This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json) Hash identifier: 4nwi/68TYXXmL+UhD7M8NuAdcRhiXaqaiN3hePruYp8= Subject key identifier: 85:8A:DC:D7:67:E9:A0:78:3E:D6:B5:70:C2:C0:93:B6:B7:2E:BA:F5 Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70 Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370 Certificate serial: 019B1A29749816D6C3A2142664390A1337A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft Manifest number: 1778 Signing time: Sun 14 Dec 2025 00:01:23 +0000 Manifest this update: Sun 14 Dec 2025 00:01:23 +0000 Manifest next update: Mon 15 Dec 2025 00:01:23 +0000 Files and hashes: 1: DFk17XzVK0-2LT-y57eUHLqsGoE.roa (hash: dXqY+iE+GyZrGAN3VZSoDHBgCd8KrkAD+zhIs/sw6B0=) 2: InA1Og6sR4YUgU6o-aAa42NlxCE.roa (hash: +mBUSakr5JllZ5ayoZAKPyK7MyouaEc8pwLjmxou6hg=) 3: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: XSDrud0YqrVZ+r/sHHfW3z5GHFEwlLK+UK3UJJTSxcE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1a:29:74:98:16:d6:c3:a2:14:26:64:39:0a:13:37:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=350cce1b9d06dcce8856659536499c1603391370 Validity Not Before: Dec 14 00:01:23 2025 GMT Not After : Dec 15 00:01:23 2025 GMT Subject: CN=858adcd767e9a0783ed6b570c2c093b6b72ebaf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:e2:f6:b8:f5:d9:a1:0a:74:9e:58:e5:c3:dc: e2:d3:2f:c7:d0:36:0c:c4:9d:27:90:d1:19:74:34: 29:9c:6d:c0:bc:ae:a6:5f:12:0a:17:2b:cf:c2:ff: 2e:15:d8:59:51:e2:28:45:5d:be:37:56:0a:56:7a: fb:9c:e2:3d:9c:e3:91:dc:e3:78:06:f0:5a:e0:96: d9:1c:b3:d6:67:2f:31:4b:0a:cb:0d:0d:ca:a2:2f: 30:6e:f5:c0:82:af:fb:52:04:b0:97:a5:91:aa:d3: 8e:86:d1:ae:b1:cd:17:05:9a:fc:dd:aa:73:83:3e: c7:30:b5:5a:a8:fa:b0:f9:1d:1d:f0:a2:68:c1:4d: d2:d6:5e:b7:75:f9:67:c7:5f:af:12:84:4d:ca:cc: 1e:c9:42:cd:99:2e:54:38:64:a0:59:ee:ae:d4:cd: 71:95:4c:52:3b:1b:10:4a:84:f5:00:cc:a9:f8:1b: 62:07:3c:de:1c:a9:be:7f:01:70:59:7c:6f:85:77: dc:6e:0c:69:0b:fa:31:5d:34:08:16:8d:38:01:59: db:9b:81:60:29:00:ac:a7:59:e0:25:d4:55:1f:62: 7c:f4:34:80:6d:12:b7:91:27:64:b8:23:e7:12:a6: 44:d0:28:56:36:bf:3a:66:c9:c9:0c:a4:8e:3f:5c: 3e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8A:DC:D7:67:E9:A0:78:3E:D6:B5:70:C2:C0:93:B6:B7:2E:BA:F5 X509v3 Authority Key Identifier: keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:dd:cd:85:7f:6c:1a:47:73:5d:c7:34:63:1f:93:8a:f2:ff: b1:1d:f1:fa:93:ad:4d:24:47:b2:df:f8:f7:61:97:5f:56:1a: 98:24:ec:07:ec:25:a9:24:30:1a:09:bd:4c:45:89:b1:f1:fd: 78:4d:e9:9f:33:2d:ee:21:83:9f:27:5e:41:38:b6:47:5d:e1: 4d:a9:86:95:96:77:6b:be:cd:7c:0f:58:35:a1:73:a3:a4:e6: d4:f3:ec:d5:a7:db:4e:24:d7:4c:3f:37:5e:1b:9c:5e:00:28: f5:4c:c3:e0:41:c9:1e:af:5e:17:d0:99:21:ed:f0:59:5f:0a: c5:f9:43:2a:14:8b:e6:d0:64:34:53:c4:81:76:21:fb:55:29: 2c:21:9c:56:a2:a1:69:13:d9:c7:71:1a:ba:61:77:2b:f8:9f: f0:d7:5a:96:a7:9c:18:57:95:8c:43:92:a9:5e:5c:17:68:04: 56:e1:9b:a2:04:f2:d0:d4:30:69:b5:49:26:8c:e1:de:3f:86: 78:c0:42:97:72:1f:23:34:8e:54:15:7b:c8:57:1d:7b:fd:f4: 2e:26:af:84:72:c3:99:e0:4f:31:82:2f:f3:83:10:f6:08:f8: d8:8d:03:12:26:20:b1:39:d9:99:11:84:ad:6d:bb:0b:f9:74: 3d:21:9a:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsaKXSYFtbDohQmZDkKEzegMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz OTEzNzAwHhcNMjUxMjE0MDAwMTIzWhcNMjUxMjE1MDAwMTIzWjAzMTEwLwYDVQQD Eyg4NThhZGNkNzY3ZTlhMDc4M2VkNmI1NzBjMmMwOTNiNmI3MmViYWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eL2uPXZoQp0nljlw9zi0y/H0DYM xJ0nkNEZdDQpnG3AvK6mXxIKFyvPwv8uFdhZUeIoRV2+N1YKVnr7nOI9nOOR3ON4 BvBa4JbZHLPWZy8xSwrLDQ3Koi8wbvXAgq/7UgSwl6WRqtOOhtGusc0XBZr83apz gz7HMLVaqPqw+R0d8KJowU3S1l63dflnx1+vEoRNysweyULNmS5UOGSgWe6u1M1x lUxSOxsQSoT1AMyp+BtiBzzeHKm+fwFwWXxvhXfcbgxpC/oxXTQIFo04AVnbm4Fg KQCsp1ngJdRVH2J89DSAbRK3kSdkuCPnEqZE0ChWNr86ZsnJDKSOP1w+DwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIWK3Ndn6aB4Pta1cMLAk7a3Lrr1MB8GA1UdIwQY MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAod3NhX9s GkdzXcc0Yx+TivL/sR3x+pOtTSRHst/492GXX1YamCTsB+wlqSQwGgm9TEWJsfH9 eE3pnzMt7iGDnydeQTi2R13hTamGlZZ3a77NfA9YNaFzo6Tm1PPs1afbTiTXTD83 XhucXgAo9UzD4EHJHq9eF9CZIe3wWV8KxflDKhSL5tBkNFPEgXYh+1UpLCGcVqKh aRPZx3EaumF3K/if8NdalqecGFeVjEOSqV5cF2gEVuGbogTy0NQwabVJJozh3j+G eMBCl3IfIzSOVBV7yFcde/30LiavhHLDmeBPMYIv84MQ9gj42I0DEiYgsTnZmRGE rW27C/l0PSGaow== -----END CERTIFICATE-----Generated at Sun Dec 14 05:11:26 2025 by rpki-client