This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft File: N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json) Hash identifier: WT3KKLZ2CQ6rIWmaxc484xYbpFIHiKb6wROnXdOGyow= Subject key identifier: 3E:3C:F8:37:96:85:23:A7:AC:7A:BF:81:41:B6:32:AE:30:6E:32:49 Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE Certificate issuer: /CN=37698b4f37d8081c3505ada0baa85221934341be Certificate serial: 019B597669ED94E2E53C1DD1600937B7138F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft Manifest number: 0FF3 Signing time: Fri 26 Dec 2025 07:01:31 +0000 Manifest this update: Fri 26 Dec 2025 07:01:31 +0000 Manifest next update: Sat 27 Dec 2025 07:01:31 +0000 Files and hashes: 1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: sqbOxllAHHdVNys7J1u+OlMOw7aO6xGp7eyMFPYQTKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:69:ed:94:e2:e5:3c:1d:d1:60:09:37:b7:13:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be Validity Not Before: Dec 26 07:01:31 2025 GMT Not After : Dec 27 07:01:31 2025 GMT Subject: CN=3e3cf837968523a7ac7abf8141b632ae306e3249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2a:9e:d9:32:fc:48:34:4c:b6:e9:a4:00:a5: 8a:ab:d9:f9:22:26:ff:ef:f6:9b:04:ad:98:0b:aa: 0c:36:fe:17:2a:b3:22:43:d7:3e:df:24:6a:41:d1: b2:7b:c6:8f:e7:b5:59:4d:72:87:36:84:e9:92:f2: 12:76:39:8a:19:32:0c:9e:5b:8f:99:93:d6:9d:d7: f0:6b:76:50:8e:0b:99:50:fe:fa:0e:a9:33:8c:57: 4f:16:47:4b:05:e6:08:f1:47:7b:74:b0:b4:f0:9c: 41:8d:84:8b:04:c9:a2:be:fb:e0:ae:17:4a:e5:08: 03:2d:d4:54:bf:3d:b3:c8:18:8d:94:e0:63:3b:23: da:7f:14:40:44:d9:15:45:9b:bb:b7:98:4b:c7:ef: 2b:3e:be:ba:31:31:a9:1b:6d:6d:61:95:ea:a4:0b: c7:43:67:2f:c4:83:fe:eb:6c:20:90:09:11:a5:d7: 43:31:74:5c:0c:29:fe:d4:27:51:49:98:46:3f:1a: 22:b1:3b:15:ca:dd:83:43:33:79:49:55:51:ef:66: 71:64:d1:f4:6f:a3:ff:e7:cb:0b:20:8d:c1:55:30: 47:3c:6d:e3:f9:5d:4d:39:ba:ad:c9:87:64:c5:ce: cd:5d:41:29:5f:2e:e5:b8:09:52:9e:dd:1b:e8:39: d2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:3C:F8:37:96:85:23:A7:AC:7A:BF:81:41:B6:32:AE:30:6E:32:49 X509v3 Authority Key Identifier: keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:8f:5d:b7:46:20:87:85:57:16:40:bf:8b:3c:f8:3d:2a:6b: 75:21:09:07:0c:0c:ed:f2:db:7b:ca:41:82:3e:5e:bb:65:a1: 6c:89:8d:4b:f7:d7:af:28:f8:2d:dd:ad:26:aa:1d:f0:dc:e7: b1:f0:97:77:5a:d4:c3:35:73:9a:da:6b:bb:e4:13:67:d7:2a: 8f:fe:e6:f2:08:4d:f3:66:c4:0b:a5:a8:a8:20:b5:1d:2e:6b: a4:04:98:43:3c:cc:8b:1f:5e:dd:41:45:f1:07:4e:1a:b9:bb: 50:37:a7:dd:65:39:48:31:6b:4d:72:4d:38:e6:f8:08:3c:2a: 5b:46:e3:60:d9:3b:63:d1:ff:ca:54:bd:55:7e:67:9e:d3:93: 5e:23:44:16:da:89:fd:57:8e:79:28:5a:4d:8c:d7:ec:8c:85: 3a:0a:2c:c9:fd:19:20:a4:ea:41:b0:02:22:c2:a5:81:4a:65: a5:dc:af:23:a7:df:df:87:69:a7:33:a5:b8:8f:3b:d6:58:23: 31:8a:34:5b:9c:93:1c:23:48:3d:05:53:17:87:65:cf:c6:a2: e7:be:e3:78:92:9b:e4:99:c8:89:24:a3:43:9e:3d:1e:94:18: b3:d4:35:3f:96:07:a4:a4:4f:79:0f:75:ee:cd:4a:dd:ba:27: 2e:b5:ad:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdmntlOLlPB3RYAk3txOPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0 MzQxYmUwHhcNMjUxMjI2MDcwMTMxWhcNMjUxMjI3MDcwMTMxWjAzMTEwLwYDVQQD EygzZTNjZjgzNzk2ODUyM2E3YWM3YWJmODE0MWI2MzJhZTMwNmUzMjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCqe2TL8SDRMtumkAKWKq9n5Iib/ 7/abBK2YC6oMNv4XKrMiQ9c+3yRqQdGye8aP57VZTXKHNoTpkvISdjmKGTIMnluP mZPWndfwa3ZQjguZUP76DqkzjFdPFkdLBeYI8Ud7dLC08JxBjYSLBMmivvvgrhdK 5QgDLdRUvz2zyBiNlOBjOyPafxRARNkVRZu7t5hLx+8rPr66MTGpG21tYZXqpAvH Q2cvxIP+62wgkAkRpddDMXRcDCn+1CdRSZhGPxoisTsVyt2DQzN5SVVR72ZxZNH0 b6P/58sLII3BVTBHPG3j+V1NObqtyYdkxc7NXUEpXy7luAlSnt0b6DnSBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD48+DeWhSOnrHq/gUG2Mq4wbjJJMB8GA1UdIwQY MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXI9dt0Yg h4VXFkC/izz4PSprdSEJBwwM7fLbe8pBgj5eu2WhbImNS/fXryj4Ld2tJqod8Nzn sfCXd1rUwzVzmtpru+QTZ9cqj/7m8ghN82bEC6WoqCC1HS5rpASYQzzMix9e3UFF 8QdOGrm7UDen3WU5SDFrTXJNOOb4CDwqW0bjYNk7Y9H/ylS9VX5nntOTXiNEFtqJ /VeOeShaTYzX7IyFOgosyf0ZIKTqQbACIsKlgUplpdyvI6ff34dppzOluI871lgj MYo0W5yTHCNIPQVTF4dlz8ai577jeJKb5JnIiSSjQ549HpQYs9Q1P5YHpKRPeQ91 7s1K3bonLrWtMw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:27 2025 by rpki-client