This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft File: NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft (raw, json) Hash identifier: KCkPbnqD2bHn5ff7630xUKb0Wh+K5vPxNscpPDs9c9A= Subject key identifier: C6:35:FE:F1:4F:16:6A:2F:6F:74:3A:72:7E:93:22:88:F7:73:58:44 Authority key identifier: 35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99 Certificate issuer: /CN=351652b838ff2d9672ac8ca66ba660dd4e45d699 Certificate serial: 019B47A65753AE1669EF93F21386FB1BC180 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft Manifest number: 0C72 Signing time: Mon 22 Dec 2025 20:00:42 +0000 Manifest this update: Mon 22 Dec 2025 20:00:42 +0000 Manifest next update: Tue 23 Dec 2025 20:00:42 +0000 Files and hashes: 1: NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl (hash: 0qa/fSkawtsu5FMQcs8JS10VU69TiOmcIuQm3atJZdc=) 2: Zk0y4tHHB8Yu3r49IrGLEovlzps.roa (hash: Z8BlFARu3PiIVKgAzCmvXp/n3Elo4eu1cJ/tXUB0sZU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 20:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:a6:57:53:ae:16:69:ef:93:f2:13:86:fb:1b:c1:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=351652b838ff2d9672ac8ca66ba660dd4e45d699 Validity Not Before: Dec 22 20:00:42 2025 GMT Not After : Dec 23 20:00:42 2025 GMT Subject: CN=c635fef14f166a2f6f743a727e932288f7735844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:9b:64:6f:31:06:d5:f4:cf:db:06:e1:a4:e3: ed:5b:fb:4c:a3:0e:75:dc:5e:95:b4:9c:8c:b7:90: f6:e5:e1:16:4e:94:96:9b:53:a1:81:fc:b5:49:01: cd:e8:5c:58:9f:05:6a:4a:dd:7b:e1:03:dd:7d:6a: 74:43:68:55:5b:f3:70:4c:b7:dc:4b:56:d5:86:ca: be:9b:62:e6:6c:96:56:b5:1a:81:77:32:dc:ac:db: 52:ca:4e:f3:52:f7:1c:85:b0:04:18:e1:91:5b:0f: 8c:4a:bc:ff:95:b9:42:b0:78:10:2e:9e:45:51:7b: de:bd:de:92:7d:d6:b0:f5:49:0f:36:f7:9b:bd:ab: 92:83:f2:74:fd:bc:65:9d:54:59:80:3a:30:46:a1: 1c:a4:ee:08:37:23:f9:4a:97:06:27:61:ba:d1:dd: d6:4f:d3:99:95:f1:64:95:2c:8e:46:9a:7f:24:70: 3e:a2:d3:c7:19:91:ee:6f:a9:74:51:3d:d0:15:49: 56:f5:75:b6:4f:55:77:61:fb:63:50:d5:2b:34:b5: 6b:0e:59:94:50:04:2b:07:93:32:b6:8a:45:05:44: b9:76:22:5c:24:28:51:a3:6a:04:20:db:31:7a:12: 51:93:ce:0d:90:e6:c0:b6:1a:af:32:ef:5e:63:43: 3a:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:35:FE:F1:4F:16:6A:2F:6F:74:3A:72:7E:93:22:88:F7:73:58:44 X509v3 Authority Key Identifier: