This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft File: nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json) Hash identifier: PKUvzFgFjfon1jrgnpminlgZY4h03GRtAkUcOahH5Qg= Subject key identifier: 56:10:CD:89:FB:AC:9A:8B:32:43:74:07:D9:15:2C:B0:F2:B7:00:1C Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D Certificate issuer: /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d Certificate serial: 019B5A51F0203F7AC6FEDB3A8D656D360D25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft Manifest number: 087C Signing time: Fri 26 Dec 2025 11:01:17 +0000 Manifest this update: Fri 26 Dec 2025 11:01:17 +0000 Manifest next update: Sat 27 Dec 2025 11:01:17 +0000 Files and hashes: 1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: BYyM3Yx5no1cYNwR8UI99pw01Lbffkt9mLWDXDTbB/Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:f0:20:3f:7a:c6:fe:db:3a:8d:65:6d:36:0d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d Validity Not Before: Dec 26 11:01:17 2025 GMT Not After : Dec 27 11:01:17 2025 GMT Subject: CN=5610cd89fbac9a8b32437407d9152cb0f2b7001c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d6:97:0e:35:14:d9:71:d3:e7:59:a1:6b:1d: 54:f8:dd:c2:df:f6:1c:02:90:da:a4:52:7d:df:c0: e1:ac:30:78:fc:60:2e:12:08:e4:91:25:43:ae:82: 35:4f:05:8a:f7:9c:4e:2a:cc:f5:e7:39:2c:32:6a: d0:4f:8c:30:cc:96:b8:ff:b0:d0:e8:10:dc:bc:ba: 35:d7:80:25:93:af:73:3a:4c:e1:87:23:5a:bd:a6: a7:c1:7b:d1:93:94:2f:4b:29:a1:0b:1d:72:a9:cc: b3:b7:23:fe:e7:e3:67:32:d0:33:9f:7f:83:f8:cf: a5:ea:b2:3f:9a:a3:b9:3f:0f:fe:0c:8f:44:0a:c9: 8b:f9:d1:a1:bf:3b:f8:2f:b1:c0:03:7f:78:61:4c: da:78:08:d2:e5:e2:7c:c3:9b:fd:c6:07:7f:f7:03: b4:40:12:03:b4:21:a8:b0:64:88:99:3f:c3:ea:64: 49:0f:df:ed:58:c2:07:dc:18:26:25:05:2e:1e:77: 2c:60:b8:50:67:80:bf:e1:bf:eb:1e:9d:85:3b:86: b9:27:0b:ef:b9:9f:57:f8:9d:04:ff:28:10:81:d2: 4d:15:4f:a8:25:20:9b:fc:e8:2b:0d:06:15:44:bd: 66:7c:87:d5:94:b3:43:cb:07:42:dd:30:34:07:97: ac:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:10:CD:89:FB:AC:9A:8B:32:43:74:07:D9:15:2C:B0:F2:B7:00:1C X509v3 Authority Key Identifier: keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:16:a9:de:93:a3:7c:8d:43:b2:77:8e:83:95:22:6c:01:05: 1b:fa:02:6f:67:f3:6d:c3:eb:a4:fc:7b:f4:93:2c:70:f2:df: 91:18:56:56:37:c9:15:f0:be:41:6b:39:d8:a8:1b:c9:f9:ad: a1:63:95:7f:83:83:b8:9d:25:e7:8a:eb:89:4e:d8:bc:0b:24: 7d:b5:1a:44:8f:70:ee:95:be:72:92:d9:bd:2f:02:d9:20:ae: f5:1b:d8:de:dd:a2:62:de:b5:d4:26:a1:c3:24:50:be:0f:62: 65:20:21:cf:09:8f:91:0c:71:6d:dd:2e:6c:c7:b3:ae:dc:44: b3:a5:52:0b:59:4b:06:af:e3:24:bc:fc:60:12:a3:d8:66:3c: cb:16:0a:28:9b:95:96:88:a0:9c:26:96:8e:0c:cb:f4:e6:03: 0f:40:39:34:b3:43:b7:0a:34:9a:78:04:4a:e6:c2:67:fc:d8: b2:f0:58:18:59:99:26:55:0c:65:a2:70:b6:33:1b:9e:c6:df: 68:3f:04:84:a4:d2:4a:71:9b:23:1d:b4:3c:ff:9f:eb:ee:e1: 7e:57:75:3a:df:4e:74:95:f3:43:bf:09:2d:62:63:de:54:2b: cc:28:e6:bb:aa:0c:c8:0c:6d:f3:26:01:e6:48:d9:d9:95:44: a9:d2:6f:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUfAgP3rG/ts6jWVtNg0lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy OTQwMmQwHhcNMjUxMjI2MTEwMTE3WhcNMjUxMjI3MTEwMTE3WjAzMTEwLwYDVQQD Eyg1NjEwY2Q4OWZiYWM5YThiMzI0Mzc0MDdkOTE1MmNiMGYyYjcwMDFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtaXDjUU2XHT51mhax1U+N3C3/Yc ApDapFJ938DhrDB4/GAuEgjkkSVDroI1TwWK95xOKsz15zksMmrQT4wwzJa4/7DQ 6BDcvLo114Alk69zOkzhhyNavaanwXvRk5QvSymhCx1yqcyztyP+5+NnMtAzn3+D +M+l6rI/mqO5Pw/+DI9ECsmL+dGhvzv4L7HAA394YUzaeAjS5eJ8w5v9xgd/9wO0 QBIDtCGosGSImT/D6mRJD9/tWMIH3BgmJQUuHncsYLhQZ4C/4b/rHp2FO4a5Jwvv uZ9X+J0E/ygQgdJNFU+oJSCb/OgrDQYVRL1mfIfVlLNDywdC3TA0B5esiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFYQzYn7rJqLMkN0B9kVLLDytwAcMB8GA1UdIwQY MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghap3pOj fI1DsneOg5UibAEFG/oCb2fzbcPrpPx79JMscPLfkRhWVjfJFfC+QWs52Kgbyfmt oWOVf4ODuJ0l54rriU7YvAskfbUaRI9w7pW+cpLZvS8C2SCu9RvY3t2iYt611Cah wyRQvg9iZSAhzwmPkQxxbd0ubMezrtxEs6VSC1lLBq/jJLz8YBKj2GY8yxYKKJuV loignCaWjgzL9OYDD0A5NLNDtwo0mngESubCZ/zYsvBYGFmZJlUMZaJwtjMbnsbf aD8EhKTSSnGbIx20PP+f6+7hfld1Ot9OdJXzQ78JLWJj3lQrzCjmu6oMyAxt8yYB 5kjZ2ZVEqdJvnA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:41 2025 by rpki-client