This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json) Hash identifier: np+SEnBUHRP9mLBzkDRCm8d/59jEPXB7gywkwGbkdOY= Subject key identifier: 5A:5C:98:14:E5:92:87:61:C6:89:E8:08:8D:97:ED:82:F2:A5:AC:3F Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d Certificate serial: 019B43250FC0B800F1CF988D391E35ACD72D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft Manifest number: 0E70 Signing time: Sun 21 Dec 2025 23:01:00 +0000 Manifest this update: Sun 21 Dec 2025 23:01:00 +0000 Manifest next update: Mon 22 Dec 2025 23:01:00 +0000 Files and hashes: 1: NCPzn1GpZq4vT4gRDeBcmpEUhRQ.roa (hash: Vq8Q1+OKJnlcLx/yX0O6NcYNdeQRXSpw2T1WMWL6+Zw=) 2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: +9NAUqWWR/8iu6X/61zT4I7E47pB2F01A0lpVK0+Goc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:25:0f:c0:b8:00:f1:cf:98:8d:39:1e:35:ac:d7:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d Validity Not Before: Dec 21 23:01:00 2025 GMT Not After : Dec 22 23:01:00 2025 GMT Subject: CN=5a5c9814e5928761c689e8088d97ed82f2a5ac3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e1:86:69:89:e3:7e:99:91:53:bf:79:3e:5e: 98:4c:d6:16:fe:a8:a8:2f:a2:f1:32:9f:11:6d:d7: ea:d7:bd:13:a4:90:58:95:d8:45:af:06:8c:ee:2f: 4f:13:7a:92:fe:4e:d5:76:db:a4:cd:91:7e:35:b8: 41:1e:58:4e:58:32:e4:ab:a6:90:54:ef:fc:95:2e: 7d:aa:d3:0c:e2:84:0a:76:28:16:33:cb:7a:01:36: 97:de:5c:9d:78:d9:57:3e:95:80:68:b5:32:ff:9a: df:1b:61:e5:12:60:bd:24:c4:58:26:3e:f6:3e:28: 4e:bf:b8:fd:1a:82:79:a9:12:1e:db:15:8b:c7:70: c7:b4:f0:7b:7e:e4:e9:92:a4:12:fc:aa:31:55:18: 59:9c:2c:a2:b0:9c:0e:62:e9:58:64:4c:6d:e1:88: 5c:48:cb:eb:87:7f:e1:93:b8:12:5a:29:1a:57:21: 3c:5e:09:64:df:5e:05:06:85:5e:bc:e9:8b:c7:c6: 17:6b:b7:29:a7:23:2c:d7:4a:52:b2:3b:f2:94:ee: 6a:d8:95:43:19:ac:45:f0:26:fe:54:e2:9f:91:ba: ce:b9:d1:aa:0b:74:a9:18:39:e7:d8:2d:c9:10:c6: b1:39:0b:7b:42:28:60:00:64:ff:64:72:39:ef:24: 24:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:5C:98:14:E5:92:87:61:C6:89:E8:08:8D:97:ED:82:F2:A5:AC:3F X509v3 Authority Key Identifier: keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:67:70:55:b5:68:df:44:f3:e9:01:d3:71:cf:9b:cc:7a:44: 16:25:02:07:fc:52:a7:be:7e:08:15:d7:13:db:0d:85:eb:a7: f4:30:be:84:8a:4f:ad:87:8d:42:e3:e3:84:f0:8e:c9:7f:c8: 71:66:4f:2e:ca:ba:41:b3:92:68:9b:b1:56:0c:dc:d3:77:28: 6b:c4:fa:d3:7a:f1:60:bf:3c:6a:7f:c9:6f:95:68:3d:ac:d9: d5:bd:3e:7a:00:d8:ce:1b:ce:c6:e8:eb:de:9c:cf:f7:a7:6d: 7f:39:bc:20:f1:d1:61:a5:46:c7:6f:64:c4:f6:0d:95:7a:5c: 76:3c:c1:e8:9b:23:2d:2c:e2:45:35:48:8e:bc:38:8f:e1:7b: 12:04:13:df:cf:33:59:e2:7f:79:a5:0d:41:a6:1e:c9:be:55: 5a:95:b0:ec:5d:50:04:54:a6:22:c6:f9:72:d3:38:f2:1c:af: 82:79:92:d5:0b:f0:bd:86:c5:ef:d7:16:eb:2e:67:2f:ca:2e: d3:ac:da:e3:cb:0b:e7:e3:6f:5d:15:1e:d6:13:52:66:01:92: a1:34:e4:42:54:12:1a:b4:e9:36:56:1f:cc:59:23:55:e4:c6: db:9b:61:1e:8b:fc:ac:a9:10:45:06:0a:95:e6:c7:33:7b:d9: 40:73:f5:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJQ/AuADxz5iNOR41rNctMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4 YzAyOGQwHhcNMjUxMjIxMjMwMTAwWhcNMjUxMjIyMjMwMTAwWjAzMTEwLwYDVQQD Eyg1YTVjOTgxNGU1OTI4NzYxYzY4OWU4MDg4ZDk3ZWQ4MmYyYTVhYzNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uGGaYnjfpmRU795Pl6YTNYW/qio L6LxMp8Rbdfq170TpJBYldhFrwaM7i9PE3qS/k7VdtukzZF+NbhBHlhOWDLkq6aQ VO/8lS59qtMM4oQKdigWM8t6ATaX3lydeNlXPpWAaLUy/5rfG2HlEmC9JMRYJj72 PihOv7j9GoJ5qRIe2xWLx3DHtPB7fuTpkqQS/KoxVRhZnCyisJwOYulYZExt4Yhc SMvrh3/hk7gSWikaVyE8Xglk314FBoVevOmLx8YXa7cppyMs10pSsjvylO5q2JVD GaxF8Cb+VOKfkbrOudGqC3SpGDnn2C3JEMaxOQt7QihgAGT/ZHI57yQk7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFpcmBTlkodhxonoCI2X7YLypaw/MB8GA1UdIwQY MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWdwVbVo 30Tz6QHTcc+bzHpEFiUCB/xSp75+CBXXE9sNheun9DC+hIpPrYeNQuPjhPCOyX/I cWZPLsq6QbOSaJuxVgzc03coa8T603rxYL88an/Jb5VoPazZ1b0+egDYzhvOxujr 3pzP96dtfzm8IPHRYaVGx29kxPYNlXpcdjzB6JsjLSziRTVIjrw4j+F7EgQT388z WeJ/eaUNQaYeyb5VWpWw7F1QBFSmIsb5ctM48hyvgnmS1QvwvYbF79cW6y5nL8ou 06za48sL5+NvXRUe1hNSZgGSoTTkQlQSGrTpNlYfzFkjVeTG25thHov8rKkQRQYK lebHM3vZQHP1aw== -----END CERTIFICATE-----Generated at Mon Dec 22 04:00:19 2025 by rpki-client