This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json) Hash identifier: 6laj5rj6fH7zAFCXA5sUAyvV3gntkJGNyfSBgCGR5DU= Subject key identifier: 88:FF:9B:AD:E5:27:C0:23:90:12:55:16:F3:1F:7E:06:E4:17:79:0B Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca Certificate serial: 019B183AE3FFEA00979DE665CCCF32A57429 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft Manifest number: 1774 Signing time: Sat 13 Dec 2025 15:01:11 +0000 Manifest this update: Sat 13 Dec 2025 15:01:11 +0000 Manifest next update: Sun 14 Dec 2025 15:01:11 +0000 Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=) 2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: +FZ2C7dwOBFhBGvgqOvUGePMRSG/VZYmHphd1BX5WVw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 15:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:3a:e3:ff:ea:00:97:9d:e6:65:cc:cf:32:a5:74:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca Validity Not Before: Dec 13 15:01:11 2025 GMT Not After : Dec 14 15:01:11 2025 GMT Subject: CN=88ff9bade527c02390125516f31f7e06e417790b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:1f:8f:9e:3e:eb:d9:99:08:79:82:b3:80:3f: f9:b9:f7:f1:98:f6:9e:b0:47:d1:d1:29:10:6d:d8: ff:3c:7f:05:f1:e3:78:7b:1c:2f:34:cd:ab:9f:80: 3d:3e:cc:df:4f:31:10:b8:20:3e:03:50:6d:07:9a: 65:f4:ad:e1:ad:ee:40:96:ef:1f:79:21:e3:8c:f3: 85:b1:14:46:e9:b9:9c:ec:82:07:88:7f:62:e4:9c: 1a:40:58:cf:9c:1a:1d:3e:97:16:0c:99:76:9c:52: e1:ca:68:f4:98:e4:00:1f:ce:4f:23:8c:b0:40:97: 24:f1:7a:b1:6a:76:97:f3:71:10:22:9a:bb:01:8f: 5b:ab:79:13:7c:48:65:57:30:ab:1b:4b:8f:7c:91: 32:fd:d3:e4:2a:c9:74:9a:1f:96:2f:88:6f:4f:10: a4:e8:5a:a4:7e:2c:0a:cb:9d:7d:2b:80:9a:01:6c: 07:50:1d:d7:7f:73:ed:e6:98:78:45:ae:1e:a5:40: 7e:b3:79:44:f0:0f:3e:4b:94:e1:5c:5c:7f:f5:cf: 1d:d3:17:97:c7:3a:85:04:45:24:21:eb:f0:3e:1e: b2:fb:6a:c8:7a:08:5d:d3:1a:43:e1:58:e4:44:64: 62:e4:f2:6d:a5:bd:68:a1:8f:00:3d:8a:50:a9:54: 63:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:FF:9B:AD:E5:27:C0:23:90:12:55:16:F3:1F:7E:06:E4:17:79:0B X509v3 Authority Key Identifier: keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:89:9d:b5:a1:b2:cb:c9:a7:c5:77:ad:b5:7f:89:f1:23:07: a7:16:18:10:82:38:15:b5:ef:a8:b9:a6:5f:13:6d:8b:cd:6c: 83:27:d7:5b:58:ff:d4:a3:ba:e1:09:3e:27:04:96:12:1a:62: b4:15:85:b4:75:32:c3:28:56:25:23:06:28:5e:8b:e2:b6:64: 11:f6:ef:ac:ee:9d:4d:97:60:87:48:7d:92:f1:80:81:e0:10: e7:d6:6d:cc:b2:89:fc:2a:e2:25:e8:3d:fd:13:1d:c5:a4:81: a7:86:86:7d:e8:dd:9c:69:b7:77:34:8a:d4:a2:13:51:89:f7: ba:7c:f6:0f:51:28:83:4c:66:de:2d:7a:99:3b:45:20:32:7d: fd:2c:58:2c:23:4f:31:f9:e5:ff:b1:1d:f2:26:1f:7f:6d:15: e9:8c:d7:20:d7:33:d1:06:ff:cb:53:19:41:7d:e7:48:a6:7f: c7:2a:31:65:cc:71:fa:0e:75:4e:d1:75:65:4e:a2:1d:f2:ee: 18:7b:a4:df:9a:b5:75:b0:b4:3e:4a:fb:59:3a:ec:20:fc:96: d3:75:80:75:a4:3f:09:4b:00:54:aa:43:08:4d:db:c3:fc:df: b7:d6:0b:d4:74:6d:f3:ee:39:36:70:2e:23:03:67:2e:1f:37: 94:d7:00:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsYOuP/6gCXneZlzM8ypXQpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl OGI0Y2EwHhcNMjUxMjEzMTUwMTExWhcNMjUxMjE0MTUwMTExWjAzMTEwLwYDVQQD Eyg4OGZmOWJhZGU1MjdjMDIzOTAxMjU1MTZmMzFmN2UwNmU0MTc3OTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h+Pnj7r2ZkIeYKzgD/5uffxmPae sEfR0SkQbdj/PH8F8eN4exwvNM2rn4A9PszfTzEQuCA+A1BtB5pl9K3hre5Alu8f eSHjjPOFsRRG6bmc7IIHiH9i5JwaQFjPnBodPpcWDJl2nFLhymj0mOQAH85PI4yw QJck8XqxanaX83EQIpq7AY9bq3kTfEhlVzCrG0uPfJEy/dPkKsl0mh+WL4hvTxCk 6FqkfiwKy519K4CaAWwHUB3Xf3Pt5ph4Ra4epUB+s3lE8A8+S5ThXFx/9c8d0xeX xzqFBEUkIevwPh6y+2rIeghd0xpD4VjkRGRi5PJtpb1ooY8APYpQqVRjvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIj/m63lJ8AjkBJVFvMffgbkF3kLMB8GA1UdIwQY MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5 LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYmdtaGy y8mnxXettX+J8SMHpxYYEII4FbXvqLmmXxNti81sgyfXW1j/1KO64Qk+JwSWEhpi tBWFtHUywyhWJSMGKF6L4rZkEfbvrO6dTZdgh0h9kvGAgeAQ59ZtzLKJ/CriJeg9 /RMdxaSBp4aGfejdnGm3dzSK1KITUYn3unz2D1Eog0xm3i16mTtFIDJ9/SxYLCNP Mfnl/7Ed8iYff20V6YzXINcz0Qb/y1MZQX3nSKZ/xyoxZcxx+g51TtF1ZU6iHfLu GHuk35q1dbC0Pkr7WTrsIPyW03WAdaQ/CUsAVKpDCE3bw/zft9YL1HRt8+45NnAu IwNnLh83lNcAjA== -----END CERTIFICATE-----Generated at Sun Dec 14 01:06:36 2025 by rpki-client