This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft File: nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json) Hash identifier: E81l93d57CTxWOGmbmACIMhQJqIjG/Go7oBwm4VlQBY= Subject key identifier: B4:A3:A6:D5:6A:DC:91:0B:DA:C6:8E:D3:AF:D6:6A:44:2D:7A:66:35 Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70 Certificate issuer: /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70 Certificate serial: 019B462660D2FB1321B46B19573A410F8EB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft Manifest number: 093B Signing time: Mon 22 Dec 2025 13:01:18 +0000 Manifest this update: Mon 22 Dec 2025 13:01:18 +0000 Manifest next update: Tue 23 Dec 2025 13:01:18 +0000 Files and hashes: 1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: bnkpl+K0kivsaZQwnMlDO0IIxsjVY1WkuZBqJIsp2FI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:26:60:d2:fb:13:21:b4:6b:19:57:3a:41:0f:8e:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70 Validity Not Before: Dec 22 13:01:18 2025 GMT Not After : Dec 23 13:01:18 2025 GMT Subject: CN=b4a3a6d56adc910bdac68ed3afd66a442d7a6635 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d8:1f:25:37:bd:7c:8f:d6:1f:c4:cc:26:16: d2:cf:6e:2c:fc:16:f5:38:75:95:30:71:8c:3b:ca: f4:7e:82:31:07:0a:a2:f9:f2:48:5c:9f:67:35:e0: 7f:94:0f:19:1c:53:cc:d9:10:62:a1:a1:19:58:36: b0:b8:c8:2c:c9:bc:87:db:60:56:f5:79:47:96:af: 40:97:e5:bb:d2:9f:e5:d1:7c:aa:db:08:a1:d7:13: ba:3d:3e:27:27:96:b8:d5:be:62:d0:f7:a5:cc:36: 47:00:ee:cd:0d:48:02:22:f5:cb:23:18:da:86:15: 2d:41:66:95:8b:e1:31:6f:4b:ba:83:ff:a5:05:f6: fd:1d:e0:88:d9:cd:d9:74:da:f4:6c:0a:4b:32:dc: 75:7b:46:cb:8a:d5:6f:de:65:e8:9b:08:a4:5c:51: 2a:07:2c:5f:89:42:5f:b8:75:f7:3b:99:e5:fa:0a: 24:7e:f5:35:0c:d5:ab:19:ee:3f:f7:48:10:d2:07: 2d:9a:eb:65:3a:eb:bf:9b:71:6f:a5:87:ba:f0:c1: 8d:70:cf:80:49:ec:b4:ea:50:7d:7f:32:c1:32:8b: 6e:c7:2c:83:e4:02:29:5f:61:bb:54:66:5f:11:7d: e9:f7:98:e6:fb:67:8b:cc:41:34:29:02:c7:ec:76: ca:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:A3:A6:D5:6A:DC:91:0B:DA:C6:8E:D3:AF:D6:6A:44:2D:7A:66:35 X509v3 Authority Key Identifier: keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:1e:51:73:ee:bf:6e:07:99:46:f7:b4:a6:98:85:f0:c2:a8: 9f:0b:6b:c4:69:a5:0a:0f:83:00:e1:35:e8:4e:46:81:5c:20: 43:e3:1c:da:ad:b0:4f:4f:ef:72:d9:d5:71:75:55:e2:55:73: 1f:9f:b0:a6:e5:cb:97:61:f5:26:77:5b:d5:e3:17:be:ff:37: 11:b6:27:c6:45:f8:9c:5d:cd:b4:f4:ca:e5:ef:53:de:3e:a8: a9:3c:e0:f1:35:33:5c:9c:f6:22:7a:b9:99:25:c9:9e:f9:72: 4a:4e:f0:84:ab:89:f4:d0:c8:a0:cc:78:e8:bc:ba:7b:b9:8e: 87:5a:60:70:b2:63:76:8d:c8:41:2e:87:b5:08:e9:43:03:6c: c3:cb:7f:b7:7e:6f:ca:78:ab:ed:e2:ae:4a:09:34:f1:2e:e1: 64:1e:27:92:ac:44:08:d8:55:1e:8e:a5:db:7e:6a:f6:2d:c1: 2d:c0:8b:7f:97:7e:b0:46:73:21:3a:dd:7d:db:5a:c0:53:ad: ed:44:c8:1d:68:2c:7e:19:3f:77:81:32:28:f6:32:70:62:51: 6b:0c:80:33:1e:c1:27:88:cc:3f:df:9b:87:91:2b:cd:bd:4d: 55:2b:20:e3:21:19:18:6f:7a:80:54:5a:39:d9:6b:db:d1:90: 55:b4:f4:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJmDS+xMhtGsZVzpBD462MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx YmRiNzAwHhcNMjUxMjIyMTMwMTE4WhcNMjUxMjIzMTMwMTE4WjAzMTEwLwYDVQQD EyhiNGEzYTZkNTZhZGM5MTBiZGFjNjhlZDNhZmQ2NmE0NDJkN2E2NjM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9gfJTe9fI/WH8TMJhbSz24s/Bb1 OHWVMHGMO8r0foIxBwqi+fJIXJ9nNeB/lA8ZHFPM2RBioaEZWDawuMgsybyH22BW 9XlHlq9Al+W70p/l0Xyq2wih1xO6PT4nJ5a41b5i0PelzDZHAO7NDUgCIvXLIxja hhUtQWaVi+Exb0u6g/+lBfb9HeCI2c3ZdNr0bApLMtx1e0bLitVv3mXomwikXFEq ByxfiUJfuHX3O5nl+gokfvU1DNWrGe4/90gQ0gctmutlOuu/m3FvpYe68MGNcM+A Sey06lB9fzLBMotuxyyD5AIpX2G7VGZfEX3p95jm+2eLzEE0KQLH7HbKTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSjptVq3JEL2saO06/WakQtemY1MB8GA1UdIwQY MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADh5Rc+6/ bgeZRve0ppiF8MKonwtrxGmlCg+DAOE16E5GgVwgQ+Mc2q2wT0/vctnVcXVV4lVz H5+wpuXLl2H1Jndb1eMXvv83EbYnxkX4nF3NtPTK5e9T3j6oqTzg8TUzXJz2Inq5 mSXJnvlySk7whKuJ9NDIoMx46Ly6e7mOh1pgcLJjdo3IQS6HtQjpQwNsw8t/t35v ynir7eKuSgk08S7hZB4nkqxECNhVHo6l235q9i3BLcCLf5d+sEZzITrdfdtawFOt 7UTIHWgsfhk/d4EyKPYycGJRawyAMx7BJ4jMP9+bh5Erzb1NVSsg4yEZGG96gFRa Odlr29GQVbT0Dg== -----END CERTIFICATE-----Generated at Mon Dec 22 22:32:57 2025 by rpki-client