This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft File: nzeBglGggdHMfzAVMg62NSZwm5E.mft (raw, json) Hash identifier: ZNYArN6SlQuPS1mklYJSUcLK7fV9e1Bl5Xy6+T9VIpQ= Subject key identifier: 87:5D:29:87:2A:81:A5:51:96:75:EE:73:50:ED:9E:B7:7C:AE:CE:8C Authority key identifier: 9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91 Certificate issuer: /CN=9f37818251a081d1cc7f3015320eb63526709b91 Certificate serial: 019B25514C30B3A1FD6A7F962D6A72E4561F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft Manifest number: 07E5 Signing time: Tue 16 Dec 2025 04:00:43 +0000 Manifest this update: Tue 16 Dec 2025 04:00:43 +0000 Manifest next update: Wed 17 Dec 2025 04:00:43 +0000 Files and hashes: 1: nzeBglGggdHMfzAVMg62NSZwm5E.crl (hash: VjRIplQoCByKpgXba0FcxNaR9FeZEx9zdfdkjQod8gE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:51:4c:30:b3:a1:fd:6a:7f:96:2d:6a:72:e4:56:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f37818251a081d1cc7f3015320eb63526709b91 Validity Not Before: Dec 16 04:00:43 2025 GMT Not After : Dec 17 04:00:43 2025 GMT Subject: CN=875d29872a81a5519675ee7350ed9eb77caece8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:77:6f:b5:81:3d:db:76:8f:36:ea:aa:b7:80: 27:8a:fa:90:bb:8d:31:b6:b2:8a:3d:bc:b7:00:8f: 08:3f:67:55:48:b4:10:47:71:fd:8b:b1:00:f8:23: e4:34:77:f6:94:a6:31:92:0d:20:66:bd:6f:4a:cb: 59:d1:67:40:7e:9e:6a:09:2f:3b:a1:68:55:d4:de: 03:3c:2d:fc:5a:f4:1a:2c:b8:0e:45:f5:95:50:4c: a0:46:35:39:70:ec:fa:72:b3:b0:93:a5:6d:bb:c6: 14:e8:84:01:e3:9e:6d:bb:21:91:43:90:f8:ce:67: 07:c5:64:7f:64:91:72:5a:41:e5:d3:ec:e5:d5:c3: 8d:3b:a2:ec:b9:c6:45:69:8d:ce:39:89:85:d5:7a: 93:1b:bc:63:43:e8:9b:d0:71:5b:be:ea:0f:55:3f: 9b:49:42:cd:bf:16:2c:5b:f7:39:03:66:90:00:71: a4:f0:41:5b:82:82:9a:8a:ef:89:2b:03:5d:4c:4b: 00:4e:b9:4b:20:ef:c3:a2:ff:2a:d1:fd:54:dd:9c: 75:31:ac:6d:cd:87:6c:b0:21:32:81:fc:6a:09:6d: 6b:b2:c5:bf:1f:83:05:78:55:cf:23:5b:b6:da:3b: 2e:02:09:57:47:0d:6e:f8:02:68:03:65:3a:23:7e: 11:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:5D:29:87:2A:81:A5:51:96:75:EE:73:50:ED:9E:B7:7C:AE:CE:8C X509v3 Authority Key Identifier: keyid:9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:69:db:a3:16:48:36:5a:d9:85:23:da:b6:b6:2e:4d:3c:ad: 47:44:e7:d3:2c:cd:a0:94:0a:2e:e7:fc:68:7d:c5:07:01:4a: 6e:1c:8f:ee:ec:54:ed:4a:82:b0:b9:ef:2a:e6:df:cf:3e:27: c2:e9:8f:68:35:a3:a1:25:ed:01:a7:8a:93:ff:fb:d9:32:6c: ba:0a:7e:22:04:3c:f7:ed:f6:ba:b9:b1:43:e7:71:ba:c1:a3: 2d:ee:29:0e:e5:95:23:f7:88:3b:bd:43:08:2f:0e:78:59:c0: cf:38:df:cb:e2:67:29:35:40:3e:6c:d1:3f:f2:0b:73:16:e0: 53:0a:77:23:dd:a3:95:fb:2c:b1:c5:02:07:4c:bd:dc:e8:7c: 76:d2:db:8b:3c:ce:b6:b9:db:82:13:59:80:26:d8:9b:27:19: e1:01:06:ac:8d:7e:c2:0a:f8:05:29:19:f0:ed:df:7f:ba:01: 22:01:99:fd:a4:42:96:4a:03:29:f3:23:c5:7b:93:06:7d:7b: ad:8c:60:34:56:9c:62:f8:7d:96:65:1d:a9:6d:96:0a:84:9d: 88:44:63:05:1e:8a:a5:cc:43:1b:2a:23:2f:31:8e:e4:6d:1a: 20:58:41:aa:86:58:ed:41:3f:b3:ff:ab:72:1f:23:72:a9:1c: 26:2c:02:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslUUwws6H9an+WLWpy5FYfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMzc4MTgyNTFhMDgxZDFjYzdmMzAxNTMyMGViNjM1MjY3 MDliOTEwHhcNMjUxMjE2MDQwMDQzWhcNMjUxMjE3MDQwMDQzWjAzMTEwLwYDVQQD Eyg4NzVkMjk4NzJhODFhNTUxOTY3NWVlNzM1MGVkOWViNzdjYWVjZThjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXdvtYE923aPNuqqt4AnivqQu40x trKKPby3AI8IP2dVSLQQR3H9i7EA+CPkNHf2lKYxkg0gZr1vSstZ0WdAfp5qCS87 oWhV1N4DPC38WvQaLLgORfWVUEygRjU5cOz6crOwk6Vtu8YU6IQB455tuyGRQ5D4 zmcHxWR/ZJFyWkHl0+zl1cONO6LsucZFaY3OOYmF1XqTG7xjQ+ib0HFbvuoPVT+b SULNvxYsW/c5A2aQAHGk8EFbgoKaiu+JKwNdTEsATrlLIO/Dov8q0f1U3Zx1Maxt zYdssCEygfxqCW1rssW/H4MFeFXPI1u22jsuAglXRw1u+AJoA2U6I34RIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIddKYcqgaVRlnXuc1Dtnrd8rs6MMB8GA1UdIwQY MBaAFJ83gYJRoIHRzH8wFTIOtjUmcJuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQt NmIyZjUyNjA0N2E5LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQtNmIyZjUyNjA0N2E5 LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2nboxZI NlrZhSPatrYuTTytR0Tn0yzNoJQKLuf8aH3FBwFKbhyP7uxU7UqCsLnvKubfzz4n wumPaDWjoSXtAaeKk//72TJsugp+IgQ89+32urmxQ+dxusGjLe4pDuWVI/eIO71D CC8OeFnAzzjfy+JnKTVAPmzRP/ILcxbgUwp3I92jlfssscUCB0y93Oh8dtLbizzO trnbghNZgCbYmycZ4QEGrI1+wgr4BSkZ8O3ff7oBIgGZ/aRClkoDKfMjxXuTBn17 rYxgNFacYvh9lmUdqW2WCoSdiERjBR6KpcxDGyojLzGO5G0aIFhBqoZY7UE/s/+r ch8jcqkcJiwCfw== -----END CERTIFICATE-----Generated at Tue Dec 16 06:19:39 2025 by rpki-client