This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft File: NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft (raw, json) Hash identifier: 4sm1Iew72uCDaftVY/FYOErfnWeKow7+VSqlh2pADwg= Subject key identifier: 4D:0C:27:6A:FA:7B:F9:44:91:88:64:97:15:69:B4:EF:0F:1C:54:66 Authority key identifier: 35:3F:17:F4:BB:B1:93:46:DC:5A:FC:0C:23:58:79:FB:E6:35:7C:6D Certificate issuer: /CN=353f17f4bbb19346dc5afc0c235879fbe6357c6d Certificate serial: 019B1ACD8AEAF2F1731512173B8C123E627D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft Manifest number: 0FF5 Signing time: Sun 14 Dec 2025 03:00:36 +0000 Manifest this update: Sun 14 Dec 2025 03:00:36 +0000 Manifest next update: Mon 15 Dec 2025 03:00:36 +0000 Files and hashes: 1: NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl (hash: gzuDTNMayil5DCEwIpxgkvKGxP84CI05cwH0EqKocLw=) 2: ZIEntIvRdoyNG_9f7umqM8GaOP0.roa (hash: fyIclvXxfmafIM00Oljz1bkGgUIAKrrEkFW8CDlF9q4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1a:cd:8a:ea:f2:f1:73:15:12:17:3b:8c:12:3e:62:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=353f17f4bbb19346dc5afc0c235879fbe6357c6d Validity Not Before: Dec 14 03:00:36 2025 GMT Not After : Dec 15 03:00:36 2025 GMT Subject: CN=4d0c276afa7bf944918864971569b4ef0f1c5466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ca:3b:c4:b9:59:7d:48:20:6a:b0:ed:11:f7: 4a:d0:c0:26:0b:29:ee:da:33:f0:7a:ac:8a:43:6a: 43:2a:a0:9d:90:6d:08:96:5a:dc:79:4e:fd:9b:cb: c3:dd:6a:11:74:b4:08:2f:ac:92:16:0c:65:8d:a8: 8f:e4:98:96:42:13:15:ee:d7:26:cd:b4:cb:6e:05: 39:85:00:d4:69:a5:f4:7c:9b:6b:59:1e:61:bc:53: 02:44:7b:93:c1:e5:f3:c3:66:90:c9:3b:12:cf:89: 25:9d:10:f5:82:10:88:3c:f6:b0:f4:3a:bd:44:71: 51:79:ae:89:f3:3c:5a:39:79:04:35:ad:18:88:cb: 23:08:a1:fd:11:3c:49:49:5c:c5:22:12:68:ce:24: c1:93:64:e7:08:b5:31:a5:c6:c8:64:ab:8e:12:30: dc:5d:85:73:2b:f9:17:94:1e:5c:61:6e:cf:b1:dc: 6b:53:80:44:83:15:47:11:73:42:5f:a5:5e:6a:df: 0f:f1:de:d1:ca:86:a4:c6:49:12:c6:7c:e1:db:a4: 93:68:53:0b:76:29:56:59:4e:fc:58:4e:5a:50:b8: 31:7a:5a:96:85:ec:e6:cc:64:98:ff:30:76:f7:1f: 9f:cb:48:c8:b9:3c:ef:c1:2f:b4:83:e9:99:20:41: ae:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:0C:27:6A:FA:7B:F9:44:91:88:64:97:15:69:B4:EF:0F:1C:54:66 X509v3 Authority Key Identifier: keyid:35:3F:17:F4:BB:B1:93:46:DC:5A:FC:0C:23:58:79:FB:E6:35:7C:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT8X9Luxk0bcWvwMI1h5--Y1fG0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0a24b5-b9ad-48a6-adf7-9fd84c79b0ef/1/NT8X9Luxk0bcWvwMI1h5--Y1fG0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:53:d6:c0:a1:6a:94:42:66:87:0f:63:d7:62:b6:6b:63:66: 