This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft File: nSBC44DWR2UTrMCPtU-8xzYm7D0.mft (raw, json) Hash identifier: 2ChludF8db/uuNh+84o0Cd/J8lQ/HbuKv1bQTgmvSUc= Subject key identifier: 9F:2D:F1:83:99:73:30:BE:92:86:46:37:2E:F3:95:18:7B:EA:3E:97 Authority key identifier: 9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D Certificate issuer: /CN=9d2042e380d6476513acc08fb54fbcc73626ec3d Certificate serial: 019B5ABFD5D5A92392A5A0B1F4CBE30B6E3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft Manifest number: 02C6 Signing time: Fri 26 Dec 2025 13:01:20 +0000 Manifest this update: Fri 26 Dec 2025 13:01:20 +0000 Manifest next update: Sat 27 Dec 2025 13:01:20 +0000 Files and hashes: 1: nSBC44DWR2UTrMCPtU-8xzYm7D0.crl (hash: u66iuMSmcs2HWlK5CK7hSVxDBfyugEEdFyitlfi7HKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:d5:d5:a9:23:92:a5:a0:b1:f4:cb:e3:0b:6e:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d2042e380d6476513acc08fb54fbcc73626ec3d Validity Not Before: Dec 26 13:01:20 2025 GMT Not After : Dec 27 13:01:20 2025 GMT Subject: CN=9f2df183997330be928646372ef395187bea3e97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:47:20:4e:ae:07:26:70:60:45:77:e5:5a:a9: 5d:7a:7c:43:db:51:fd:d7:f5:1c:8a:4d:99:0b:b5: 23:2c:8d:4f:4b:6a:47:cc:1e:c9:de:07:7e:d3:68: 38:fd:ac:4f:9f:8c:0e:41:51:fc:4e:b8:91:fd:75: 4c:ce:74:24:82:c4:1a:37:0c:bf:8e:00:7b:59:cb: a2:42:f7:60:26:60:f1:a6:ef:f7:f9:62:f0:cb:ec: 33:d6:06:4b:2c:0a:c7:55:e0:7f:c0:2b:84:70:8e: 9e:ec:4f:62:13:47:cc:af:1f:25:d8:92:38:c8:14: 51:7b:0f:ee:6a:43:ca:f3:c7:f8:75:cc:8f:e2:80: 7b:49:96:cc:be:4b:84:ae:02:99:ee:a8:ea:71:58: 0a:3f:fe:cb:4b:5a:3f:69:f7:b5:e8:13:1d:c5:b2: 31:20:a7:1a:67:65:ea:69:3c:2d:2b:46:fe:0a:33: 3f:1b:1a:5e:12:cf:58:33:7f:94:ca:24:2b:30:c6: d8:e5:dd:ff:bd:23:2d:95:7e:9b:08:d1:57:8d:13: 21:04:95:a6:57:c7:fd:05:64:06:0a:c7:40:89:0d: bc:13:62:4c:0b:80:90:31:62:82:78:6c:9e:f1:f5: 9f:7a:78:ba:dd:44:12:ae:07:fe:7d:96:6b:75:c0: 7a:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:2D:F1:83:99:73:30:BE:92:86:46:37:2E:F3:95:18:7B:EA:3E:97 X509v3 Authority Key Identifier: keyid:9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:54:ce:2b:eb:a7:eb:96:04:f5:35:b9:fe:53:db:4d:34:18: 48:0f:10:1c:1f:09:0c:1c:6e:3b:19:90:f7:3c:a5:5a:ef:bd: ae:fb:4a:e7:84:c3:4d:ed:ed:e5:24:a1:3d:c3:46:4f:5a:78: c0:2a:37:f3:9e:8d:f1:cd:51:98:e5:e5:bf:18:72:b9:02:42: ee:6d:bf:f1:43:24:d3:50:88:d6:2b:11:6c:40:3f:7d:c8:b4: 09:c4:ec:74:33:03:25:f7:22:7a:78:20:a4:76:a5:6c:de:82: 0d:93:54:d4:00:b1:c5:27:98:4e:21:f6:0f:e7:6c:8a:9a:56: 4e:6f:a0:3b:65:30:eb:0a:3a:6e:52:d2:1a:a6:85:a5:6b:4a: a8:8b:53:64:13:06:fd:47:ae:2e:2f:ee:95:a9:36:cd:be:36: 15:9d:13:85:4d:cc:50:9c:a2:3d:a1:ed:ad:8f:8e:50:b2:d4: ac:f3:05:be:c0:45:b0:0f:d7:70:c0:9e:29:24:6b:73:f4:cb: 4d:ae:e8:ad:a6:5c:d4:17:ba:da:a2:3f:57:ec:98:81:b0:7e: 65:9b:a4:2a:1f:2e:95:b6:39:e7:77:9b:1f:3a:bf:e9:ea:7f: d3:6a:1b:ff:b5:ee:ca:ab:4d:1f:93:f4:e7:a8:07:90:92:c8: 03:2a:0f:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav9XVqSOSpaCx9MvjC246MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjA0MmUzODBkNjQ3NjUxM2FjYzA4ZmI1NGZiY2M3MzYy NmVjM2QwHhcNMjUxMjI2MTMwMTIwWhcNMjUxMjI3MTMwMTIwWjAzMTEwLwYDVQQD Eyg5ZjJkZjE4Mzk5NzMzMGJlOTI4NjQ2MzcyZWYzOTUxODdiZWEzZTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkcgTq4HJnBgRXflWqldenxD21H9 1/Ucik2ZC7UjLI1PS2pHzB7J3gd+02g4/axPn4wOQVH8TriR/XVMznQkgsQaNwy/ jgB7WcuiQvdgJmDxpu/3+WLwy+wz1gZLLArHVeB/wCuEcI6e7E9iE0fMrx8l2JI4 yBRRew/uakPK88f4dcyP4oB7SZbMvkuErgKZ7qjqcVgKP/7LS1o/afe16BMdxbIx IKcaZ2XqaTwtK0b+CjM/GxpeEs9YM3+UyiQrMMbY5d3/vSMtlX6bCNFXjRMhBJWm V8f9BWQGCsdAiQ28E2JMC4CQMWKCeGye8fWfeni63UQSrgf+fZZrdcB6IQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ8t8YOZczC+koZGNy7zlRh76j6XMB8GA1UdIwQY MBaAFJ0gQuOA1kdlE6zAj7VPvMc2Juw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDct ZGVkMzg2MmI3NjMxLzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDctZGVkMzg2MmI3NjMx LzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFTOK+un 65YE9TW5/lPbTTQYSA8QHB8JDBxuOxmQ9zylWu+9rvtK54TDTe3t5SShPcNGT1p4 wCo3856N8c1RmOXlvxhyuQJC7m2/8UMk01CI1isRbEA/fci0CcTsdDMDJfciengg pHalbN6CDZNU1ACxxSeYTiH2D+dsippWTm+gO2Uw6wo6blLSGqaFpWtKqItTZBMG /UeuLi/ulak2zb42FZ0ThU3MUJyiPaHtrY+OULLUrPMFvsBFsA/XcMCeKSRrc/TL Ta7oraZc1Be62qI/V+yYgbB+ZZukKh8ulbY553ebHzq/6ep/02ob/7XuyqtNH5P0 56gHkJLIAyoPFw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:23 2025 by rpki-client