This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft File: NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json) Hash identifier: Ze2itnis3uP8c5IpnX6d4q8mVUTtDJMOC8XmSyMZ8mI= Subject key identifier: E8:CD:E3:7E:97:1E:DF:76:2C:72:97:33:73:42:8A:28:81:62:CD:97 Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5 Certificate issuer: /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5 Certificate serial: 019B38A1AE3CBDBC2C6190F64F5137DD6E21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft Manifest number: 0E7D Signing time: Fri 19 Dec 2025 22:01:18 +0000 Manifest this update: Fri 19 Dec 2025 22:01:18 +0000 Manifest next update: Sat 20 Dec 2025 22:01:18 +0000 Files and hashes: 1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: lFkf4c9kyWGy5DnbIGu/F3xR8DRyXLxRW+b8cjrEuMA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:ae:3c:bd:bc:2c:61:90:f6:4f:51:37:dd:6e:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5 Validity Not Before: Dec 19 22:01:18 2025 GMT Not After : Dec 20 22:01:18 2025 GMT Subject: CN=e8cde37e971edf762c72973373428a288162cd97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:83:5e:15:9e:30:32:89:2d:e5:49:05:f6:b2: 8a:6b:a8:47:38:36:46:1c:d0:6e:90:b0:82:cd:7c: cf:1d:73:34:55:90:e2:dc:cf:df:a7:af:aa:bf:e5: 9d:e1:9d:b6:f9:c9:e1:ff:ef:18:f1:ca:7f:6b:e1: 74:da:f7:5d:ac:2b:54:83:71:cc:90:a7:12:da:3e: b3:c8:ec:db:7f:c5:af:ad:68:ad:08:fc:3c:be:c8: 18:63:b2:2d:b6:52:a9:0f:2c:83:23:06:2a:03:a5: fa:f6:11:6f:e5:c6:ca:39:ad:fe:3c:1a:e6:8d:ce: 65:4b:2c:b5:d1:ae:d8:2e:a5:16:55:98:c2:fc:48: bd:46:e5:63:58:fd:9f:5c:d5:52:b5:15:78:ff:af: b7:60:a5:9d:c1:f1:fd:d9:e4:9c:92:b1:2b:b0:0c: cc:ac:23:79:31:23:cf:8a:76:ad:18:e4:5f:52:99: d6:32:ac:35:3c:96:a1:4f:4f:2b:ac:dc:dc:a5:c1: e1:18:9f:a7:b1:01:f5:58:29:d5:10:8b:76:ab:26: 61:d5:75:de:81:1f:4b:2f:7b:29:e3:2f:03:f0:9c: 89:1b:e0:ea:4a:c7:be:e1:c5:fd:76:5a:0f:56:0a: b4:5e:97:0f:26:5d:31:13:d4:22:d5:c4:ff:97:7b: 8f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:CD:E3:7E:97:1E:DF:76:2C:72:97:33:73:42:8A:28:81:62:CD:97 X509v3 Authority Key Identifier: keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:41:26:d3:29:ef:59:5c:1c:fb:b0:72:91:00:4d:c3:20:55: 0d:f2:19:00:51:fd:50:a6:d8:80:48:7b:19:62:3b:41:2f:4b: 94:77:e5:ba:9c:37:c3:90:5e:52:9e:c1:2f:86:86:fe:fc:cc: a9:45:59:98:fa:02:56:62:1b:d4:4d:95:5c:53:32:be:bd:04: f3:c5:60:40:be:ff:59:0a:24:e6:eb:f8:1a:ed:50:8b:3b:16: 97:10:ad:5c:40:f6:c1:96:fe:32:5a:ea:46:ff:8b:12:f3:a4: 00:25:f1:a8:93:ae:06:0f:94:c7:ce:25:65:40:81:88:d1:31: 46:51:84:e1:7d:6a:f1:4c:99:e1:30:e9:07:27:9c:5b:b4:67: ae:c0:2a:ee:59:4e:41:66:c7:eb:87:b9:b8:5f:2d:de:91:93: 4f:51:c0:57:1f:3c:76:1f:af:12:40:23:d3:4d:74:8d:76:0f: 6e:e8:02:6f:67:3b:76:97:3e:ce:dd:b0:07:02:43:80:55:5e: db:e6:76:e1:75:63:e5:26:44:1a:38:f7:96:95:c1:60:7b:ac: cc:98:75:ee:57:b7:b6:ca:51:ae:62:19:59:29:94:e9:fe:20: 22:18:bb:d6:23:b4:b1:95:be:57:a7:f0:0e:1d:ea:ae:7c:f6: 3f:28:2e:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oa48vbwsYZD2T1E33W4hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz ZmY2ZDUwHhcNMjUxMjE5MjIwMTE4WhcNMjUxMjIwMjIwMTE4WjAzMTEwLwYDVQQD EyhlOGNkZTM3ZTk3MWVkZjc2MmM3Mjk3MzM3MzQyOGEyODgxNjJjZDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzINeFZ4wMokt5UkF9rKKa6hHODZG HNBukLCCzXzPHXM0VZDi3M/fp6+qv+Wd4Z22+cnh/+8Y8cp/a+F02vddrCtUg3HM kKcS2j6zyOzbf8WvrWitCPw8vsgYY7IttlKpDyyDIwYqA6X69hFv5cbKOa3+PBrm jc5lSyy10a7YLqUWVZjC/Ei9RuVjWP2fXNVStRV4/6+3YKWdwfH92eSckrErsAzM rCN5MSPPinatGORfUpnWMqw1PJahT08rrNzcpcHhGJ+nsQH1WCnVEIt2qyZh1XXe gR9LL3sp4y8D8JyJG+DqSse+4cX9dloPVgq0XpcPJl0xE9Qi1cT/l3uP4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOjN436XHt92LHKXM3NCiiiBYs2XMB8GA1UdIwQY MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0Em0ynv WVwc+7BykQBNwyBVDfIZAFH9UKbYgEh7GWI7QS9LlHflupw3w5BeUp7BL4aG/vzM qUVZmPoCVmIb1E2VXFMyvr0E88VgQL7/WQok5uv4Gu1QizsWlxCtXED2wZb+Mlrq Rv+LEvOkACXxqJOuBg+Ux84lZUCBiNExRlGE4X1q8UyZ4TDpByecW7RnrsAq7llO QWbH64e5uF8t3pGTT1HAVx88dh+vEkAj0010jXYPbugCb2c7dpc+zt2wBwJDgFVe 2+Z24XVj5SZEGjj3lpXBYHuszJh17le3tspRrmIZWSmU6f4gIhi71iO0sZW+V6fw Dh3qrnz2PyguMA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:39:16 2025 by rpki-client