This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft File: nRfZOI52MabRmvsrJkJ5WiTIQIE.mft (raw, json) Hash identifier: et+EJiHdfTUrtmKvDVDzPD0xeKqb7mFHYwAnviOVT7s= Subject key identifier: B2:38:A3:9D:D6:F2:AF:FC:60:AB:88:AA:16:7A:44:3F:6C:D1:D1:60 Authority key identifier: 9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81 Certificate issuer: /CN=9d17d9388e7631a6d19afb2b2642795a24c84081 Certificate serial: 019B3AFD54A066EB1DA064FEEC5A02F297B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft Manifest number: 178C Signing time: Sat 20 Dec 2025 09:00:39 +0000 Manifest this update: Sat 20 Dec 2025 09:00:39 +0000 Manifest next update: Sun 21 Dec 2025 09:00:39 +0000 Files and hashes: 1: nRfZOI52MabRmvsrJkJ5WiTIQIE.crl (hash: d8+y9Dn75v1nAnEbcLxVNF8afK/8SaYlh40rvoHbhsA=) 2: u2BNAAC7Dm0euPOTB8HOX-QylyE.roa (hash: GNqBAmVB3is0CDKmPUm0vfs8TWmU1YL168pv/EKk5Z4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:54:a0:66:eb:1d:a0:64:fe:ec:5a:02:f2:97:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d17d9388e7631a6d19afb2b2642795a24c84081 Validity Not Before: Dec 20 09:00:39 2025 GMT Not After : Dec 21 09:00:39 2025 GMT Subject: CN=b238a39dd6f2affc60ab88aa167a443f6cd1d160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:99:53:d7:af:f1:b5:35:3e:44:7c:95:8c:28: 92:55:7d:30:60:0d:f3:9a:cd:cd:6a:82:98:d4:75: 70:bf:5a:a7:48:e9:e5:08:66:9e:5d:4a:31:eb:ea: 15:27:02:0c:10:6d:cd:6d:e9:45:4f:48:f4:b5:a7: 44:23:b6:08:b9:e1:44:ef:7b:db:c7:37:cd:e4:bf: 11:79:61:3b:0b:70:bb:c2:d8:3b:07:93:76:c6:93: 88:39:91:18:55:70:a6:26:30:fa:83:7b:2a:e2:4a: 06:4f:17:5e:4d:d0:82:09:3f:0f:eb:15:13:e7:94: 13:61:d8:48:9b:a6:ad:82:45:28:8c:45:b8:b2:7e: 8d:52:82:11:70:65:67:35:38:39:90:02:54:d9:da: c9:c4:f1:c7:51:82:32:c7:e7:3c:1b:0a:dc:17:9b: 01:f3:3a:8c:b8:7e:1a:dd:19:eb:67:fa:07:89:a1: 86:e7:2a:54:6d:0b:ae:14:a9:ed:10:25:44:c6:de: 07:57:15:0b:c4:71:f9:60:31:58:e0:e5:88:f7:89: 4f:60:79:68:9b:01:d3:93:94:37:3d:81:5d:26:71: c1:22:eb:62:dc:e4:6a:52:b2:a0:d6:63:d2:4d:a5: a6:a6:eb:df:8e:d7:80:f8:1d:a5:db:50:da:58:fb: b6:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:38:A3:9D:D6:F2:AF:FC:60:AB:88:AA:16:7A:44:3F:6C:D1:D1:60 X509v3 Authority Key Identifier: keyid:9D:17:D9:38:8E:76:31:A6:D1:9A:FB:2B:26:42:79:5A:24:C8:40:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRfZOI52MabRmvsrJkJ5WiTIQIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e8444-8da5-466b-8400-7bd96d9c6286/1/nRfZOI52MabRmvsrJkJ5WiTIQIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:03:37:e3:24:08:09:ea:47:5c:73:6e:ba:5d:93:31:e8:05: 