This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.mft File: NutRbqkC2WStsqptytmh3A9bfv4.mft (raw, json) Hash identifier: NPaVNI64IKdPtjVQcn1xayqloBZKQFiSXtXJQPFHvEA= Subject key identifier: FF:60:AB:E6:F4:F1:59:65:25:C4:6E:B1:C1:2F:CA:AC:D4:BB:E4:F2 Authority key identifier: 36:EB:51:6E:A9:02:D9:64:AD:B2:AA:6D:CA:D9:A1:DC:0F:5B:7E:FE Certificate issuer: /CN=36eb516ea902d964adb2aa6dcad9a1dc0f5b7efe Certificate serial: 019B115CA213A5B389C83779A9DAAF4CCB20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NutRbqkC2WStsqptytmh3A9bfv4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.mft Manifest number: 1703 Signing time: Fri 12 Dec 2025 07:00:42 +0000 Manifest this update: Fri 12 Dec 2025 07:00:42 +0000 Manifest next update: Sat 13 Dec 2025 07:00:42 +0000 Files and hashes: 1: NutRbqkC2WStsqptytmh3A9bfv4.crl (hash: 3KMrTFk1x2Tmd7zFMZoMeITwv7yPzUlfWQzyvsDkJds=) 2: XdAh2iIkdXAUuE10m0pcdADM_3Q.roa (hash: lEtjV/lSmPRly69ux6s/y/s94dr1ooRNJ7kAyfLCuys=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.crl rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.mft rsync://rpki.ripe.net/repository/DEFAULT/NutRbqkC2WStsqptytmh3A9bfv4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 07:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:5c:a2:13:a5:b3:89:c8:37:79:a9:da:af:4c:cb:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36eb516ea902d964adb2aa6dcad9a1dc0f5b7efe Validity Not Before: Dec 12 07:00:42 2025 GMT Not After : Dec 13 07:00:42 2025 GMT Subject: CN=ff60abe6f4f1596525c46eb1c12fcaacd4bbe4f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:79:10:61:7e:7b:2d:c5:87:66:fa:0f:66:b0: a2:24:13:bc:bc:36:b4:a5:89:e9:2b:ca:65:fc:fe: c2:cb:9b:0b:85:c0:f7:43:09:8d:64:ac:59:d6:9e: 4f:0f:14:8e:f6:31:c5:1e:78:e3:54:82:55:01:ea: 60:65:17:bd:9c:5c:40:11:43:c1:fc:4e:66:c9:e8: 54:71:2c:08:6e:74:e0:8d:95:ca:01:63:92:9e:7c: c8:68:35:68:96:c2:72:62:f9:04:6e:40:1a:24:a0: 4f:cd:05:9c:a6:b8:44:bf:55:a1:b5:9e:7b:fe:1b: fb:f0:33:c8:70:37:d7:5a:97:76:53:01:18:f8:2e: 24:2e:70:e4:e5:1f:44:10:bd:fc:ac:84:c9:d3:66: 4c:c4:d6:60:a3:5d:1a:4f:02:91:1a:28:98:a8:fc: 5e:ff:8f:26:b8:ed:e2:25:43:c9:c2:4a:27:23:4d: 35:f7:c3:78:15:eb:5e:0f:6a:b3:f7:e2:45:70:f0: d7:a7:54:bc:9a:02:9e:4d:1e:3d:93:5d:1c:28:64: 71:a3:1a:d8:bb:23:52:6d:fc:61:a7:a6:23:ba:e4: 4d:05:1f:d6:fc:cb:13:17:04:72:a3:67:b9:46:3f: 62:bd:51:2b:a1:16:0a:48:c2:65:f0:62:ff:22:7b: 97:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:60:AB:E6:F4:F1:59:65:25:C4:6E:B1:C1:2F:CA:AC:D4:BB:E4:F2 X509v3 Authority Key Identifier: