This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json) Hash identifier: hBniyG1smj1OwG792y+/BAUnzZwwCW/Q0uFt3dxc9O8= Subject key identifier: EA:2B:2E:AC:43:8D:34:4E:79:A7:EB:9C:1F:B6:4D:F6:03:D2:3E:4F Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Certificate serial: 019B59E44DAF540A05212FF0E199983AC295 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 09:01:32 +0000 Manifest this update: Fri 26 Dec 2025 09:01:32 +0000 Manifest next update: Sat 27 Dec 2025 09:01:32 +0000 Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: SNxAw7yMMp5F2vng0Y/cavewSG1L4gAcxthn045gTr4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:4d:af:54:0a:05:21:2f:f0:e1:99:98:3a:c2:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Validity Not Before: Dec 26 09:01:32 2025 GMT Not After : Dec 27 09:01:32 2025 GMT Subject: CN=ea2b2eac438d344e79a7eb9c1fb64df603d23e4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:4f:1a:5c:78:95:73:5d:b6:4a:71:03:18:d0: 5e:01:4b:f7:0e:80:cb:d8:a2:28:30:3a:f4:24:6a: 83:20:bd:06:b0:63:f3:a8:29:ef:82:57:e1:87:0b: c1:f1:8f:d1:c8:f0:5c:bb:9f:9b:f2:65:43:82:5e: 9c:2e:54:b5:1b:ee:85:53:ef:fe:6f:0b:4e:2f:37: 9f:a9:36:68:21:5d:25:f0:b5:f0:6e:47:dc:82:b9: 42:ed:38:cf:b0:b8:56:b6:ca:8e:4c:8b:2e:2d:13: 44:e9:9b:bb:c5:cd:c0:59:24:ea:c2:fa:9f:d5:a0: 3c:db:3c:62:93:cd:22:a7:c1:4c:0e:1b:1d:ad:59: 2f:ad:89:e9:9c:53:3d:8f:75:f9:55:4c:3a:db:5f: fc:f9:eb:a5:e0:9e:a5:a7:01:73:f9:54:db:ab:ce: f6:22:41:03:e5:1b:df:28:d9:74:76:57:c9:b5:52: 54:33:4e:c4:14:7a:b2:f4:4d:f1:83:53:1d:6d:5a: 04:e0:90:34:df:71:89:d1:39:35:43:29:01:d1:ee: 8c:e9:9a:87:e2:2c:52:fa:16:44:80:99:03:d2:24: 83:93:f7:3d:d9:29:2d:12:33:88:29:bd:8d:24:c7: 84:cf:59:b0:ac:92:a9:3d:7c:89:85:f0:99:7a:26: 62:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:2B:2E:AC:43:8D:34:4E:79:A7:EB:9C:1F:B6:4D:F6:03:D2:3E:4F X509v3 Authority Key Identifier: keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:60:23:40:a1:11:68:a8:ac:94:5d:53:85:88:f8:e6:fc:ac: 8d:32:9c:9d:63:d7:bd:bf:64:ba:12:62:51:5f:ca:c9:f3:b9: cb:be:cc:20:a9:d4:9a:f8:ac:70:a6:a8:7a:e0:74:6c:c1:c1: a4:17:bc:50:f1:24:72:56:eb:2e:4f:7f:ad:27:d0:7b:2a:89: 68:32:1d:03:6b:b3:c9:05:1e:0b:9d:2a:6e:50:b3:7f:0e:0e: f6:3b:80:73:c5:40:f8:42:22:d2:0b:4e:17:91:bd:46:48:75: 54:10:be:c5:5f:e2:2b:34:b9:af:5e:b4:61:3a:4f:1b:a3:7c: 56:15:85:e5:d6:0f:1d:fe:f7:bd:6c:2d:3b:72:22:62:82:08: 42:cc:b3:ff:89:93:4c:2c:52:c6:be:b4:e3:ca:05:27:ba:78: d7:9a:99:b2:f4:60:51:87:e7:d6:cf:8b:4b:5d:52:f6:5d:0f: fc:83:d6:42:50:d7:95:08:5c:e3:45:f0:2a:8b:2c:b4:76:eb: 57:1c:d0:13:df:42:57:c9:e0:87:79:a4:56:78:ff:90:6a:29: e2:80:e0:38:e3:54:b8:c8:c2:dd:29:5f:42:b9:9d:1d:59:f7: 90:11:f4:64:c5:49:7f:8c:29:dd:d7:df:9b:6e:d2:af:d2:30: 4b:f5:1e:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5E2vVAoFIS/w4ZmYOsKVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0 ZGQzODUwHhcNMjUxMjI2MDkwMTMyWhcNMjUxMjI3MDkwMTMyWjAzMTEwLwYDVQQD EyhlYTJiMmVhYzQzOGQzNDRlNzlhN2ViOWMxZmI2NGRmNjAzZDIzZTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE8aXHiVc122SnEDGNBeAUv3DoDL 2KIoMDr0JGqDIL0GsGPzqCnvglfhhwvB8Y/RyPBcu5+b8mVDgl6cLlS1G+6FU+/+ bwtOLzefqTZoIV0l8LXwbkfcgrlC7TjPsLhWtsqOTIsuLRNE6Zu7xc3AWSTqwvqf 1aA82zxik80ip8FMDhsdrVkvrYnpnFM9j3X5VUw621/8+eul4J6lpwFz+VTbq872 IkED5RvfKNl0dlfJtVJUM07EFHqy9E3xg1MdbVoE4JA033GJ0Tk1QykB0e6M6ZqH 4ixS+hZEgJkD0iSDk/c92SktEjOIKb2NJMeEz1mwrJKpPXyJhfCZeiZiaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOorLqxDjTROeafrnB+2TfYD0j5PMB8GA1UdIwQY MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4 LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAImAjQKER aKislF1ThYj45vysjTKcnWPXvb9kuhJiUV/KyfO5y77MIKnUmviscKaoeuB0bMHB pBe8UPEkclbrLk9/rSfQeyqJaDIdA2uzyQUeC50qblCzfw4O9juAc8VA+EIi0gtO F5G9Rkh1VBC+xV/iKzS5r160YTpPG6N8VhWF5dYPHf73vWwtO3IiYoIIQsyz/4mT TCxSxr6048oFJ7p415qZsvRgUYfn1s+LS11S9l0P/IPWQlDXlQhc40XwKosstHbr VxzQE99CV8ngh3mkVnj/kGop4oDgOONUuMjC3SlfQrmdHVn3kBH0ZMVJf4wp3dff m27Sr9IwS/UeBw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:15 2025 by rpki-client