This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
File: NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft (raw, json)
Hash identifier: KCkPbnqD2bHn5ff7630xUKb0Wh+K5vPxNscpPDs9c9A=
Subject key identifier: C6:35:FE:F1:4F:16:6A:2F:6F:74:3A:72:7E:93:22:88:F7:73:58:44
Authority key identifier: 35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
Certificate issuer: /CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Certificate serial: 019B47A65753AE1669EF93F21386FB1BC180
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
Manifest number: 0C72
Signing time: Mon 22 Dec 2025 20:00:42 +0000
Manifest this update: Mon 22 Dec 2025 20:00:42 +0000
Manifest next update: Tue 23 Dec 2025 20:00:42 +0000
Files and hashes: 1: NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl (hash: 0qa/fSkawtsu5FMQcs8JS10VU69TiOmcIuQm3atJZdc=)
2: Zk0y4tHHB8Yu3r49IrGLEovlzps.roa (hash: Z8BlFARu3PiIVKgAzCmvXp/n3Elo4eu1cJ/tXUB0sZU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 23 Dec 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:47:a6:57:53:ae:16:69:ef:93:f2:13:86:fb:1b:c1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351652b838ff2d9672ac8ca66ba660dd4e45d699
Validity
Not Before: Dec 22 20:00:42 2025 GMT
Not After : Dec 23 20:00:42 2025 GMT
Subject: CN=c635fef14f166a2f6f743a727e932288f7735844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:9b:64:6f:31:06:d5:f4:cf:db:06:e1:a4:e3:
ed:5b:fb:4c:a3:0e:75:dc:5e:95:b4:9c:8c:b7:90:
f6:e5:e1:16:4e:94:96:9b:53:a1:81:fc:b5:49:01:
cd:e8:5c:58:9f:05:6a:4a:dd:7b:e1:03:dd:7d:6a:
74:43:68:55:5b:f3:70:4c:b7:dc:4b:56:d5:86:ca:
be:9b:62:e6:6c:96:56:b5:1a:81:77:32:dc:ac:db:
52:ca:4e:f3:52:f7:1c:85:b0:04:18:e1:91:5b:0f:
8c:4a:bc:ff:95:b9:42:b0:78:10:2e:9e:45:51:7b:
de:bd:de:92:7d:d6:b0:f5:49:0f:36:f7:9b:bd:ab:
92:83:f2:74:fd:bc:65:9d:54:59:80:3a:30:46:a1:
1c:a4:ee:08:37:23:f9:4a:97:06:27:61:ba:d1:dd:
d6:4f:d3:99:95:f1:64:95:2c:8e:46:9a:7f:24:70:
3e:a2:d3:c7:19:91:ee:6f:a9:74:51:3d:d0:15:49:
56:f5:75:b6:4f:55:77:61:fb:63:50:d5:2b:34:b5:
6b:0e:59:94:50:04:2b:07:93:32:b6:8a:45:05:44:
b9:76:22:5c:24:28:51:a3:6a:04:20:db:31:7a:12:
51:93:ce:0d:90:e6:c0:b6:1a:af:32:ef:5e:63:43:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:35:FE:F1:4F:16:6A:2F:6F:74:3A:72:7E:93:22:88:F7:73:58:44
X509v3 Authority Key Identifier:
keyid:35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:90:e1:e9:0d:a0:ed:18:c1:2e:14:49:6f:c4:30:94:50:c6:
de:b2:6d:51:3f:a6:65:1b:01:5a:19:34:92:03:ce:d7:0a:cc:
a5:4c:42:e0:a8:a7:46:bd:c0:5a:d4:b9:fc:0d:60:95:99:e5:
5c:dd:e2:56:9f:96:51:c6:74:af:55:40:d9:5e:1c:31:90:6b:
6d:71:62:00:7f:79:c2:1a:aa:f0:2c:dd:0f:e9:93:d6:20:06:
c1:66:d7:ae:1e:4c:ec:25:15:28:d1:c6:09:fc:fb:46:00:6a:
a6:ee:18:83:31:19:a5:6e:fd:f3:9c:04:37:53:81:d9:87:64:
a1:62:43:c2:52:7e:aa:35:81:6f:37:6e:42:c3:15:2e:e4:47:
5f:15:92:08:b7:0b:23:79:c1:f8:09:08:95:4d:4a:1e:e8:11:
1e:99:f6:30:f2:91:e6:65:a6:eb:e8:c8:ad:c7:70:04:e9:c5:
2e:3f:59:8a:92:98:97:60:fe:4f:c5:64:39:15:19:fa:26:79:
c2:2e:33:99:fb:0c:17:f3:44:42:f1:da:67:e3:4d:0f:94:2b:
08:32:38:48:5e:7c:3c:cb:0a:e3:fb:ec:78:e6:32:50:a1:a2:
27:58:d8:c0:e8:8f:b4:97:fe:ed:72:3f:ea:b6:f4:87:fd:96:
05:1f:a9:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtHpldTrhZp75PyE4b7G8GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTY1MmI4MzhmZjJkOTY3MmFjOGNhNjZiYTY2MGRkNGU0
NWQ2OTkwHhcNMjUxMjIyMjAwMDQyWhcNMjUxMjIzMjAwMDQyWjAzMTEwLwYDVQQD
EyhjNjM1ZmVmMTRmMTY2YTJmNmY3NDNhNzI3ZTkzMjI4OGY3NzM1ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95tkbzEG1fTP2wbhpOPtW/tMow51
3F6VtJyMt5D25eEWTpSWm1Ohgfy1SQHN6FxYnwVqSt174QPdfWp0Q2hVW/NwTLfc
S1bVhsq+m2LmbJZWtRqBdzLcrNtSyk7zUvcchbAEGOGRWw+MSrz/lblCsHgQLp5F
UXvevd6Sfdaw9UkPNvebvauSg/J0/bxlnVRZgDowRqEcpO4INyP5SpcGJ2G60d3W
T9OZlfFklSyORpp/JHA+otPHGZHub6l0UT3QFUlW9XW2T1V3YftjUNUrNLVrDlmU
UAQrB5MytopFBUS5diJcJChRo2oEINsxehJRk84NkObAthqvMu9eY0M61wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY1/vFPFmovb3Q6cn6TIoj3c1hEMB8GA1UdIwQY
MBaAFDUWUrg4/y2WcqyMpmumYN1ORdaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQt
MWNkNTA2MDcwYmI1LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQtMWNkNTA2MDcwYmI1
LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJDh6Q2g
7RjBLhRJb8QwlFDG3rJtUT+mZRsBWhk0kgPO1wrMpUxC4KinRr3AWtS5/A1glZnl
XN3iVp+WUcZ0r1VA2V4cMZBrbXFiAH95whqq8CzdD+mT1iAGwWbXrh5M7CUVKNHG
Cfz7RgBqpu4YgzEZpW7985wEN1OB2YdkoWJDwlJ+qjWBbzduQsMVLuRHXxWSCLcL
I3nB+AkIlU1KHugRHpn2MPKR5mWm6+jIrcdwBOnFLj9ZipKYl2D+T8VkORUZ+iZ5
wi4zmfsMF/NEQvHaZ+NND5QrCDI4SF58PMsK4/vseOYyUKGiJ1jYwOiPtJf+7XI/
6rb0h/2WBR+pmQ==
-----END CERTIFICATE-----
Generated at Tue Dec 23 01:55:51 2025 by rpki-client