This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft File: nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json) Hash identifier: ZuoaEjsNAFGlDdiTxgk2bIF2UaYK41hq5cIeoK1tHQE= Subject key identifier: 0F:11:AE:D1:7E:B5:FE:08:45:06:12:A6:C2:ED:60:C5:3C:44:E6:CB Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03 Certificate issuer: /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403 Certificate serial: 019B3AC694A5C3F7B55A9840E35BA48B320E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft Manifest number: 0A14 Signing time: Sat 20 Dec 2025 08:00:51 +0000 Manifest this update: Sat 20 Dec 2025 08:00:51 +0000 Manifest next update: Sun 21 Dec 2025 08:00:51 +0000 Files and hashes: 1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: dcE8LlD43rzJuX/d/CM3Xh1XTErJVmIKd6dIQrQ1JEQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 08:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:94:a5:c3:f7:b5:5a:98:40:e3:5b:a4:8b:32:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403 Validity Not Before: Dec 20 08:00:51 2025 GMT Not After : Dec 21 08:00:51 2025 GMT Subject: CN=0f11aed17eb5fe08450612a6c2ed60c53c44e6cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1f:d1:72:f1:8a:a7:31:6c:4f:d5:c2:9c:fa: a3:e5:e0:5f:57:5f:37:ef:d3:ee:14:b6:46:e7:43: e2:2b:95:53:9e:94:43:91:b2:3e:a1:c2:d3:a6:b1: 3c:78:b4:9a:52:89:2d:49:b4:5a:ca:d1:e1:6b:14: 30:75:ca:4d:9b:5d:ae:57:7a:8f:0f:78:05:74:ef: 9f:84:30:4e:ab:49:df:b1:23:87:c1:b1:bf:5d:6f: 6d:43:44:02:3c:57:9f:87:f7:24:cf:6c:b5:f3:a3: d9:ab:2a:49:be:92:24:14:6d:ae:9b:4b:71:2a:96: 74:d1:9f:c6:60:77:da:0a:3c:0c:3c:90:5b:bf:fa: fa:8e:52:98:ae:64:0a:c8:e7:1e:0f:a8:89:b6:80: 0f:1d:78:17:7f:48:cd:fa:80:c2:60:8e:64:07:ae: 10:75:50:e7:02:bb:c3:83:0b:c9:f0:5e:83:b6:d4: ba:84:04:12:99:93:2c:9a:7e:e5:c2:88:86:3d:5e: 2e:5f:91:63:5c:34:e9:0f:91:0f:34:bf:3a:a4:2f: 4f:e9:22:91:23:f7:34:85:40:73:e5:60:88:21:e6: 63:5a:c0:81:3c:24:03:b8:d5:e4:11:9d:ae:33:8b: 3c:f5:88:12:d3:77:5d:6d:3d:3b:2b:95:8b:48:92: 4d:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:11:AE:D1:7E:B5:FE:08:45:06:12:A6:C2:ED:60:C5:3C:44:E6:CB X509v3 Authority Key Identifier: keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:a0:1e:0e:d8:45:36:f9:b5:0c:bc:e0:fc:57:c5:29:02:a5: 38:d5:28:e8:f0:0f:2c:bf:7d:dc:ac:f9:e4:f6:e8:ef:d5:33: 4c:2a:ed:8f:fc:35:b5:ae:ed:03:a9:ae:92:7f:b4:f6:f8:48: ad:8d:40:04:b4:22:bd:84:7f:f0:6c:d2:03:b4:2e:59:22:6c: d6:8a:37:bd:e3:18:98:6c:1d:e0:93:80:0e:b3:72:ae:6f:aa: b9:3c:5c:51:77:f1:15:97:63:ed:af:a8:f9:0d:9e:db:d3:b2: e9:8b:76:4e:36:f8:f7:1c:6a:1f:79:c8:37:d8:af:c2:bf:63: bd:74:f3:09:30:95:35:96:f8:b8:d9:94:bd:60:04:7f:90:9c: 27:cf:b6:2b:01:f8:6e:e7:ab:32:73:a9:1d:2a:f3:ca:35:79: 4b:2b:d8:34:cd:b0:d8:1c:b4:c2:1f:3a:6b:c2:78:24:c2:8a: a9:ba:05:6a:ff:43:a6:25:54:17:1b:aa:32:d6:53:4d:97:e6: c7:ae:c2:97:fb:89:c6:46:92:f2:3e:0e:0d:27:6e:7d:f5:64: 1f:f4:b0:2e:55:aa:53:13:fb:cf:2c:2f:aa:41:37:ea:ed:af: 18:c1:7e:1b:e1:19:19:dc:b0:e5:e6:23:64:9d:91:da:7a:af: 3c:95:51:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xpSlw/e1WphA41ukizIOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi YzA0MDMwHhcNMjUxMjIwMDgwMDUxWhcNMjUxMjIxMDgwMDUxWjAzMTEwLwYDVQQD EygwZjExYWVkMTdlYjVmZTA4NDUwNjEyYTZjMmVkNjBjNTNjNDRlNmNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR/RcvGKpzFsT9XCnPqj5eBfV183 79PuFLZG50PiK5VTnpRDkbI+ocLTprE8eLSaUoktSbRaytHhaxQwdcpNm12uV3qP D3gFdO+fhDBOq0nfsSOHwbG/XW9tQ0QCPFefh/ckz2y186PZqypJvpIkFG2um0tx KpZ00Z/GYHfaCjwMPJBbv/r6jlKYrmQKyOceD6iJtoAPHXgXf0jN+oDCYI5kB64Q dVDnArvDgwvJ8F6DttS6hAQSmZMsmn7lwoiGPV4uX5FjXDTpD5EPNL86pC9P6SKR I/c0hUBz5WCIIeZjWsCBPCQDuNXkEZ2uM4s89YgS03ddbT07K5WLSJJN6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA8RrtF+tf4IRQYSpsLtYMU8RObLMB8GA1UdIwQY MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6AeDthF Nvm1DLzg/FfFKQKlONUo6PAPLL993Kz55Pbo79UzTCrtj/w1ta7tA6mukn+09vhI rY1ABLQivYR/8GzSA7QuWSJs1oo3veMYmGwd4JOADrNyrm+quTxcUXfxFZdj7a+o +Q2e29Oy6Yt2Tjb49xxqH3nIN9ivwr9jvXTzCTCVNZb4uNmUvWAEf5CcJ8+2KwH4 buerMnOpHSrzyjV5SyvYNM2w2By0wh86a8J4JMKKqboFav9DpiVUFxuqMtZTTZfm x67Cl/uJxkaS8j4ODSduffVkH/SwLlWqUxP7zywvqkE36u2vGMF+G+EZGdyw5eYj ZJ2R2nqvPJVR6A== -----END CERTIFICATE-----Generated at Sat Dec 20 18:15:19 2025 by rpki-client