This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft File: nvnDHh7MuhkCs_YiWT3pcspxi1w.mft (raw, json) Hash identifier: NwaLBRFVwPC5R73TfHs7U8YAzs2hU5W7+uWQRiUMO6E= Subject key identifier: D3:98:CF:75:66:FC:A5:76:2A:7A:5E:E4:21:43:DB:37:17:DB:2B:47 Authority key identifier: 9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C Certificate issuer: /CN=9ef9c31e1eccba1902b3f622593de972ca718b5c Certificate serial: 019B378EBB9D6885EC20BE0E771F09F041CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft Manifest number: 0EDD Signing time: Fri 19 Dec 2025 17:00:59 +0000 Manifest this update: Fri 19 Dec 2025 17:00:59 +0000 Manifest next update: Sat 20 Dec 2025 17:00:59 +0000 Files and hashes: 1: nvnDHh7MuhkCs_YiWT3pcspxi1w.crl (hash: 5zvB1VKjvXq1a2wecYVlDH4S+6BWoeinJJkAsB25iXo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:8e:bb:9d:68:85:ec:20:be:0e:77:1f:09:f0:41:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ef9c31e1eccba1902b3f622593de972ca718b5c Validity Not Before: Dec 19 17:00:59 2025 GMT Not After : Dec 20 17:00:59 2025 GMT Subject: CN=d398cf7566fca5762a7a5ee42143db3717db2b47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:03:80:6f:1c:29:81:b2:f4:e0:de:ed:97:50: 31:7e:a7:31:10:00:8a:64:0d:1b:a8:26:c0:57:13: 73:be:20:09:c9:b1:2d:ec:39:4e:be:67:88:38:6e: 5c:c1:1b:20:a1:87:27:ee:93:5a:fe:73:f3:c8:85: 3b:82:68:1d:e7:a7:9c:09:ca:61:06:8f:9c:2f:3b: 53:50:7c:03:bb:d4:66:65:d7:e6:f1:7a:7c:63:5f: 53:3e:56:54:ce:f8:f3:c3:16:ac:3f:e4:ee:09:b4: 05:f1:cd:b6:d4:46:fc:89:c1:3d:ca:c7:39:03:d8: dc:ce:d5:8c:19:77:3c:ee:b4:cc:25:85:89:78:5c: 2d:ea:9b:a0:1d:ca:47:9f:01:b6:6a:9b:20:82:bd: 28:8c:f7:56:3a:fe:ce:96:2d:a3:3f:7e:13:b2:13: 55:35:2b:ec:9d:01:5a:7b:74:ae:b0:8d:01:9c:49: 64:55:dc:f5:62:fe:aa:55:96:e7:5d:95:36:a2:79: 15:f4:85:14:c0:24:e6:18:12:88:ae:4e:e6:bb:c3: 29:36:21:35:4d:8b:ec:5e:e2:8d:64:32:6f:22:43: 97:65:fd:b9:b9:5b:a4:82:a7:43:fc:3e:7b:62:b9: 41:c9:b6:ad:7f:bc:f2:ba:6a:6b:fe:9b:f1:9d:04: 8b:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:98:CF:75:66:FC:A5:76:2A:7A:5E:E4:21:43:DB:37:17:DB:2B:47 X509v3 Authority Key Identifier: keyid:9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:92:cd:97:cb:ec:19:c6:a3:d7:1d:ce:3c:41:57:c3:b0:b4: 02:40:cc:38:ab:3a:4f:af:6a:99:59:29:6b:0a:2d:7e:af:e1: 8b:cf:da:d5:58:92:ad:3f:ca:c8:ac:48:93:00:92:24:35:ae: 8b:fe:6e:83:5c:4f:d4:07:73:50:00:c3:86:ee:98:1a:48:28: 5f:8e:2d:38:46:52:fb:25:11:81:ee:9b:a0:8e:53:bc:13:9d: cf:a2:c5:79:21:36:36:61:29:36:0c:ad:c5:f9:33:dd:12:71: 6c:b5:c5:85:ba:a0:3b:f0:b0:6f:8c:27:a3:ce:a8:d8:b8:07: f7:6c:7c:8b:e5:e5:33:bc:56:9a:bf:f0:5b:db:ae:1c:e8:43: 2a:59:11:07:d9:36:2b:f5:35:97:ef:07:eb:8c:7c:7e:22:c9: 47:b3:b6:63:6b:a4:64:76:da:f5:63:4c:02:d9:1b:0a:c2:1d: a8:88:6b:2d:46:33:1a:3b:c6:45:c2:c3:18:ef:9f:5e:58:ef: 7a:41:62:79:81:54:aa:be:94:72:b5:99:a2:80:5f:61:4d:ab: 1d:46:f3:d3:d9:c8:43:ae:2b:13:db:5c:29:51:7f:2d:4e:ae: 28:04:12:99:bd:a1:f0:b2:b3:ff:fd:7e:fb:4d:de:3c:61:4f: 10:58:ef:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3jrudaIXsIL4Odx8J8EHMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllZjljMzFlMWVjY2JhMTkwMmIzZjYyMjU5M2RlOTcyY2E3 MThiNWMwHhcNMjUxMjE5MTcwMDU5WhcNMjUxMjIwMTcwMDU5WjAzMTEwLwYDVQQD EyhkMzk4Y2Y3NTY2ZmNhNTc2MmE3YTVlZTQyMTQzZGIzNzE3ZGIyYjQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQOAbxwpgbL04N7tl1AxfqcxEACK ZA0bqCbAVxNzviAJybEt7DlOvmeIOG5cwRsgoYcn7pNa/nPzyIU7gmgd56ecCcph Bo+cLztTUHwDu9RmZdfm8Xp8Y19TPlZUzvjzwxasP+TuCbQF8c221Eb8icE9ysc5 A9jcztWMGXc87rTMJYWJeFwt6pugHcpHnwG2apsggr0ojPdWOv7Oli2jP34TshNV NSvsnQFae3SusI0BnElkVdz1Yv6qVZbnXZU2onkV9IUUwCTmGBKIrk7mu8MpNiE1 TYvsXuKNZDJvIkOXZf25uVukgqdD/D57YrlBybatf7zyumpr/pvxnQSLBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNOYz3Vm/KV2Knpe5CFD2zcX2ytHMB8GA1UdIwQY MBaAFJ75wx4ezLoZArP2Ilk96XLKcYtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzIt OTcyYzBmYWU2N2I4LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzItOTcyYzBmYWU2N2I4 LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZLNl8vs Gcaj1x3OPEFXw7C0AkDMOKs6T69qmVkpawotfq/hi8/a1ViSrT/KyKxIkwCSJDWu i/5ug1xP1AdzUADDhu6YGkgoX44tOEZS+yURge6boI5TvBOdz6LFeSE2NmEpNgyt xfkz3RJxbLXFhbqgO/Cwb4wno86o2LgH92x8i+XlM7xWmr/wW9uuHOhDKlkRB9k2 K/U1l+8H64x8fiLJR7O2Y2ukZHba9WNMAtkbCsIdqIhrLUYzGjvGRcLDGO+fXljv ekFieYFUqr6UcrWZooBfYU2rHUbz09nIQ64rE9tcKVF/LU6uKAQSmb2h8LKz//1+ +03ePGFPEFjvCA== -----END CERTIFICATE-----Generated at Sat Dec 20 02:03:35 2025 by rpki-client