This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft File: nSAoCNH5FFVeG9WcFncof_mztZA.mft (raw, json) Hash identifier: HChDadHD+MZbOfw0vFDDNSsP+NK0r9zOonOrPGPdZho= Subject key identifier: A7:F5:B6:8A:0B:39:83:44:AF:59:D9:1C:5F:B2:BE:6B:38:41:9B:46 Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 Certificate issuer: /CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Certificate serial: 019AFB0B8E90CC88D277C355EC01B20B2B24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft Manifest number: 1170 Signing time: Sun 07 Dec 2025 23:00:29 +0000 Manifest this update: Sun 07 Dec 2025 23:00:29 +0000 Manifest next update: Mon 08 Dec 2025 23:00:29 +0000 Files and hashes: 1: nSAoCNH5FFVeG9WcFncof_mztZA.crl (hash: sFA74UYRMX/nW++R95X8Nwl8ZkiEJdxugJOTas87AmQ=) 2: qztp8oOkrsOnZQZ-AVesJkd8gBA.roa (hash: w8j5kLnBBDJA6YAxwk7yr2iHlxdseJ2t5FGwhKWuj0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 19:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:0b:8e:90:cc:88:d2:77:c3:55:ec:01:b2:0b:2b:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Validity Not Before: Dec 7 23:00:29 2025 GMT Not After : Dec 8 23:00:29 2025 GMT Subject: CN=a7f5b68a0b398344af59d91c5fb2be6b38419b46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:30:e1:10:f6:62:4b:45:a8:54:7f:bd:33:5f: ef:fa:4f:61:fb:c9:e8:be:6a:29:75:2b:bd:98:b5: 23:81:c9:47:93:7b:2c:b2:2b:0f:58:23:2f:ed:a6: f1:75:8f:cf:df:8f:98:de:83:a1:a4:0f:e7:55:5b: 52:43:ae:8f:29:a3:6f:6b:64:bd:19:fc:da:f6:2f: 26:86:f4:2a:bd:09:bf:3a:23:ab:36:a0:74:40:c4: 1b:16:19:f9:1d:92:f0:30:22:12:31:26:27:1f:88: 4d:03:fd:b6:04:29:f5:c0:ee:ab:1d:40:99:92:1c: a3:c6:7e:99:6e:b5:e2:03:6a:f0:07:36:55:c3:4d: 5c:54:31:86:7f:6f:92:79:94:9c:4f:2d:c3:ab:ed: a3:ec:62:d4:d5:fc:95:43:96:e1:53:ab:3c:69:ae: 6c:37:bd:a3:b3:31:41:31:9d:49:42:94:40:2f:bf: b9:8d:f1:51:6e:dd:10:70:30:f0:e6:36:78:50:15: 62:19:cf:06:9e:9b:59:1d:92:c5:89:4b:85:06:e6: ca:b6:06:33:a6:fa:29:12:3f:e3:80:19:0d:c5:01: 53:24:f1:17:82:7c:a2:01:b0:dc:92:b0:16:c7:2c: 53:15:8c:d9:0b:d5:ae:34:95:74:a0:d0:c4:c8:1a: 88:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:F5:B6:8A:0B:39:83:44:AF:59:D9:1C:5F:B2:BE:6B:38:41:9B:46 X509v3 Authority Key Identifier: keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:2b:be:ca:1e:63:4d:53:c4:67:94:1a:3f:15:d2:63:d7:c1: c0:cf:66:20:f9:5c:19:e1:76:cb:25:ab:13:9b:8b:eb:c3:bb: 46:0d:a6:d4:fe:2f:98:71:0b:eb:7b:5f:11:a3:1c:1e:f6:87: 76:14:2c:2a:53:9a:b9:6a:2c:d9:31:25:29:4c:4b:59:a2:d1: 33:0e:c2:93:2a:31:50:e3:5f:e8:c1:2c:60:b2:a2:86:80:cf: 3f:ee:5b:2b:7d:15:71:c4:99:d0:b3:23:60:45:3e:85:33:c2: d1:f5:f6:7d:5e:43:d1:e2:1b:e0:b4:c5:f5:49:58:b2:16:b5: 9e:85:fd:81:89:6d:64:e5:29:9b:48:d4:42:b2:e6:01:c0:61: a1:e2:8e:35:b9:43:2a:bc:6f:a0:6d:ff:be:b2:01:e1:dd:10: fd:07:b0:8f:81:13:f0:fc:b8:6b:95:d5:ec:d8:a1:7e:cd:f6: 41:2a:16:f3:9a:03:77:e5:c7:90:e8:33:3c:a2:6c:a3:49:82: 74:d1:e1:19:c4:92:26:e3:8e:ec:01:6f:cf:a2:99:3e:0f:31: 56:83:14:c4:71:95:81:81:31:88:cf:e7:7e:84:99:92:42:ce: 3b:91:22:33:ad:43:aa:44:e9:ba:90:bc:45:a4:98:cc:2b:8c: fb:3e:ca:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr7C46QzIjSd8NV7AGyCyskMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli M2I1OTAwHhcNMjUxMjA3MjMwMDI5WhcNMjUxMjA4MjMwMDI5WjAzMTEwLwYDVQQD EyhhN2Y1YjY4YTBiMzk4MzQ0YWY1OWQ5MWM1ZmIyYmU2YjM4NDE5YjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjDhEPZiS0WoVH+9M1/v+k9h+8no vmopdSu9mLUjgclHk3sssisPWCMv7abxdY/P34+Y3oOhpA/nVVtSQ66PKaNva2S9 Gfza9i8mhvQqvQm/OiOrNqB0QMQbFhn5HZLwMCISMSYnH4hNA/22BCn1wO6rHUCZ khyjxn6ZbrXiA2rwBzZVw01cVDGGf2+SeZScTy3Dq+2j7GLU1fyVQ5bhU6s8aa5s N72jszFBMZ1JQpRAL7+5jfFRbt0QcDDw5jZ4UBViGc8GnptZHZLFiUuFBubKtgYz pvopEj/jgBkNxQFTJPEXgnyiAbDckrAWxyxTFYzZC9WuNJV0oNDEyBqIkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKf1tooLOYNEr1nZHF+yvms4QZtGMB8GA1UdIwQY MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt ODgwYjJkZjU3ZjI1LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1 LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHiu+yh5j TVPEZ5QaPxXSY9fBwM9mIPlcGeF2yyWrE5uL68O7Rg2m1P4vmHEL63tfEaMcHvaH dhQsKlOauWos2TElKUxLWaLRMw7CkyoxUONf6MEsYLKihoDPP+5bK30VccSZ0LMj YEU+hTPC0fX2fV5D0eIb4LTF9UlYsha1noX9gYltZOUpm0jUQrLmAcBhoeKONblD KrxvoG3/vrIB4d0Q/Qewj4ET8Py4a5XV7Nihfs32QSoW85oDd+XHkOgzPKJso0mC dNHhGcSSJuOO7AFvz6KZPg8xVoMUxHGVgYExiM/nfoSZkkLOO5EiM61DqkTpupC8 RaSYzCuM+z7KRQ== -----END CERTIFICATE-----Generated at Mon Dec 8 03:02:30 2025 by rpki-client