This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft File: nscEvg6b7zQJT-8mSVnj9-HPais.mft (raw, json) Hash identifier: ZSKfk2jVxsliwMCAwp964+sOIxYKtrRC9quy63GObm0= Subject key identifier: F9:8B:90:6D:8A:BE:A7:6D:4C:30:D0:4E:BB:75:71:49:75:68:FB:65 Authority key identifier: 9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B Certificate issuer: /CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b Certificate serial: 019B4815BA0D02098ED4D7D2054EAD31E7C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft Manifest number: 0242 Signing time: Mon 22 Dec 2025 22:02:21 +0000 Manifest this update: Mon 22 Dec 2025 22:02:21 +0000 Manifest next update: Tue 23 Dec 2025 22:02:21 +0000 Files and hashes: 1: nscEvg6b7zQJT-8mSVnj9-HPais.crl (hash: 9fCnVF5VDKlpZ2HZWfacJSELH1PdoyexC+Gx6EFD71w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:ba:0d:02:09:8e:d4:d7:d2:05:4e:ad:31:e7:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ec704be0e9bef34094fef264959e3f7e1cf6a2b Validity Not Before: Dec 22 22:02:21 2025 GMT Not After : Dec 23 22:02:21 2025 GMT Subject: CN=f98b906d8abea76d4c30d04ebb7571497568fb65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0f:77:4c:00:6e:cc:71:13:25:50:c7:d3:b0: ff:45:af:9c:ec:28:6b:fe:5d:8d:f3:d3:d9:05:47: 17:ed:9b:f7:6b:bf:00:02:7d:75:0d:a2:cc:3b:db: 64:e4:45:9e:d0:ff:56:1d:90:4f:a6:b2:06:66:62: 06:da:13:2e:cc:6f:a3:4e:aa:73:bd:fb:8f:5e:e5: e6:db:be:18:3d:6d:be:98:b5:63:17:ab:03:c9:6a: 8e:4d:a3:67:fd:78:47:c3:12:e6:31:0e:c2:b2:38: 7c:63:b0:98:7a:51:3f:d8:75:c3:50:1e:ca:76:9b: 6f:b8:d1:6f:46:ef:7c:0b:b5:9a:9c:88:d8:44:0d: b1:9e:7a:7f:1f:06:38:21:9f:c7:15:c1:67:61:f3: a6:a0:95:87:1c:c8:e3:95:d6:a5:1f:64:eb:a0:d7: b2:25:74:39:ae:af:19:3f:05:8c:d4:0f:ab:c3:42: 71:e5:37:25:94:0e:cb:e6:c3:2c:8f:a3:d7:42:cb: 53:7a:74:95:9c:93:d7:95:bf:52:19:32:2e:b2:e9: bf:f5:54:f9:73:44:5d:c9:c6:57:f9:75:a8:f0:2a: fc:6a:f9:f0:e5:35:83:83:43:8a:5c:5a:74:84:41: bd:e5:03:db:14:ff:8b:af:0e:42:9f:fe:6c:17:d4: cc:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:8B:90:6D:8A:BE:A7:6D:4C:30:D0:4E:BB:75:71:49:75:68:FB:65 X509v3 Authority Key Identifier: keyid:9E:C7:04:BE:0E:9B:EF:34:09:4F:EF:26:49:59:E3:F7:E1:CF:6A:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nscEvg6b7zQJT-8mSVnj9-HPais.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4d194b-fbfe-4400-a475-5309335a3622/1/nscEvg6b7zQJT-8mSVnj9-HPais.