This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json) Hash identifier: ca7fh4Fp0EQj6nYrP9/kbIzG3zCsKcEU21L2PtNo7LQ= Subject key identifier: A1:9B:6F:13:BF:CF:F7:50:B2:51:5B:20:D0:5E:D7:0F:0C:BB:85:BA Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27 Certificate serial: 019AD0FD48FF2284A8B511F95671035742A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft Manifest number: 30 Signing time: Sat 29 Nov 2025 19:00:51 +0000 Manifest this update: Sat 29 Nov 2025 19:00:51 +0000 Manifest next update: Sun 30 Nov 2025 19:00:51 +0000 Files and hashes: 1: DdDaxfuDMZLmyhuw8yZ5MS08ias.roa (hash: xJixleOcp32TuE8FVysJEHDhjJvV5vi+KN5Idb3e7K4=) 2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: ZDh6QYlEI6tXvZl2O97KFgVR0Utq6tIBYhXOXORlXAo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 30 Nov 2025 19:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d0:fd:48:ff:22:84:a8:b5:11:f9:56:71:03:57:42:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27 Validity Not Before: Nov 29 19:00:51 2025 GMT Not After : Nov 30 19:00:51 2025 GMT Subject: CN=a19b6f13bfcff750b2515b20d05ed70f0cbb85ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:23:9f:b0:02:75:87:1d:8b:e8:9b:16:b2:4d: 5a:b7:66:01:55:5b:c1:da:e5:89:59:46:cf:94:ef: 38:2c:6b:67:cd:0d:1a:8c:c9:8d:12:8d:a0:7e:de: 72:78:ef:6d:24:cd:f6:c1:94:32:bf:60:f6:ca:4b: 9a:79:d7:e3:c5:90:33:35:96:90:ba:91:81:b5:1d: d8:04:22:bd:1f:f4:5f:58:04:2a:fd:20:a4:fe:08: ef:ad:c1:fe:51:d6:06:ef:da:62:1c:aa:0e:b7:3b: 98:fb:e2:8c:b7:13:be:af:7c:3c:14:c1:28:ec:c0: 4e:83:06:a5:73:d3:01:2f:5b:f6:89:ad:34:7a:13: ac:1e:56:f4:9f:52:e2:85:3c:b7:d8:23:04:27:13: 6b:41:70:25:c8:f8:e7:ac:02:ab:70:4e:77:3d:06: c2:9e:40:87:6c:6e:bb:d1:9d:55:77:08:7f:15:10: b5:47:68:0f:17:26:0a:7a:4b:eb:d4:7f:af:24:2c: 37:41:ce:72:ad:50:96:63:10:25:27:6c:f3:b6:b6: 49:ef:71:f2:38:1f:61:66:38:3f:55:b8:50:8f:8d: e6:88:a0:ae:11:6e:db:9a:3c:3a:be:d9:b1:fa:1e: 16:a4:fe:e8:a2:a5:48:24:b3:36:5a:55:6d:d1:af: f7:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:9B:6F:13:BF:CF:F7:50:B2:51:5B:20:D0:5E:D7:0F:0C:BB:85:BA X509v3 Authority Key Identifier: keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:4b:11:31:d4:38:d0:04:35:c0:48:46:ca:ca:e5:8b:4f:27: af:ca:bf:39:32:ef:14:a8:09:b1:91:82:78:46:e2:2e:e4:a2: ec:16:5d:ff:76:82:7c:e3:67:7c:71:0d:eb:d0:21:48:a7:94: 15:ed:88:43:33:fe:83:b5:5d:78:b2:49:fd:61:65:89:79:61: 28:63:4a:58:d4:73:72:2a:ea:3b:bd:2c:1f:cc:ec:30:34:b1: 13:48:e3:95:f5:f3:5d:25:73:a4:e9:6f:9e:ca:f0:ca:79:ff: 0c:a8:9e:cf:d3:03:ee:f5:b1:cf:84:74:43:e2:64:9d:2b:70: e3:96:36:d3:34:82:ba:f2:bf:08:d0:89:4d:1d:50:84:6e:f9: 52:b7:71:df:8c:73:75:7d:fb:1c:5a:47:20:77:b0:ba:6b:96: 65:93:82:5d:46:1d:00:6b:0c:a1:0e:8e:55:dc:f0:a6:c7:ec: 68:d8:aa:a3:17:42:e0:f3:24:16:c6:38:7b:ce:a1:95:d2:50: cf:ec:e1:f7:52:3e:48:09:86:56:9f:8e:60:fd:bb:c5:53:bd: 8e:36:a2:62:c1:70:c8:1e:b4:e2:82:5a:96:b4:cd:88:93:16: 8c:0a:5f:7c:b5:b6:fe:7c:b9:af:75:1e:a5:89:54:ed:52:95: dd:9d:c4:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrQ/Uj/IoSotRH5VnEDV0KkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz NzNjMjcwHhcNMjUxMTI5MTkwMDUxWhcNMjUxMTMwMTkwMDUxWjAzMTEwLwYDVQQD EyhhMTliNmYxM2JmY2ZmNzUwYjI1MTViMjBkMDVlZDcwZjBjYmI4NWJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSOfsAJ1hx2L6JsWsk1at2YBVVvB 2uWJWUbPlO84LGtnzQ0ajMmNEo2gft5yeO9tJM32wZQyv2D2ykuaedfjxZAzNZaQ upGBtR3YBCK9H/RfWAQq/SCk/gjvrcH+UdYG79piHKoOtzuY++KMtxO+r3w8FMEo 7MBOgwalc9MBL1v2ia00ehOsHlb0n1LihTy32CMEJxNrQXAlyPjnrAKrcE53PQbC nkCHbG670Z1Vdwh/FRC1R2gPFyYKekvr1H+vJCw3Qc5yrVCWYxAlJ2zztrZJ73Hy OB9hZjg/VbhQj43miKCuEW7bmjw6vtmx+h4WpP7ooqVIJLM2WlVt0a/38QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKGbbxO/z/dQslFbINBe1w8Mu4W6MB8GA1UdIwQY MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArUsRMdQ4 0AQ1wEhGysrli08nr8q/OTLvFKgJsZGCeEbiLuSi7BZd/3aCfONnfHEN69AhSKeU Fe2IQzP+g7VdeLJJ/WFliXlhKGNKWNRzcirqO70sH8zsMDSxE0jjlfXzXSVzpOlv nsrwynn/DKiez9MD7vWxz4R0Q+JknStw45Y20zSCuvK/CNCJTR1QhG75Urdx34xz dX37HFpHIHewumuWZZOCXUYdAGsMoQ6OVdzwpsfsaNiqoxdC4PMkFsY4e86hldJQ z+zh91I+SAmGVp+OYP27xVO9jjaiYsFwyB604oJalrTNiJMWjApffLW2/ny5r3Ue pYlU7VKV3Z3Eew== -----END CERTIFICATE-----Generated at Sun Nov 30 05:15:55 2025 by rpki-client