This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft File: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json) Hash identifier: 1KnVkWhtNx47NSkVeGcP3sMsb+/oQuKmfZFMnZB6PkA= Subject key identifier: B8:F1:B9:75:D0:D7:94:D5:24:21:67:68:77:79:94:21:BC:9A:26:42 Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 Certificate issuer: /CN=3541e9d600daab653543725cf1f9cf988b50d879 Certificate serial: 019B1E061C4C60B85871FD092775D5E55F3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft Manifest number: 0BDA Signing time: Sun 14 Dec 2025 18:01:15 +0000 Manifest this update: Sun 14 Dec 2025 18:01:15 +0000 Manifest next update: Mon 15 Dec 2025 18:01:15 +0000 Files and hashes: 1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: oDtCJWI0/8iOPn232egbiMYSElGWvZuMZJhjQt5/m+g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 18:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:06:1c:4c:60:b8:58:71:fd:09:27:75:d5:e5:5f:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879 Validity Not Before: Dec 14 18:01:15 2025 GMT Not After : Dec 15 18:01:15 2025 GMT Subject: CN=b8f1b975d0d794d52421676877799421bc9a2642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c0:14:18:9c:68:21:ec:b5:93:57:00:9b:d8: 76:f2:44:a0:da:37:7e:d0:39:5b:6d:fb:f4:5e:7e: df:97:59:11:bf:6c:3a:a1:9f:c9:50:be:1b:9c:94: ff:2c:ad:6b:72:58:42:8e:c9:57:ef:ee:0e:bd:04: 7c:8b:d4:f3:55:c0:73:a5:27:21:e9:91:89:f1:a4: cc:59:de:33:07:9e:3e:72:a6:23:66:67:98:18:79: 1d:26:67:8b:80:fa:79:48:70:50:bb:12:6d:d2:87: 07:63:9d:02:34:75:ea:93:e5:b9:4c:0c:26:07:90: c7:40:c0:b9:38:59:b2:c1:66:2c:5e:6e:c1:7d:1e: 01:63:39:09:8f:b4:e7:46:4d:28:77:16:91:1d:f0: e5:dd:4c:4f:60:67:70:49:17:4c:38:f4:35:31:08: e4:d8:47:0a:04:3c:51:f0:f5:5f:de:83:5d:3f:05: ed:56:1f:d0:ca:ed:fe:a7:8f:13:a4:8a:5c:6d:6e: 91:b0:f7:aa:b8:a1:6e:a1:4c:d8:45:e2:39:23:c1: 9c:fb:2d:3f:20:5a:69:6e:c1:ef:9c:4a:42:60:9e: 75:d9:7a:91:20:96:74:36:4c:fd:02:d9:75:e1:37: 15:13:72:8e:f3:06:48:65:77:0b:8b:be:f8:ec:53: 3e:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:F1:B9:75:D0:D7:94:D5:24:21:67:68:77:79:94:21:BC:9A:26:42 X509v3 Authority Key Identifier: keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:ed:46:df:5d:3d:bc:7c:1f:42:1b:d9:9d:21:9f:d9:04:63: fa:63:95:72:34:94:67:d6:95:5e:5b:a6:d6:f3:11:bb:a1:80: 62:a8:43:c5:6b:15:44:d5:ac:a4:55:e5:d9:df:ff:72:99:08: 3f:32:ef:24:3f:cc:11:1f:61:81:1b:ca:59:5b:29:91:0e:da: 69:ef:9a:0c:ab:18:11:e0:33:88:2d:20:23:6a:52:49:be:2f: 1e:82:c6:bb:99:5d:a0:e4:9c:06:25:7d:b3:7a:c0:23:4c:f5: 73:70:53:38:c4:50:d8:eb:6c:8c:50:d0:84:1e:c7:27:3b:d8: 53:eb:b2:c5:48:64:82:47:aa:db:78:6d:82:c6:d6:1a:b6:aa: 3f:b8:bb:fc:28:47:1d:55:c0:a2:74:0a:27:8f:85:2c:d2:9d: 45:ed:d5:73:f7:f8:9b:0c:3d:ef:ed:1f:ea:6a:27:e1:fe:40: a5:0c:37:eb:00:63:d6:f8:de:27:e1:34:af:04:58:c3:0f:d6: 7e:22:f4:32:9f:d7:c8:91:c8:4c:16:a1:31:40:43:fb:0f:54: 59:c7:2c:03:42:99:a6:95:87:72:04:ad:f2:e9:72:3d:0c:61: ea:ac:bd:eb:fe:e8:1b:72:cf:d1:0f:18:35:0f:06:5f:c6:9d: 46:d2:d4:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZseBhxMYLhYcf0JJ3XV5V8+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1 MGQ4NzkwHhcNMjUxMjE0MTgwMTE1WhcNMjUxMjE1MTgwMTE1WjAzMTEwLwYDVQQD EyhiOGYxYjk3NWQwZDc5NGQ1MjQyMTY3Njg3Nzc5OTQyMWJjOWEyNjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucAUGJxoIey1k1cAm9h28kSg2jd+ 0Dlbbfv0Xn7fl1kRv2w6oZ/JUL4bnJT/LK1rclhCjslX7+4OvQR8i9TzVcBzpSch 6ZGJ8aTMWd4zB54+cqYjZmeYGHkdJmeLgPp5SHBQuxJt0ocHY50CNHXqk+W5TAwm B5DHQMC5OFmywWYsXm7BfR4BYzkJj7TnRk0odxaRHfDl3UxPYGdwSRdMOPQ1MQjk 2EcKBDxR8PVf3oNdPwXtVh/Qyu3+p48TpIpcbW6RsPequKFuoUzYReI5I8Gc+y0/ IFppbsHvnEpCYJ512XqRIJZ0Nkz9Atl14TcVE3KO8wZIZXcLi7747FM+VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLjxuXXQ15TVJCFnaHd5lCG8miZCMB8GA1UdIwQY MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+1G3109 vHwfQhvZnSGf2QRj+mOVcjSUZ9aVXlum1vMRu6GAYqhDxWsVRNWspFXl2d//cpkI PzLvJD/MER9hgRvKWVspkQ7aae+aDKsYEeAziC0gI2pSSb4vHoLGu5ldoOScBiV9 s3rAI0z1c3BTOMRQ2OtsjFDQhB7HJzvYU+uyxUhkgkeq23htgsbWGraqP7i7/ChH HVXAonQKJ4+FLNKdRe3Vc/f4mww97+0f6mon4f5ApQw36wBj1vjeJ+E0rwRYww/W fiL0Mp/XyJHITBahMUBD+w9UWccsA0KZppWHcgSt8ulyPQxh6qy96/7oG3LP0Q8Y NQ8GX8adRtLUlg== -----END CERTIFICATE-----Generated at Mon Dec 15 04:53:27 2025 by rpki-client