This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json) Hash identifier: f7ATbjYRsOjLXhbeRh7I845XEZGkcZf88PCsD9NfbUg= Subject key identifier: DC:D3:05:1C:93:76:CE:FD:43:7D:07:05:B8:3C:07:04:4E:1E:6A:92 Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Certificate serial: 019B292EA15B352DD3C3587D2CFAC6F12AD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft Manifest number: 09F6 Signing time: Tue 16 Dec 2025 22:01:20 +0000 Manifest this update: Tue 16 Dec 2025 22:01:20 +0000 Manifest next update: Wed 17 Dec 2025 22:01:20 +0000 Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=) 2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: Pp9jqe2syK06pOKI8ZEIEYI+BywrWuT6phhoGuDIyrI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 19:20:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:29:2e:a1:5b:35:2d:d3:c3:58:7d:2c:fa:c6:f1:2a:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Validity Not Before: Dec 16 22:01:20 2025 GMT Not After : Dec 17 22:01:20 2025 GMT Subject: CN=dcd3051c9376cefd437d0705b83c07044e1e6a92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:ca:2b:11:0c:da:77:2d:47:b5:ba:a1:fc:ca: 83:72:2a:0b:0b:11:e5:cc:a4:1f:ee:2d:39:23:3e: 0c:0e:32:ed:41:fc:c5:10:2d:ce:59:64:01:95:9b: 44:d3:ea:a1:7b:b2:14:ce:34:8e:4d:43:c6:c1:59: a7:f2:8b:a4:f6:d9:0b:46:a7:8f:3d:26:54:ab:2e: 7b:2c:d5:e6:1e:2d:06:1e:65:ba:db:3c:8c:29:3e: e0:7d:13:b7:ff:11:78:09:79:81:66:dd:3c:62:6f: de:b6:97:a0:1d:b0:de:6b:27:5b:67:d1:72:5f:fe: 5b:39:e8:1e:95:89:a9:ea:bf:f0:de:2b:c0:a0:62: fd:3e:87:7e:d3:35:a4:70:9b:93:14:fb:ca:5a:24: d7:b2:8a:05:02:2d:c1:20:31:f3:c1:bc:78:68:16: 94:49:fb:9c:5c:6d:1f:92:4e:16:06:39:19:f0:a1: e7:70:90:02:ec:f4:d8:2b:07:48:31:86:06:7b:88: 4e:45:a4:65:3e:d3:1d:03:52:c3:ab:82:07:63:15: bc:5c:91:50:68:0d:65:7c:64:6d:ef:bb:f9:37:5c: 9a:6d:79:47:63:1b:27:86:45:3f:9c:7f:2f:10:2b: f7:3f:4e:b7:d6:9e:f6:17:3b:00:77:93:e1:7b:b7: 54:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:D3:05:1C:93:76:CE:FD:43:7D:07:05:B8:3C:07:04:4E:1E:6A:92 X509v3 Authority Key Identifier: keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:fd:fe:22:58:39:25:53:e9:f0:ba:27:9e:b3:7a:a5:a5:bd: 42:ea:58:30:04:12:1d:7c:c6:c4:2f:39:35:d5:96:43:a7:89: 97:0c:53:33:ce:41:08:70:af:a3:c4:52:3d:46:87:e4:45:44: bb:b6:96:e8:4a:6c:62:11:a6:7e:b8:d2:af:ed:f9:9a:ea:83: 54:66:4a:7e:3f:61:e9:76:b1:32:e4:4e:25:86:16:bc:ba:e1: 27:ac:c6:b4:90:75:05:a4:c5:62:84:d6:d3:50:87:51:ba:46: ea:8a:af:92:e0:df:86:d7:b4:3c:09:74:86:61:3a:00:19:9c: ad:23:bd:0b:b9:ca:48:a0:23:7b:0f:ba:1d:c4:65:d2:24:97: 55:48:73:40:cd:d7:fb:cc:00:c6:d1:b2:31:a8:a3:ef:f4:15: c1:70:43:b7:3f:65:b9:7c:06:0f:1e:21:30:08:e9:4b:d1:4b: 9a:59:20:82:9a:a3:91:e1:48:b1:c4:dd:97:10:88:14:21:ba: fc:7c:1f:eb:cc:38:86:07:ec:05:d5:25:b8:c8:92:8d:55:7b: d6:d2:d6:a4:4c:e5:df:56:e5:44:cc:6e:43:ba:13:42:66:24: b2:52:70:a8:9d:12:c3:53:a7:11:44:8e:aa:60:df:d8:e1:85: 63:96:63:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZspLqFbNS3Tw1h9LPrG8SrXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx ZTkxYTAwHhcNMjUxMjE2MjIwMTIwWhcNMjUxMjE3MjIwMTIwWjAzMTEwLwYDVQQD EyhkY2QzMDUxYzkzNzZjZWZkNDM3ZDA3MDViODNjMDcwNDRlMWU2YTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMorEQzady1Htbqh/MqDcioLCxHl zKQf7i05Iz4MDjLtQfzFEC3OWWQBlZtE0+qhe7IUzjSOTUPGwVmn8ouk9tkLRqeP PSZUqy57LNXmHi0GHmW62zyMKT7gfRO3/xF4CXmBZt08Ym/etpegHbDeaydbZ9Fy X/5bOegelYmp6r/w3ivAoGL9Pod+0zWkcJuTFPvKWiTXsooFAi3BIDHzwbx4aBaU SfucXG0fkk4WBjkZ8KHncJAC7PTYKwdIMYYGe4hORaRlPtMdA1LDq4IHYxW8XJFQ aA1lfGRt77v5N1yabXlHYxsnhkU/nH8vECv3P0631p72FzsAd5Phe7dUewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNzTBRyTds79Q30HBbg8BwROHmqSMB8GA1UdIwQY MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0 LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASP3+Ilg5 JVPp8LonnrN6paW9QupYMAQSHXzGxC85NdWWQ6eJlwxTM85BCHCvo8RSPUaH5EVE u7aW6EpsYhGmfrjSr+35muqDVGZKfj9h6XaxMuROJYYWvLrhJ6zGtJB1BaTFYoTW 01CHUbpG6oqvkuDfhte0PAl0hmE6ABmcrSO9C7nKSKAjew+6HcRl0iSXVUhzQM3X +8wAxtGyMaij7/QVwXBDtz9luXwGDx4hMAjpS9FLmlkggpqjkeFIscTdlxCIFCG6 /Hwf68w4hgfsBdUluMiSjVV71tLWpEzl31blRMxuQ7oTQmYkslJwqJ0Sw1OnEUSO qmDf2OGFY5Zj4Q== -----END CERTIFICATE-----Generated at Wed Dec 17 04:19:08 2025 by rpki-client