This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft File: NM-cB0OwPV4EX0bprPToAKnxio4.mft (raw, json) Hash identifier: 6Orif+1lT6/sitWX+VlZU9Qjt/DLm0bDSeylMLPxcQg= Subject key identifier: 67:F5:B7:46:98:DB:94:FC:54:5A:02:96:CE:A0:BC:AC:1A:1A:D1:3E Authority key identifier: 34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E Certificate issuer: /CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e Certificate serial: 019AF19B2AB0EFEDD112EE948BDBB81B2F05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft Manifest number: 0C6D Signing time: Sat 06 Dec 2025 03:01:09 +0000 Manifest this update: Sat 06 Dec 2025 03:01:09 +0000 Manifest next update: Sun 07 Dec 2025 03:01:09 +0000 Files and hashes: 1: NM-cB0OwPV4EX0bprPToAKnxio4.crl (hash: hpsNba29ZgEXwSYybrso0cF6boz067HXjQGVJ1lx4UY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:2a:b0:ef:ed:d1:12:ee:94:8b:db:b8:1b:2f:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e Validity Not Before: Dec 6 03:01:09 2025 GMT Not After : Dec 7 03:01:09 2025 GMT Subject: CN=67f5b74698db94fc545a0296cea0bcac1a1ad13e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:bf:3d:5a:49:1e:26:d6:9a:ed:ae:3e:40:7d: 63:ee:95:94:e5:33:92:e9:25:90:8e:f7:00:6c:b1: 65:38:9b:65:c2:06:20:41:b6:e0:ce:92:ab:01:3c: 2d:b2:73:ae:7d:9b:98:d9:fa:14:02:a2:95:41:49: 46:3d:c3:dc:0c:1d:2b:d8:97:a6:f1:f9:52:ac:3c: eb:10:eb:cf:ca:e7:ed:11:e8:4f:a6:a9:33:c1:ed: ae:f3:73:e8:6f:a8:12:ba:62:83:d8:d0:4e:90:1f: 35:fb:6a:c6:ca:f7:31:32:23:56:ff:01:26:45:8e: e5:34:89:4a:e0:19:7b:5e:30:29:2a:bc:42:5a:ad: 8f:10:32:a6:f7:6c:df:5e:74:d6:e7:38:2c:a4:89: 5c:af:7c:a0:b1:af:19:7c:0a:d1:0f:04:7d:2a:b1: 8e:da:d9:bc:4e:39:9b:c0:ae:e3:be:11:21:35:05: f6:5d:62:90:64:79:fd:e1:ed:dd:4a:13:31:49:36: 72:30:e0:8f:c7:fe:85:11:6f:65:cf:bf:24:94:8b: cd:8e:91:34:81:40:cd:a3:3d:53:37:a6:99:eb:97: 49:5e:c6:11:71:68:da:ec:84:ba:1b:76:8c:a7:aa: 37:f9:4a:88:ba:96:20:9a:ff:02:06:81:de:0f:18: b5:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:F5:B7:46:98:DB:94:FC:54:5A:02:96:CE:A0:BC:AC:1A:1A:D1:3E X509v3 Authority Key Identifier: keyid:34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:22:e1:47:8a:60:d2:f7:07:b0:94:aa:71:de:3a:a9:3e:9f: 76:8b:15:82:a1:9d:b3:4e:39:67:86:c4:2b:78:07:dc:60:08: 85:f1:44:e9:82:eb:b3:ee:a3:ac:22:65:80:10:ce:d7:b7:0f: 57:87:f0:b3:6e:e7:2a:4c:ac:82:24:26:9d:86:cb:04:69:3a: 1b:12:0f:8e:33:aa:e6:2f:66:21:b2:40:32:a9:24:b1:e7:b4: f2:25:ec:05:4a:83:be:fa:c3:cf:d0:cb:b4:ae:c0:45:fe:a4: 1f:94:b4:03:cb:a8:3e:df:2b:0b:3e:e4:c8:88:0b:3d:46:0e: c9:7e:41:bb:e3:36:01:6f:aa:85:a2:1f:67:d7:89:00:38:f1: 9d:bb:36:17:e5:ef:a9:63:a2:e9:89:b8:4f:06:cb:f8:0a:8f: 92:38:04:3e:fa:71:c4:da:9e:3f:e1:84:a4:9e:2a:14:16:46: f6:79:36:f7:49:2f:17:fc:68:79:10:61:31:55:04:c7:23:aa: c1:70:e6:5e:20:30:92:c7:86:d9:76:f1:2a:ef:1d:56:7a:61: c5:89:a6:a7:d2:50:33:71:33:25:bc:a7:84:0e:97:52:48:12: 79:89:12:12:34:83:a0:94:b0:ef:4f:8e:67:f7:84:05:8a:f0: 46:41:25:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmyqw7+3REu6Ui9u4Gy8FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0Y2Y5YzA3NDNiMDNkNWUwNDVmNDZlOWFjZjRlODAwYTlm MThhOGUwHhcNMjUxMjA2MDMwMTA5WhcNMjUxMjA3MDMwMTA5WjAzMTEwLwYDVQQD Eyg2N2Y1Yjc0Njk4ZGI5NGZjNTQ1YTAyOTZjZWEwYmNhYzFhMWFkMTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r89WkkeJtaa7a4+QH1j7pWU5TOS 6SWQjvcAbLFlOJtlwgYgQbbgzpKrATwtsnOufZuY2foUAqKVQUlGPcPcDB0r2Jem 8flSrDzrEOvPyuftEehPpqkzwe2u83Pob6gSumKD2NBOkB81+2rGyvcxMiNW/wEm RY7lNIlK4Bl7XjApKrxCWq2PEDKm92zfXnTW5zgspIlcr3ygsa8ZfArRDwR9KrGO 2tm8TjmbwK7jvhEhNQX2XWKQZHn94e3dShMxSTZyMOCPx/6FEW9lz78klIvNjpE0 gUDNoz1TN6aZ65dJXsYRcWja7IS6G3aMp6o3+UqIupYgmv8CBoHeDxi14wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGf1t0aY25T8VFoCls6gvKwaGtE+MB8GA1UdIwQY MBaAFDTPnAdDsD1eBF9G6az06ACp8YqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMt ZWU4MDM1YmJiNGMxLzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMtZWU4MDM1YmJiNGMx LzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAciLhR4pg 0vcHsJSqcd46qT6fdosVgqGds045Z4bEK3gH3GAIhfFE6YLrs+6jrCJlgBDO17cP V4fws27nKkysgiQmnYbLBGk6GxIPjjOq5i9mIbJAMqkksee08iXsBUqDvvrDz9DL tK7ARf6kH5S0A8uoPt8rCz7kyIgLPUYOyX5Bu+M2AW+qhaIfZ9eJADjxnbs2F+Xv qWOi6Ym4TwbL+AqPkjgEPvpxxNqeP+GEpJ4qFBZG9nk290kvF/xoeRBhMVUExyOq wXDmXiAwkseG2XbxKu8dVnphxYmmp9JQM3EzJbynhA6XUkgSeYkSEjSDoJSw70+O Z/eEBYrwRkEl5A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:49:07 2025 by rpki-client