keyid:36:EB:51:6E:A9:02:D9:64:AD:B2:AA:6D:CA:D9:A1:DC:0F:5B:7E:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NutRbqkC2WStsqptytmh3A9bfv4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:e4:a2:56:4e:e2:f1:d5:a6:41:d0:a1:27:a1:0f:f4:38:88: 0f:38:6d:bd:ac:b8:19:3e:3d:24:d5:cf:9d:f5:d1:3f:a6:87: fe:dd:f4:8d:23:cb:4c:65:3f:e3:43:43:47:90:f3:04:d1:56: 5e:6a:ea:db:51:07:42:c2:6f:3b:e7:02:09:54:f8:28:52:6b: d6:5e:0f:6f:f8:69:da:e4:9e:c6:15:11:20:4b:42:0c:74:ad: 8f:89:6b:dc:e9:35:3d:0e:ee:72:06:fe:ae:b2:98:99:93:51: 94:5c:a5:b8:50:c8:af:f1:30:8d:d1:6a:32:41:17:fe:68:9f: 5a:d2:d9:15:0b:7f:81:a8:fd:01:25:ac:fd:0d:74:53:55:bc: 37:e1:ae:21:ec:31:de:3d:d2:03:d9:5e:8a:c4:00:66:ec:6a: 8f:5d:40:63:79:95:a7:8d:b9:08:d2:84:73:15:0f:8e:b8:a9: 46:e8:bf:7b:69:43:0f:f1:aa:a3:5a:bf:14:4e:21:b6:c8:df: 9f:89:45:e2:22:82:de:7e:f2:48:87:ae:da:6e:c2:d9:8b:5a: 32:73:a3:55:48:e9:0b:47:42:25:bb:c0:2d:87:ab:06:69:4b: 76:65:a1:f6:33:00:ad:e6:4d:72:ac:1d:1d:af:52:81:7d:8e: 2d:7f:ce:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsRXKITpbOJyDd5qdqvTMsgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZWI1MTZlYTkwMmQ5NjRhZGIyYWE2ZGNhZDlhMWRjMGY1 YjdlZmUwHhcNMjUxMjEyMDcwMDQyWhcNMjUxMjEzMDcwMDQyWjAzMTEwLwYDVQQD EyhmZjYwYWJlNmY0ZjE1OTY1MjVjNDZlYjFjMTJmY2FhY2Q0YmJlNGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nkQYX57LcWHZvoPZrCiJBO8vDa0 pYnpK8pl/P7Cy5sLhcD3QwmNZKxZ1p5PDxSO9jHFHnjjVIJVAepgZRe9nFxAEUPB /E5myehUcSwIbnTgjZXKAWOSnnzIaDVolsJyYvkEbkAaJKBPzQWcprhEv1WhtZ57 /hv78DPIcDfXWpd2UwEY+C4kLnDk5R9EEL38rITJ02ZMxNZgo10aTwKRGiiYqPxe /48muO3iJUPJwkonI00198N4FeteD2qz9+JFcPDXp1S8mgKeTR49k10cKGRxoxrY uyNSbfxhp6YjuuRNBR/W/MsTFwRyo2e5Rj9ivVEroRYKSMJl8GL/InuXIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP9gq+b08VllJcRuscEvyqzUu+TyMB8GA1UdIwQY MBaAFDbrUW6pAtlkrbKqbcrZodwPW37+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnV0UmJxa0MyV1N0c3FwdHl0bWgzQTliZnY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNmM2NzUtZGVmNy00MjMyLTgxMWIt OGY3NmMzMjkxZmJjLzEvTnV0UmJxa0MyV1N0c3FwdHl0bWgzQTliZnY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8yNmM2NzUtZGVmNy00MjMyLTgxMWItOGY3NmMzMjkxZmJj LzEvTnV0UmJxa0MyV1N0c3FwdHl0bWgzQTliZnY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKuSiVk7i 8dWmQdChJ6EP9DiIDzhtvay4GT49JNXPnfXRP6aH/t30jSPLTGU/40NDR5DzBNFW Xmrq21EHQsJvO+cCCVT4KFJr1l4Pb/hp2uSexhURIEtCDHStj4lr3Ok1PQ7ucgb+ rrKYmZNRlFyluFDIr/EwjdFqMkEX/mifWtLZFQt/gaj9ASWs/Q10U1W8N+GuIewx 3j3SA9leisQAZuxqj11AY3mVp425CNKEcxUPjripRui/e2lDD/Gqo1q/FE4htsjf n4lF4iKC3n7ySIeu2m7C2YtaMnOjVUjpC0dCJbvALYerBmlLdmWh9jMAreZNcqwd Ha9SgX2OLX/O8w== -----END CERTIFICATE-----Generated at Fri Dec 12 14:21:27 2025 by rpki-client