83:48:19:2c:a8:06:8a:b8:20:54:5f:bf:21: 97:ab:b1:3b:80:22:d8:5b:87:a4:ea:42:03:45:75:e9:63:9e: 19:a5:50:45:5b:52:e4:54:73:c8:9e:2e:0a:31:21:2e:09:ee: 79:30:c1:d8:00:e3:19:3b:19:e0:d7:65:be:f5:b8:c2:da:dc: d3:25:1d:f1:8e:f3:e3:1c:17:ca:3d:2e:47:16:c1:41:85:41: 34:4a:a7:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnrmXoXPbBPMGb2xP4U9/qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0Y2Y5YzA3NDNiMDNkNWUwNDVmNDZlOWFjZjRlODAwYTlm MThhOGUwHhcNMjUxMjE2MTUwMTM5WhcNMjUxMjE3MTUwMTM5WjAzMTEwLwYDVQQD EyhmMDdlMjllZWY3OTc1ZmE0YmM0ZTkxOTY1MTYwMjJmNTEzMGYzMzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuASSQWBQkdu5Q1As9Yn8RMGnrY7X NdFf/h+a75k14+j0vkRiSnBWqVr6ZAkZf7Fe1cuSXhPtOaCFAVuYVHRrUZEZHoSS ARJIJl176aVjsaH/h6D1TPzjEgMTdX13tQf+8LUtIvjWZkW8OcR3DNdsmFw/HQ/N 69EvtzYUJcujx5j+2UwQY+48xDvd8xbGtGGYDE59ENiwZp1dIInKGz/GjVJeTWdd uO0+2AhV9M3AMno1IOSgEtUk5nGhPd79FE8+9WbZdu0jbVVPWjAfMQSvoKlJUf5w gEdB8ED2aEsA+ednb3G+9ISGB94pvRjdarT8l9Uv043ZzFxBI0PJqXMlVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPB+Ke73l1+kvE6RllFgIvUTDzNFMB8GA1UdIwQY MBaAFDTPnAdDsD1eBF9G6az06ACp8YqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMt ZWU4MDM1YmJiNGMxLzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMtZWU4MDM1YmJiNGMx LzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLIC0Mg6 2aJzO480f2bBOB0usCKnxvfghetoVe+JvBtHRcQR69agDNxvIKgbDCgs3dL465yy 9dKbtdVdVmtrgQhp6DblMbFfhSHJ2XPGy8sIY/ENWytM+g2wV9zek3h53GpNl6r+ x7tC444qK9xAxsHapsqe9lOZWdr2/lnfo1bg10vpj56s6fXGcxWDXh7C1e7Z+9Zc c/R5HF4n6D4daWeFIijrCoODSBksqAaKuCBUX78hl6uxO4Ai2FuHpOpCA0V16WOe GaVQRVtS5FRzyJ4uCjEhLgnueTDB2ADjGTsZ4NdlvvW4wtrc0yUd8Y7z4xwXyj0u RxbBQYVBNEqnQg== -----END CERTIFICATE-----Generated at Tue Dec 16 17:54:05 2025 by rpki-client