This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json) Hash identifier: XYBqPizDrsDyVZYDrQdas7iwRsUl2S5LjbbRSwsh3a4= Subject key identifier: 88:3A:F7:F2:91:AC:79:5A:F9:1C:B4:EB:6E:01:44:34:5F:9F:43:D5 Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Certificate serial: 019B4BF2A81557482E4892DB126E9CC64645 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft Manifest number: 0A08 Signing time: Tue 23 Dec 2025 16:02:32 +0000 Manifest this update: Tue 23 Dec 2025 16:02:32 +0000 Manifest next update: Wed 24 Dec 2025 16:02:32 +0000 Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=) 2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: MmvO7/4oEwdkYrCSeM02P0ZOc3pi9OMqQb7vBg8JCBs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:f2:a8:15:57:48:2e:48:92:db:12:6e:9c:c6:46:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Validity Not Before: Dec 23 16:02:32 2025 GMT Not After : Dec 24 16:02:32 2025 GMT Subject: CN=883af7f291ac795af91cb4eb6e0144345f9f43d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1a:3a:91:75:7f:56:1a:26:57:bf:c0:44:af: fe:e2:61:c7:fc:df:9c:5c:7a:d3:9c:3b:30:f0:62: 00:63:f1:f5:39:97:9b:d9:dd:df:bd:56:10:b7:ee: a0:7b:c4:99:87:7a:72:9b:b3:79:83:fb:a0:c2:bf: 60:71:d6:92:32:c4:45:f8:40:0e:e1:b1:be:34:4b: a1:46:63:55:f0:0d:33:2d:d7:19:c1:21:8c:f0:95: a6:1f:28:a0:d2:96:bf:2e:d1:9b:00:1a:f6:f1:b1: 78:f0:d6:9e:00:47:b8:35:60:7a:a7:3e:d5:bc:73: 32:99:15:71:f0:62:8d:5a:1f:c3:eb:53:03:31:5a: 6e:8a:7b:f6:b4:76:56:b8:eb:92:ae:eb:d9:6a:63: 51:8e:f4:3c:f8:3c:83:5a:f2:f0:6d:a6:32:a0:ac: 61:32:14:ad:48:2a:f0:21:2f:21:08:7f:8a:78:24: 4d:84:0b:39:37:5c:d7:ce:7a:43:97:aa:5d:e8:04: 32:b4:9b:92:45:0c:59:88:3d:22:f9:58:4a:51:db: 14:be:e4:a0:4f:d3:37:a8:0a:2c:38:4b:16:19:a1: 65:6d:5e:39:a5:21:c0:2d:f6:b8:70:5f:46:8b:b5: 89:35:f9:9a:5a:c1:c8:58:25:fe:04:a7:56:73:b3: 38:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:3A:F7:F2:91:AC:79:5A:F9:1C:B4:EB:6E:01:44:34:5F:9F:43:D5 X509v3 Authority Key Identifier: keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:a9:e1:c7:e5:a6:2f:65:f2:e0:8d:86:04:24:a5:a1:fa:a9: 11:53:20:a0:9f:94:c4:a2:44:2c:1f:08:3a:dc:33:fc:4e:c4: b9:2a:3b:d9:77:db:34:82:64:c8:6e:ba:d0:c4:60:00:71:5a: 96:40:a5:93:17:32:52:5e:1f:c9:a2:bb:a3:5e:99:c6:e5:a1: 12:81:0d:7e:0d:58:f5:38:a5:22:85:ea:56:f8:a8:d2:34:ab: 97:ad:07:ba:35:1b:f2:c3:01:4c:3e:8f:05:01:47:b3:8d:56: 62:5e:e0:fe:00:85:42:22:d8:6c:22:6f:e5:6d:d4:82:8e:68: f1:bd:45:eb:02:84:29:ee:93:5e:5b:3d:ec:11:9d:27:28:a4: 90:5a:9d:ff:66:ad:54:7a:df:4d:eb:d0:68:ba:ee:7c:ab:ca: c4:43:33:7e:96:bd:2d:ad:bb:d0:90:d0:23:91:55:d0:3e:6e: 76:fd:57:be:0b:42:23:80:42:11:bf:66:36:b9:08:2b:9e:f2: ba:f7:7b:ad:ae:2e:bc:92:4c:20:b4:f7:0d:37:59:3d:d7:05: 25:84:46:7a:ab:f8:e8:7c:b3:79:50:df:44:f7:9b:39:88:d3: a2:6c:06:cc:91:87:07:38:9e:6e:b2:6c:62:6a:f6:7a:8e:dc: fa:8a:97:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtL8qgVV0guSJLbEm6cxkZFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx ZTkxYTAwHhcNMjUxMjIzMTYwMjMyWhcNMjUxMjI0MTYwMjMyWjAzMTEwLwYDVQQD Eyg4ODNhZjdmMjkxYWM3OTVhZjkxY2I0ZWI2ZTAxNDQzNDVmOWY0M2Q1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ho6kXV/VhomV7/ARK/+4mHH/N+c XHrTnDsw8GIAY/H1OZeb2d3fvVYQt+6ge8SZh3pym7N5g/ugwr9gcdaSMsRF+EAO 4bG+NEuhRmNV8A0zLdcZwSGM8JWmHyig0pa/LtGbABr28bF48NaeAEe4NWB6pz7V vHMymRVx8GKNWh/D61MDMVpuinv2tHZWuOuSruvZamNRjvQ8+DyDWvLwbaYyoKxh MhStSCrwIS8hCH+KeCRNhAs5N1zXznpDl6pd6AQytJuSRQxZiD0i+VhKUdsUvuSg T9M3qAosOEsWGaFlbV45pSHALfa4cF9Gi7WJNfmaWsHIWCX+BKdWc7M4MQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIg69/KRrHla+Ry0624BRDRfn0PVMB8GA1UdIwQY MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0 LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIKnhx+Wm L2Xy4I2GBCSlofqpEVMgoJ+UxKJELB8IOtwz/E7EuSo72XfbNIJkyG660MRgAHFa lkClkxcyUl4fyaK7o16ZxuWhEoENfg1Y9TilIoXqVvio0jSrl60HujUb8sMBTD6P BQFHs41WYl7g/gCFQiLYbCJv5W3Ugo5o8b1F6wKEKe6TXls97BGdJyikkFqd/2at VHrfTevQaLrufKvKxEMzfpa9La270JDQI5FV0D5udv1XvgtCI4BCEb9mNrkIK57y uvd7ra4uvJJMILT3DTdZPdcFJYRGeqv46HyzeVDfRPebOYjTomwGzJGHBziebrJs Ymr2eo7c+oqXZQ== -----END CERTIFICATE-----Generated at Tue Dec 23 20:53:36 2025 by rpki-client