This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft File: N8ZRc24kPV6mzsymOv20oDEtdzA.mft (raw, json) Hash identifier: 9nF4QyQNJETEFmWkeacQ8kpk+vrKMiRl/QkJhmYMOFM= Subject key identifier: E8:7B:64:18:1E:09:A4:0E:8E:C0:7F:B9:0F:87:CD:BA:6E:28:BE:E8 Authority key identifier: 37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30 Certificate issuer: /CN=37c651736e243d5ea6cecca63afdb4a0312d7730 Certificate serial: 019B59E3A5E890AA0000C93A7DAD3978EF37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft Manifest number: 1798 Signing time: Fri 26 Dec 2025 09:00:49 +0000 Manifest this update: Fri 26 Dec 2025 09:00:49 +0000 Manifest next update: Sat 27 Dec 2025 09:00:49 +0000 Files and hashes: 1: N8ZRc24kPV6mzsymOv20oDEtdzA.crl (hash: g2lJV6N/1MzbvrjTiof3tW8KSvjWbd6n3ZEv8vuaSAk=) 2: ZRv7bLa28b8tf6OWanURzCF5xRg.roa (hash: oK8tGS8JdWtsRZmm08fTUJdRLOafRX6MArGF8Pv/FL0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:a5:e8:90:aa:00:00:c9:3a:7d:ad:39:78:ef:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37c651736e243d5ea6cecca63afdb4a0312d7730 Validity Not Before: Dec 26 09:00:49 2025 GMT Not After : Dec 27 09:00:49 2025 GMT Subject: CN=e87b64181e09a40e8ec07fb90f87cdba6e28bee8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:44:2c:8a:b1:07:74:af:e2:e3:66:25:c7:96: 1d:0f:a4:50:12:8c:1f:98:fc:10:b9:27:3b:e1:82: 64:1c:7b:cf:a7:e6:30:bf:41:e3:07:f8:aa:98:f9: 1a:c0:a2:32:bb:fd:78:62:de:4f:34:14:98:54:4d: c8:8d:47:e0:ab:eb:40:28:4b:23:05:fa:bd:a3:28: f7:ef:be:b3:38:96:e7:49:c6:57:c7:41:05:d0:93: 22:30:c7:2a:ec:ee:16:db:b5:ea:cb:1d:2a:3d:a5: 11:83:5d:ae:96:56:3e:02:3b:5f:a1:da:77:a5:d1: 3d:88:84:30:d7:d6:80:2a:d6:10:f9:7d:db:8e:9b: 5a:c0:ba:e6:40:23:ec:a3:82:32:53:b0:d8:e9:93: 83:ec:15:31:7b:bc:bc:92:65:43:4f:59:f2:ce:f6: 3a:66:e4:d0:dc:ff:5a:53:da:a5:17:52:a0:4d:9d: ee:f0:29:fe:3f:08:b8:9d:86:36:3c:cf:58:5b:3a: 3b:dc:d6:c4:30:35:27:17:35:cf:d2:ce:17:37:7f: 71:57:f8:80:68:53:ce:45:93:18:0d:55:9c:3d:ca: 41:fe:39:62:2f:46:ac:41:08:d7:63:9a:29:f0:38: c4:29:df:13:9b:9c:d6:7d:ad:62:bf:67:a4:7a:a6: dc:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:7B:64:18:1E:09:A4:0E:8E:C0:7F:B9:0F:87:CD:BA:6E:28:BE:E8 X509v3 Authority Key Identifier: keyid:37:C6:51:73:6E:24:3D:5E:A6:CE:CC:A6:3A:FD:B4:A0:31:2D:77:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8ZRc24kPV6mzsymOv20oDEtdzA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/523c7d-3917-4137-9df3-abea625868a8/1/N8ZRc24kPV6mzsymOv20oDEtdzA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:36:09:7d:f0:b3:bd:8a:9a:ad:0d:75:60:93:68:38:f5:3e: df:c3:22:cd:2d:40:3c:1f:1c:39:7a:60:e4:27:b2:72:92:b8: 23:34:be:bb:ab:f1:c6:c4:e6:ee:4e:ae:69:a5:af:8b:82:84: 46:62:b6:34:58:a5:e1:c9:ca:54:be:f8:17:4f:1d:21:22:26: 62:67:64:84:cd:4a:e9:ca:71:98:8d:4b:84:a4:07:a5:ec:71: 13:49:bb:5f:34:ae:8c:29:7b:ae:9e:72:80:50:c2:1d:e3:06: 61:67:f0:34:04:f8:b5:de:6b:12:62:1e:6d:ef:09:5b:d8:40: d0:d9:02:f0:fb:4f:e7:8b:7e:c7:13:b1:8e:d0:77:d8:f4:92: 6d:8e:2c:5b:d9:c1:af:b2:d2:5a:ad:ef:9e:41:8a:ad:fa:ea: f9:93:f4:aa:e1:04:47:1f:1f:56:65:bc:2d:40:81:7a:5f:4d: c1:75:e8:bb:2c:85:8a:07:9c:39:bc:fc:c1:bd:31:10:ed:b5: 87:94:09:75:7c:f1:70:0a:a7:0c:d9:e2:bc:fe:5c:25:a2:50: 76:a1:5a:02:b1:7a:76:4e:2d:53:f7:df:bc:6d:00:8d:26:bc: 13:a3:e6:a2:86:be:9b:53:3e:ee:cd:db:c3:ce:66:e1:15:5c: 18:0e:5b:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ46XokKoAAMk6fa05eO83MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3YzY1MTczNmUyNDNkNWVhNmNlY2NhNjNhZmRiNGEwMzEy ZDc3MzAwHhcNMjUxMjI2MDkwMDQ5WhcNMjUxMjI3MDkwMDQ5WjAzMTEwLwYDVQQD EyhlODdiNjQxODFlMDlhNDBlOGVjMDdmYjkwZjg3Y2RiYTZlMjhiZWU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70QsirEHdK/i42Ylx5YdD6RQEowf mPwQuSc74YJkHHvPp+Ywv0HjB/iqmPkawKIyu/14Yt5PNBSYVE3IjUfgq+tAKEsj Bfq9oyj3776zOJbnScZXx0EF0JMiMMcq7O4W27Xqyx0qPaURg12ullY+Ajtfodp3 pdE9iIQw19aAKtYQ+X3bjptawLrmQCPso4IyU7DY6ZOD7BUxe7y8kmVDT1nyzvY6 ZuTQ3P9aU9qlF1KgTZ3u8Cn+Pwi4nYY2PM9YWzo73NbEMDUnFzXP0s4XN39xV/iA aFPORZMYDVWcPcpB/jliL0asQQjXY5op8DjEKd8Tm5zWfa1iv2ekeqbcqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOh7ZBgeCaQOjsB/uQ+HzbpuKL7oMB8GA1UdIwQY MBaAFDfGUXNuJD1eps7Mpjr9tKAxLXcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMt YWJlYTYyNTg2OGE4LzEvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi81MjNjN2QtMzkxNy00MTM3LTlkZjMtYWJlYTYyNTg2OGE4 LzEvTjhaUmMyNGtQVjZtenN5bU92MjBvREV0ZHpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXzYJffCz vYqarQ11YJNoOPU+38MizS1APB8cOXpg5CeycpK4IzS+u6vxxsTm7k6uaaWvi4KE RmK2NFil4cnKVL74F08dISImYmdkhM1K6cpxmI1LhKQHpexxE0m7XzSujCl7rp5y gFDCHeMGYWfwNAT4td5rEmIebe8JW9hA0NkC8PtP54t+xxOxjtB32PSSbY4sW9nB r7LSWq3vnkGKrfrq+ZP0quEERx8fVmW8LUCBel9NwXXouyyFigecObz8wb0xEO21 h5QJdXzxcAqnDNnivP5cJaJQdqFaArF6dk4tU/ffvG0AjSa8E6Pmooa+m1M+7s3b w85m4RVcGA5bjg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:26 2025 by rpki-client