keyid:35:16:52:B8:38:FF:2D:96:72:AC:8C:A6:6B:A6:60:DD:4E:45:D6:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRZSuDj_LZZyrIyma6Zg3U5F1pk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/9ce60b-cbc4-40d9-98ad-1cd506070bb5/1/NRZSuDj_LZZyrIyma6Zg3U5F1pk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:90:e1:e9:0d:a0:ed:18:c1:2e:14:49:6f:c4:30:94:50:c6: de:b2:6d:51:3f:a6:65:1b:01:5a:19:34:92:03:ce:d7:0a:cc: a5:4c:42:e0:a8:a7:46:bd:c0:5a:d4:b9:fc:0d:60:95:99:e5: 5c:dd:e2:56:9f:96:51:c6:74:af:55:40:d9:5e:1c:31:90:6b: 6d:71:62:00:7f:79:c2:1a:aa:f0:2c:dd:0f:e9:93:d6:20:06: c1:66:d7:ae:1e:4c:ec:25:15:28:d1:c6:09:fc:fb:46:00:6a: a6:ee:18:83:31:19:a5:6e:fd:f3:9c:04:37:53:81:d9:87:64: a1:62:43:c2:52:7e:aa:35:81:6f:37:6e:42:c3:15:2e:e4:47: 5f:15:92:08:b7:0b:23:79:c1:f8:09:08:95:4d:4a:1e:e8:11: 1e:99:f6:30:f2:91:e6:65:a6:eb:e8:c8:ad:c7:70:04:e9:c5: 2e:3f:59:8a:92:98:97:60:fe:4f:c5:64:39:15:19:fa:26:79: c2:2e:33:99:fb:0c:17:f3:44:42:f1:da:67:e3:4d:0f:94:2b: 08:32:38:48:5e:7c:3c:cb:0a:e3:fb:ec:78:e6:32:50:a1:a2: 27:58:d8:c0:e8:8f:b4:97:fe:ed:72:3f:ea:b6:f4:87:fd:96: 05:1f:a9:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHpldTrhZp75PyE4b7G8GAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MTY1MmI4MzhmZjJkOTY3MmFjOGNhNjZiYTY2MGRkNGU0 NWQ2OTkwHhcNMjUxMjIyMjAwMDQyWhcNMjUxMjIzMjAwMDQyWjAzMTEwLwYDVQQD EyhjNjM1ZmVmMTRmMTY2YTJmNmY3NDNhNzI3ZTkzMjI4OGY3NzM1ODQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95tkbzEG1fTP2wbhpOPtW/tMow51 3F6VtJyMt5D25eEWTpSWm1Ohgfy1SQHN6FxYnwVqSt174QPdfWp0Q2hVW/NwTLfc S1bVhsq+m2LmbJZWtRqBdzLcrNtSyk7zUvcchbAEGOGRWw+MSrz/lblCsHgQLp5F UXvevd6Sfdaw9UkPNvebvauSg/J0/bxlnVRZgDowRqEcpO4INyP5SpcGJ2G60d3W T9OZlfFklSyORpp/JHA+otPHGZHub6l0UT3QFUlW9XW2T1V3YftjUNUrNLVrDlmU UAQrB5MytopFBUS5diJcJChRo2oEINsxehJRk84NkObAthqvMu9eY0M61wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMY1/vFPFmovb3Q6cn6TIoj3c1hEMB8GA1UdIwQY MBaAFDUWUrg4/y2WcqyMpmumYN1ORdaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQt MWNkNTA2MDcwYmI1LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi85Y2U2MGItY2JjNC00MGQ5LTk4YWQtMWNkNTA2MDcwYmI1 LzEvTlJaU3VEal9MWlp5ckl5bWE2WmczVTVGMXBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJDh6Q2g 7RjBLhRJb8QwlFDG3rJtUT+mZRsBWhk0kgPO1wrMpUxC4KinRr3AWtS5/A1glZnl XN3iVp+WUcZ0r1VA2V4cMZBrbXFiAH95whqq8CzdD+mT1iAGwWbXrh5M7CUVKNHG Cfz7RgBqpu4YgzEZpW7985wEN1OB2YdkoWJDwlJ+qjWBbzduQsMVLuRHXxWSCLcL I3nB+AkIlU1KHugRHpn2MPKR5mWm6+jIrcdwBOnFLj9ZipKYl2D+T8VkORUZ+iZ5 wi4zmfsMF/NEQvHaZ+NND5QrCDI4SF58PMsK4/vseOYyUKGiJ1jYwOiPtJf+7XI/ 6rb0h/2WBR+pmQ== -----END CERTIFICATE-----Generated at Tue Dec 23 01:55:51 2025 by rpki-client