06:e1:28:3e:66:64:53:2b:dc:f9:5a:bb:4b:55:83:7c:f2:46: d1:f8:f7:d7:f8:e7:84:69:f4:a9:4a:49:3e:c4:e9:c6:8b:4e: b3:00:a5:4e:42:3d:62:ea:16:6a:c0:b5:82:46:ad:f9:fc:2e: e9:2f:15:3b:f7:ad:fc:31:15:9f:65:fa:ba:75:ba:9f:09:4b: f4:a5:cc:f5:8d:9b:73:32:1b:de:89:70:25:ba:3d:0d:db:46: 03:a1:5f:c0:8a:d3:1b:16:95:c4:5d:59:17:22:94:a1:77:5c: ad:1b:39:6b:ff:1b:c6:2f:4d:79:6e:e4:47:2c:08:a1:89:ba: 9f:42:77:4e:e7:e9:bf:23:f8:85:43:d3:cf:4a:4a:92:83:d4: 3f:6c:7b:1f:26:73:85:76:d1:0f:5a:93:64:b6:24:27:ed:0e: 00:67:f9:78:48:3a:87:9b:f2:5b:72:f2:15:20:a4:9d:65:d6: 70:9e:57:af:36:0b:b7:8f:d2:83:5d:bc:8d:a6:18:54:52:ce: 8d:46:30:e8:ab:ff:89:3e:ed:f8:07:41:36:57:e2:7f:04:3c: 5a:45:11:ef:b2:29:d5:40:d0:0c:65:23:24:46:e5:b1:9a:bb: fb:21:be:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/VSgZusdoGT+7FoC8pezMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMTdkOTM4OGU3NjMxYTZkMTlhZmIyYjI2NDI3OTVhMjRj ODQwODEwHhcNMjUxMjIwMDkwMDM5WhcNMjUxMjIxMDkwMDM5WjAzMTEwLwYDVQQD EyhiMjM4YTM5ZGQ2ZjJhZmZjNjBhYjg4YWExNjdhNDQzZjZjZDFkMTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApplT16/xtTU+RHyVjCiSVX0wYA3z ms3NaoKY1HVwv1qnSOnlCGaeXUox6+oVJwIMEG3NbelFT0j0tadEI7YIueFE73vb xzfN5L8ReWE7C3C7wtg7B5N2xpOIOZEYVXCmJjD6g3sq4koGTxdeTdCCCT8P6xUT 55QTYdhIm6atgkUojEW4sn6NUoIRcGVnNTg5kAJU2drJxPHHUYIyx+c8GwrcF5sB 8zqMuH4a3RnrZ/oHiaGG5ypUbQuuFKntECVExt4HVxULxHH5YDFY4OWI94lPYHlo mwHTk5Q3PYFdJnHBIuti3ORqUrKg1mPSTaWmpuvfjteA+B2l21DaWPu2ZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLI4o53W8q/8YKuIqhZ6RD9s0dFgMB8GA1UdIwQY MBaAFJ0X2TiOdjGm0Zr7KyZCeVokyECBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAt N2JkOTZkOWM2Mjg2LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC82ZTg0NDQtOGRhNS00NjZiLTg0MDAtN2JkOTZkOWM2Mjg2 LzEvblJmWk9JNTJNYWJSbXZzckprSjVXaVRJUUlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwM34yQI CepHXHNuul2TMegFBuEoPmZkUyvc+Vq7S1WDfPJG0fj31/jnhGn0qUpJPsTpxotO swClTkI9YuoWasC1gkat+fwu6S8VO/et/DEVn2X6unW6nwlL9KXM9Y2bczIb3olw Jbo9DdtGA6FfwIrTGxaVxF1ZFyKUoXdcrRs5a/8bxi9NeW7kRywIoYm6n0J3Tufp vyP4hUPTz0pKkoPUP2x7HyZzhXbRD1qTZLYkJ+0OAGf5eEg6h5vyW3LyFSCknWXW cJ5XrzYLt4/Sg128jaYYVFLOjUYw6Kv/iT7t+AdBNlfifwQ8WkUR77Ip1UDQDGUj JEblsZq7+yG+Cw== -----END CERTIFICATE-----Generated at Sat Dec 20 11:29:33 2025 by rpki-client