This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft File: NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json) Hash identifier: 9eAo8kmcJWIe3K3nhwAtDEvFggRDCpB0Sti3NMN6qls= Subject key identifier: 7A:3C:12:B9:F5:7C:48:8C:98:12:68:E4:0A:40:4B:1F:9F:4D:10:72 Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46 Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646 Certificate serial: 019B0D80D0D58511ACFA8E3E95D026004CAC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft Manifest number: 08E2 Signing time: Thu 11 Dec 2025 13:01:44 +0000 Manifest this update: Thu 11 Dec 2025 13:01:44 +0000 Manifest next update: Fri 12 Dec 2025 13:01:44 +0000 Files and hashes: 1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: RLnl6OluoTlJAUqNqpxkWp4LsAQibT+7+CMeVxvNiAE=) 2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 13:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:80:d0:d5:85:11:ac:fa:8e:3e:95:d0:26:00:4c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646 Validity Not Before: Dec 11 13:01:44 2025 GMT Not After : Dec 12 13:01:44 2025 GMT Subject: CN=7a3c12b9f57c488c981268e40a404b1f9f4d1072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:a6:7d:10:8b:5e:75:cf:42:54:47:df:0f:f9: f5:0d:56:fa:be:f3:23:a4:2b:ac:16:5d:5e:cc:11: 64:34:6e:cb:2f:9d:d3:3d:cb:b8:e2:0c:ea:c3:54: 97:cd:88:f4:6f:f1:36:c8:27:ce:5c:a1:c8:0d:f5: e3:8d:8d:2a:91:a3:fc:c1:1c:4a:05:37:31:c9:18: 3f:ad:60:29:ef:09:78:7f:63:2f:d0:96:48:15:52: af:5c:aa:ab:5d:9e:21:c7:f3:39:1b:fd:07:f0:68: a6:22:36:b8:6a:0a:59:88:91:84:24:31:90:ce:53: a8:4d:b1:b7:05:59:de:95:a3:98:26:1b:88:66:05: 4c:81:b3:0f:d3:e8:cf:b8:8e:b5:d2:3a:78:e1:00: 09:98:6a:e7:b3:45:37:ee:8c:ef:37:d7:0a:e5:6a: 0c:b5:4c:bc:1f:dd:24:10:6e:b6:8f:94:9a:6e:60: 17:aa:34:21:0a:99:6b:e6:7b:3c:42:c3:36:d0:a6: d4:1e:8b:df:ec:d4:5c:ae:df:79:f4:b1:69:b2:e9: 88:ab:f9:9c:99:6d:d2:fa:36:ea:d7:b8:ad:eb:2a: 9a:3c:1c:ec:42:7a:db:24:4b:10:0b:fe:dc:84:54: dc:65:6e:e0:af:f8:33:25:9e:95:74:69:00:07:5f: c2:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:3C:12:B9:F5:7C:48:8C:98:12:68:E4:0A:40:4B:1F:9F:4D:10:72 X509v3 Authority Key Identifier: keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:09:fa:ad:22:21:6d:2f:fa:f6:54:8b:85:08:6e:84:80:40: 75:7b:6b:86:e2:79:61:72:75:95:c8:ca:3e:3f:f2:37:91:cb: 18:3b:ff:81:a3:d8:9e:89:ba:3b:00:03:fc:f9:af:c9:2c:bd: 1c:9e:c2:3b:c0:2e:1b:81:a0:f9:69:c5:88:20:58:9a:13:09: 87:8f:85:f7:12:71:25:ae:1d:0f:5d:39:ed:a2:16:12:77:5f: 37:4e:d5:dd:03:ff:74:ee:58:ff:27:73:70:d6:75:2a:35:22: f3:80:4e:63:d5:db:52:3e:62:5b:bd:40:77:20:6c:d2:f7:02: be:7e:82:48:6e:ec:79:7d:8a:1f:3f:ba:3e:67:f0:7c:dd:6b: 7a:9a:75:c2:8f:bf:3d:2c:19:00:cf:65:c4:d1:cf:53:c7:0d: 2f:ac:2c:74:61:18:11:05:53:a2:c8:8c:cb:1f:55:2d:75:41: 71:6c:2e:0e:33:73:61:94:29:c5:3f:fb:c9:82:c4:52:82:66: 08:1a:95:5b:d2:88:bd:69:c3:fe:b5:18:a8:39:d4:98:6f:bf: 73:f3:0b:a3:97:27:f8:50:cf:8f:d5:26:3e:9d:1f:f2:25:52: c1:39:3a:c7:ed:f0:19:ba:4c:20:c2:2e:0e:cb:5e:02:35:21: ef:9a:ef:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNgNDVhRGs+o4+ldAmAEysMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm Nzk2NDYwHhcNMjUxMjExMTMwMTQ0WhcNMjUxMjEyMTMwMTQ0WjAzMTEwLwYDVQQD Eyg3YTNjMTJiOWY1N2M0ODhjOTgxMjY4ZTQwYTQwNGIxZjlmNGQxMDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Z9EItedc9CVEffD/n1DVb6vvMj pCusFl1ezBFkNG7LL53TPcu44gzqw1SXzYj0b/E2yCfOXKHIDfXjjY0qkaP8wRxK BTcxyRg/rWAp7wl4f2Mv0JZIFVKvXKqrXZ4hx/M5G/0H8GimIja4agpZiJGEJDGQ zlOoTbG3BVnelaOYJhuIZgVMgbMP0+jPuI610jp44QAJmGrns0U37ozvN9cK5WoM tUy8H90kEG62j5SabmAXqjQhCplr5ns8QsM20KbUHovf7NRcrt959LFpsumIq/mc mW3S+jbq17it6yqaPBzsQnrbJEsQC/7chFTcZW7gr/gzJZ6VdGkAB1/CRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHo8Ern1fEiMmBJo5ApASx+fTRByMB8GA1UdIwQY MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQn6rSIh bS/69lSLhQhuhIBAdXtrhuJ5YXJ1lcjKPj/yN5HLGDv/gaPYnom6OwAD/PmvySy9 HJ7CO8AuG4Gg+WnFiCBYmhMJh4+F9xJxJa4dD1057aIWEndfN07V3QP/dO5Y/ydz cNZ1KjUi84BOY9XbUj5iW71AdyBs0vcCvn6CSG7seX2KHz+6PmfwfN1repp1wo+/ PSwZAM9lxNHPU8cNL6wsdGEYEQVTosiMyx9VLXVBcWwuDjNzYZQpxT/7yYLEUoJm CBqVW9KIvWnD/rUYqDnUmG+/c/MLo5cn+FDPj9UmPp0f8iVSwTk6x+3wGbpMIMIu DsteAjUh75rvQQ== -----END CERTIFICATE-----Generated at Thu Dec 11 23:01:08 2025 by rpki-client