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:06:b2:cd:b2:19:fd:8b:4d:3c:aa:60:4f:ba:1d:4f:a1:f2: 56:f2:96:63:e8:f5:76:55:78:59:98:32:a2:ef:0d:19:a4:a1: a7:be:0c:b6:cf:4e:61:29:6f:5d:15:58:6f:53:b1:3c:8a:e1: fb:58:52:c8:b7:2b:57:d4:f6:30:b4:95:6d:9e:6c:3a:4c:4e: 14:bd:ce:26:c3:67:82:fa:94:5a:38:32:76:70:57:78:34:9f: 9b:b4:ab:81:3a:df:a3:0c:0e:77:b9:8c:e1:80:e4:08:5a:44: c5:2f:27:bf:45:0a:14:c4:28:e3:d8:d7:6f:ff:06:1c:05:d0: 13:8c:1b:7c:94:9e:91:16:90:f1:49:60:87:10:4a:d2:c8:3d: 60:a7:8c:63:ee:be:c0:b0:7a:7d:51:4d:8a:a8:dd:57:be:a6: 9c:7a:90:ef:38:bb:40:b7:92:e6:be:03:58:24:27:9a:fa:82: a5:80:a6:4f:1f:e2:f3:4f:b5:1b:71:1b:c8:51:cd:c2:0b:3e: 88:32:4c:de:ea:2c:a8:77:0c:73:0a:8e:fa:3f:d9:04:12:c5: ea:64:7d:c1:6e:08:74:42:df:0a:a5:2f:06:91:1f:30:53:27: 03:fb:0f:93:88:93:5d:50:e2:6f:f9:e4:99:b1:87:af:fd:22: 36:1c:5f:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFboNAgmO1NfSBU6tMefBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllYzcwNGJlMGU5YmVmMzQwOTRmZWYyNjQ5NTllM2Y3ZTFj ZjZhMmIwHhcNMjUxMjIyMjIwMjIxWhcNMjUxMjIzMjIwMjIxWjAzMTEwLwYDVQQD EyhmOThiOTA2ZDhhYmVhNzZkNGMzMGQwNGViYjc1NzE0OTc1NjhmYjY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA93TABuzHETJVDH07D/Ra+c7Chr /l2N89PZBUcX7Zv3a78AAn11DaLMO9tk5EWe0P9WHZBPprIGZmIG2hMuzG+jTqpz vfuPXuXm274YPW2+mLVjF6sDyWqOTaNn/XhHwxLmMQ7Csjh8Y7CYelE/2HXDUB7K dptvuNFvRu98C7WanIjYRA2xnnp/HwY4IZ/HFcFnYfOmoJWHHMjjldalH2TroNey JXQ5rq8ZPwWM1A+rw0Jx5TcllA7L5sMsj6PXQstTenSVnJPXlb9SGTIusum/9VT5 c0RdycZX+XWo8Cr8avnw5TWDg0OKXFp0hEG95QPbFP+Lrw5Cn/5sF9TM1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPmLkG2KvqdtTDDQTrt1cUl1aPtlMB8GA1UdIwQY MBaAFJ7HBL4Om+80CU/vJklZ4/fhz2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUt NTMwOTMzNWEzNjIyLzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80ZDE5NGItZmJmZS00NDAwLWE0NzUtNTMwOTMzNWEzNjIy LzEvbnNjRXZnNmI3elFKVC04bVNWbmo5LUhQYWlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsgayzbIZ /YtNPKpgT7odT6HyVvKWY+j1dlV4WZgyou8NGaShp74Mts9OYSlvXRVYb1OxPIrh +1hSyLcrV9T2MLSVbZ5sOkxOFL3OJsNngvqUWjgydnBXeDSfm7SrgTrfowwOd7mM 4YDkCFpExS8nv0UKFMQo49jXb/8GHAXQE4wbfJSekRaQ8UlghxBK0sg9YKeMY+6+ wLB6fVFNiqjdV76mnHqQ7zi7QLeS5r4DWCQnmvqCpYCmTx/i80+1G3EbyFHNwgs+ iDJM3uosqHcMcwqO+j/ZBBLF6mR9wW4IdELfCqUvBpEfMFMnA/sPk4iTXVDib/nk mbGHr/0iNhxfFg== -----END CERTIFICATE-----Generated at Tue Dec 23 05:04:00 2025 by rpki-client