8b:6a:39:de:57:c9:3e:89:d0:da:1e:da:27:da:2e:bc:24:ca: cd:1e:ed:4b:85:93:56:b6:a5:d3:f0:9b:bc:6c:ff:49:8f:b9: 48:ae:8a:08:ae:ca:1a:2d:5c:97:7d:a1:38:ef:6d:05:28:7d: 6b:ba:17:da:c8:0c:e2:e3:6a:4a:e8:f4:37:cb:dd:06:8d:ce: 26:2b:32:f1:7a:32:f2:68:d0:e1:c7:3d:64:7d:19:a6:2e:cc: cc:4a:26:95:52:2e:33:2d:7e:33:d1:bf:bd:17:27:91:b1:12: bf:33:bb:b2:7f:2d:7e:ef:a7:da:91:d9:f1:8d:d4:99:d8:3b: 82:10:42:d0:59:37:a2:53:73:7f:ae:fd:37:2b:0c:e9:bb:b7: 1f:32:94:99:af:9d:1a:2b:b2:dc:0a:21:41:16:19:70:97:13: ed:28:10:1f:32:2a:bf:3b:ae:d7:26:0b:69:ac:c2:15:1e:a2: 0b:19:6d:72:a7:31:c7:61:cd:3e:a9:e4:f9:c3:42:e4:e0:3b: 02:73:e6:37:6c:c7:47:6d:c0:9c:c5:f0:da:24:0c:33:40:cf: b4:15:86:6b:6d:55:26:8c:11:84:a8:50:52:71:73:51:88:f0: fb:f0:b6:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsazYrq8vFzFRIXO4wSPmJ9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1M2YxN2Y0YmJiMTkzNDZkYzVhZmMwYzIzNTg3OWZiZTYz NTdjNmQwHhcNMjUxMjE0MDMwMDM2WhcNMjUxMjE1MDMwMDM2WjAzMTEwLwYDVQQD Eyg0ZDBjMjc2YWZhN2JmOTQ0OTE4ODY0OTcxNTY5YjRlZjBmMWM1NDY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMo7xLlZfUggarDtEfdK0MAmCynu 2jPweqyKQ2pDKqCdkG0IllrceU79m8vD3WoRdLQIL6ySFgxljaiP5JiWQhMV7tcm zbTLbgU5hQDUaaX0fJtrWR5hvFMCRHuTweXzw2aQyTsSz4klnRD1ghCIPPaw9Dq9 RHFRea6J8zxaOXkENa0YiMsjCKH9ETxJSVzFIhJoziTBk2TnCLUxpcbIZKuOEjDc XYVzK/kXlB5cYW7PsdxrU4BEgxVHEXNCX6Veat8P8d7RyoakxkkSxnzh26STaFML dilWWU78WE5aULgxelqWhezmzGSY/zB29x+fy0jIuTzvwS+0g+mZIEGuDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE0MJ2r6e/lEkYhklxVptO8PHFRmMB8GA1UdIwQY MBaAFDU/F/S7sZNG3Fr8DCNYefvmNXxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wYTI0YjUtYjlhZC00OGE2LWFkZjct OWZkODRjNzliMGVmLzEvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wYTI0YjUtYjlhZC00OGE2LWFkZjctOWZkODRjNzliMGVm LzEvTlQ4WDlMdXhrMGJjV3Z3TUkxaDUtLVkxZkcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFPWwKFq lEJmhw9j12K2a2Nmi2o53lfJPonQ2h7aJ9ouvCTKzR7tS4WTVral0/CbvGz/SY+5 SK6KCK7KGi1cl32hOO9tBSh9a7oX2sgM4uNqSuj0N8vdBo3OJisy8Xoy8mjQ4cc9 ZH0Zpi7MzEomlVIuMy1+M9G/vRcnkbESvzO7sn8tfu+n2pHZ8Y3Umdg7ghBC0Fk3 olNzf679NysM6bu3HzKUma+dGiuy3AohQRYZcJcT7SgQHzIqvzuu1yYLaazCFR6i Cxltcqcxx2HNPqnk+cNC5OA7AnPmN2zHR23AnMXw2iQMM0DPtBWGa21VJowRhKhQ UnFzUYjw+/C2eQ== -----END CERTIFICATE-----Generated at Sun Dec 14 06:13:52 2025 by rpki-client