This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json) Hash identifier: ZPx5oL2DXwx9jfR61o9emS+UEDqmwTLPvVKJ+IriW68= Subject key identifier: E1:1C:15:F0:2E:C6:71:8A:FB:97:5A:C0:AA:2B:AE:20:DD:62:22:00 Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Certificate serial: 019AFCC3C9ED3CF21111902CE9C9A10A4CE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft Manifest number: 132D Signing time: Mon 08 Dec 2025 07:01:20 +0000 Manifest this update: Mon 08 Dec 2025 07:01:20 +0000 Manifest next update: Tue 09 Dec 2025 07:01:20 +0000 Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=) 2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: 7IE3Fp3uBOOVCgQEptG/UsMcv3lBQ7Wu6nTv+61CkXo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 07:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c3:c9:ed:3c:f2:11:11:90:2c:e9:c9:a1:0a:4c:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Validity Not Before: Dec 8 07:01:20 2025 GMT Not After : Dec 9 07:01:20 2025 GMT Subject: CN=e11c15f02ec6718afb975ac0aa2bae20dd622200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:aa:65:7f:b2:bf:38:2d:93:7e:ec:1b:a2:75: df:b1:87:58:bf:a9:db:43:a5:08:90:90:36:b1:17: dd:62:25:63:1d:53:77:30:44:c5:4d:8f:38:72:69: ed:20:07:13:c8:f7:10:be:6b:62:0d:d1:6c:d2:7d: 55:6f:15:3e:45:36:17:2d:88:19:57:b5:01:04:5a: 08:ba:5e:c3:68:fb:91:2d:c5:a2:ae:58:8f:f9:af: 50:51:c9:83:29:9a:38:66:67:66:75:c6:3f:9c:6b: 5c:2d:c4:35:44:90:49:49:ca:dc:1a:5c:88:b1:cf: 7b:85:75:51:8a:87:0d:34:21:18:1b:9c:c2:7e:9d: ba:f9:0b:e2:42:f2:a3:5e:8c:9b:b1:0b:f0:d9:d3: d3:11:8f:8d:c8:aa:0c:0e:cb:f6:cf:2b:a1:de:59: 11:72:f2:0f:24:c9:ac:21:6c:af:f4:ba:77:3a:2b: 1e:b5:bd:bb:15:2c:cc:6e:e9:26:64:af:8e:2a:5c: b9:09:3c:e7:f2:b8:4e:e3:3e:e4:46:97:cd:72:21: 2b:89:58:1b:25:d0:96:75:b0:d5:6d:6e:fa:fc:1e: 7d:5e:39:5e:07:0f:13:ba:a6:d7:29:89:1b:8f:2e: d8:48:ba:7f:01:a8:5a:60:66:7e:10:b6:20:85:92: 40:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:1C:15:F0:2E:C6:71:8A:FB:97:5A:C0:AA:2B:AE:20:DD:62:22:00 X509v3 Authority Key Identifier: keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:e1:74:6b:b5:b2:6f:4a:68:89:d1:fc:00:0f:a6:67:c2:26: 9b:3c:89:21:5c:45:28:56:12:4c:ed:45:fe:dd:2c:65:31:86: c4:a1:f2:2c:7c:18:2e:e2:3a:a6:cf:7d:4e:d4:3c:ff:ba:85: cb:01:7b:31:92:13:f7:05:e1:ed:1a:68:6b:4e:3a:20:b8:0b: ca:3d:3b:77:33:ae:de:1c:63:23:ea:78:c1:18:7b:38:9f:8a: 24:22:c3:38:09:74:fd:d4:8a:b0:27:9d:23:e2:3b:cf:d0:8a: 6d:89:3f:f1:a1:0f:ab:99:4d:4c:7d:ee:14:6b:8e:19:37:a7: ae:8f:3d:4e:af:23:66:db:d6:69:2e:fe:03:94:e0:90:da:ca: 63:57:c1:29:58:cc:69:33:63:77:d9:2e:23:67:01:14:fd:02: bf:51:9a:db:7e:c7:74:6f:90:83:08:a4:69:70:be:47:9f:d8: cd:ed:f0:51:5e:8d:6c:55:97:b1:1e:b6:7b:97:f3:0f:77:00: ae:a3:55:a6:83:5e:e8:6d:e0:97:d2:1a:e5:16:f0:e6:5f:e1: e9:6b:22:c4:76:0a:a9:cf:77:61:a1:34:ec:1b:88:a0:32:a0: 36:e5:5f:cd:75:58:f7:33:83:1f:0b:9b:30:b6:f1:d5:4e:34: e3:06:c7:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8w8ntPPIREZAs6cmhCkziMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj M2Q1ZGEwHhcNMjUxMjA4MDcwMTIwWhcNMjUxMjA5MDcwMTIwWjAzMTEwLwYDVQQD EyhlMTFjMTVmMDJlYzY3MThhZmI5NzVhYzBhYTJiYWUyMGRkNjIyMjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36plf7K/OC2TfuwbonXfsYdYv6nb Q6UIkJA2sRfdYiVjHVN3METFTY84cmntIAcTyPcQvmtiDdFs0n1VbxU+RTYXLYgZ V7UBBFoIul7DaPuRLcWirliP+a9QUcmDKZo4ZmdmdcY/nGtcLcQ1RJBJScrcGlyI sc97hXVRiocNNCEYG5zCfp26+QviQvKjXoybsQvw2dPTEY+NyKoMDsv2zyuh3lkR cvIPJMmsIWyv9Lp3Oisetb27FSzMbukmZK+OKly5CTzn8rhO4z7kRpfNciEriVgb JdCWdbDVbW76/B59XjleBw8TuqbXKYkbjy7YSLp/AahaYGZ+ELYghZJACQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOEcFfAuxnGK+5dawKorriDdYiIAMB8GA1UdIwQY MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr+F0a7Wy b0poidH8AA+mZ8ImmzyJIVxFKFYSTO1F/t0sZTGGxKHyLHwYLuI6ps99TtQ8/7qF ywF7MZIT9wXh7Rpoa046ILgLyj07dzOu3hxjI+p4wRh7OJ+KJCLDOAl0/dSKsCed I+I7z9CKbYk/8aEPq5lNTH3uFGuOGTenro89Tq8jZtvWaS7+A5TgkNrKY1fBKVjM aTNjd9kuI2cBFP0Cv1Ga237HdG+QgwikaXC+R5/Yze3wUV6NbFWXsR62e5fzD3cA rqNVpoNe6G3gl9Ia5Rbw5l/h6WsixHYKqc93YaE07BuIoDKgNuVfzXVY9zODHwub MLbx1U404wbHfg== -----END CERTIFICATE-----Generated at Mon Dec 8 12:43:38 2025 by rpki-client