This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft File: NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft (raw, json) Hash identifier: T0PSyC2fe2HQlyb75P7Cc38jmuYfvSQNTvZOVda4oNs= Subject key identifier: 23:1E:19:EE:72:44:B2:5B:7F:4B:32:D2:64:80:49:47:DD:48:9B:73 Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77 Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877 Certificate serial: 019B164C4D696D0CBB005F822E062C853BEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft Manifest number: 1276 Signing time: Sat 13 Dec 2025 06:00:57 +0000 Manifest this update: Sat 13 Dec 2025 06:00:57 +0000 Manifest next update: Sun 14 Dec 2025 06:00:57 +0000 Files and hashes: 1: 64AufSKo0ctGsskBfGJHYgegDUM.roa (hash: TxQbijMyiwaYhEgR6gv3I6pa/f1D2b/JYXZHussR2b4=) 2: NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl (hash: LFKCVpXLVjy9etUoNafXAdEITYO3MtzQbp8UAzxRE1o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 06:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:16:4c:4d:69:6d:0c:bb:00:5f:82:2e:06:2c:85:3b:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35f1a573915153de82890eae1303067fa68b2877 Validity Not Before: Dec 13 06:00:57 2025 GMT Not After : Dec 14 06:00:57 2025 GMT Subject: CN=231e19ee7244b25b7f4b32d264804947dd489b73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e3:2a:b7:ae:42:e9:fa:86:9f:ad:9c:7a:0e: 86:67:3c:5a:1a:7c:6f:77:3b:3f:11:98:5d:b9:11: b2:b2:07:a6:da:ad:45:ca:5e:91:e0:82:54:2d:59: 3d:56:62:c7:c2:d7:ca:0e:3e:27:49:4f:51:1d:5a: 34:dd:ff:1e:87:4a:45:6f:f7:eb:2c:8a:81:09:4c: ce:e3:a9:6e:62:bc:40:c1:cc:98:f1:d4:f6:d5:e3: 29:e7:76:61:4b:c1:9f:9d:69:b3:0d:0e:0b:d0:35: ff:76:e8:17:92:72:b8:d7:5a:62:00:64:3d:35:b2: aa:03:16:65:45:f6:ef:65:9e:55:5b:2f:8f:a0:81: 3f:20:8b:f2:ce:74:31:07:1b:fd:98:75:d0:7a:1e: 06:bf:37:32:0f:37:c1:5c:ee:d1:af:ab:78:cf:d7: 4c:6f:6f:f4:90:37:62:04:ce:57:9f:de:0a:70:c3: 5e:18:16:82:af:3a:9c:2e:43:a1:33:8d:f1:ca:6c: 4d:c4:bf:c6:8a:1a:90:28:9c:1a:8e:9c:c6:fb:7f: e5:81:39:1f:2a:a6:71:52:6d:b8:c4:0f:63:7e:68: ad:02:2a:f6:68:8f:7d:52:d7:e9:42:d9:ad:a5:cb: 34:7f:34:7a:90:87:1a:47:4d:0d:1d:68:27:eb:68: b8:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:1E:19:EE:72:44:B2:5B:7F:4B:32:D2:64:80:49:47:DD:48:9B:73 X509v3 Authority Key Identifier: keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:ab:05:16:30:c3:a7:c5:c7:88:29:e1:c9:0f:f0:31:8c:15: 29:cc:49:af:27:43:cc:2a:37:f4:1c:61:ac:8e:c8:42:1f:5e: 7a:cb:af:3c:c0:f5:a2:2e:64:f6:1a:07:82:cb:41:12:04:2d: 1f:e2:d9:13:93:5e:83:6f:9a:a6:cb:2d:dd:e8:51:a7:ce:1b: 62:82:ae:7d:2c:ab:31:5d:47:c5:e8:2b:bf:a3:a3:26:17:07: 57:ce:fc:81:84:c5:12:76:ee:99:4c:75:e2:cc:61:31:82:b2: 93:72:17:6f:5b:39:c1:f3:79:e8:b1:52:61:1a:5e:75:e7:9b: c0:43:96:d4:87:3e:98:47:9a:58:46:46:c8:2b:6d:df:be:84: c0:ef:57:a2:15:f7:94:d0:d1:f4:24:f0:33:03:77:51:ff:df: c0:cc:d4:b0:7d:9a:6e:fb:8c:64:61:b9:53:b8:a6:49:cd:39: 5e:e6:b2:60:1f:df:ea:b7:75:9f:03:10:97:bc:50:14:91:26: d5:c7:d4:b1:01:fc:db:6a:86:33:c0:cd:31:d9:98:f9:f5:6d: 5b:7b:b3:15:ab:da:6c:db:3c:b4:74:3a:b7:02:52:ae:f0:79: 4d:a8:d0:b0:13:b7:21:0b:39:91:e3:c4:44:db:d0:87:d2:f5: c1:27:fe:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsWTE1pbQy7AF+CLgYshTvrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4 YjI4NzcwHhcNMjUxMjEzMDYwMDU3WhcNMjUxMjE0MDYwMDU3WjAzMTEwLwYDVQQD EygyMzFlMTllZTcyNDRiMjViN2Y0YjMyZDI2NDgwNDk0N2RkNDg5YjczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Mqt65C6fqGn62ceg6GZzxaGnxv dzs/EZhduRGysgem2q1Fyl6R4IJULVk9VmLHwtfKDj4nSU9RHVo03f8eh0pFb/fr LIqBCUzO46luYrxAwcyY8dT21eMp53ZhS8GfnWmzDQ4L0DX/dugXknK411piAGQ9 NbKqAxZlRfbvZZ5VWy+PoIE/IIvyznQxBxv9mHXQeh4GvzcyDzfBXO7Rr6t4z9dM b2/0kDdiBM5Xn94KcMNeGBaCrzqcLkOhM43xymxNxL/GihqQKJwajpzG+3/lgTkf KqZxUm24xA9jfmitAir2aI99UtfpQtmtpcs0fzR6kIcaR00NHWgn62i4lwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCMeGe5yRLJbf0sy0mSASUfdSJtzMB8GA1UdIwQY MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt MzI5MjExMDI5YTFhLzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6sFFjDD p8XHiCnhyQ/wMYwVKcxJrydDzCo39BxhrI7IQh9eesuvPMD1oi5k9hoHgstBEgQt H+LZE5Neg2+apsst3ehRp84bYoKufSyrMV1Hxegrv6OjJhcHV878gYTFEnbumUx1 4sxhMYKyk3IXb1s5wfN56LFSYRpedeebwEOW1Ic+mEeaWEZGyCtt376EwO9XohX3 lNDR9CTwMwN3Uf/fwMzUsH2abvuMZGG5U7imSc05XuayYB/f6rd1nwMQl7xQFJEm 1cfUsQH822qGM8DNMdmY+fVtW3uzFavabNs8tHQ6twJSrvB5TajQsBO3IQs5kePE RNvQh9L1wSf+fQ== -----END CERTIFICATE-----Generated at Sat Dec 13 15:40:55 2025 by rpki-client