This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft File: NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json) Hash identifier: LX1ctXphtWjhmHMLiKNTPHtawLNMmowudmQ4nEQtEmQ= Subject key identifier: A5:F4:07:0A:96:D1:AC:8B:56:1C:C7:0C:93:3C:F8:BF:3C:6E:20:DA Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 Certificate issuer: /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Certificate serial: 019B59771B5571C80655FB38F1722B021C6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft Manifest number: 1792 Signing time: Fri 26 Dec 2025 07:02:16 +0000 Manifest this update: Fri 26 Dec 2025 07:02:16 +0000 Manifest next update: Sat 27 Dec 2025 07:02:16 +0000 Files and hashes: 1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: qI0euro4zQFNN5REjltdJuoxKj7i7EnEqFQaXC/4riE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:1b:55:71:c8:06:55:fb:38:f1:72:2b:02:1c:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Validity Not Before: Dec 26 07:02:16 2025 GMT Not After : Dec 27 07:02:16 2025 GMT Subject: CN=a5f4070a96d1ac8b561cc70c933cf8bf3c6e20da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6f:69:10:b4:10:fd:e3:2f:af:e8:d8:4c:a5: 83:9c:30:3a:06:29:0e:b0:97:e0:5a:1b:c9:d2:b7: cd:04:de:9b:4e:eb:5d:45:6e:59:70:68:f2:b8:22: 2e:45:fb:b9:bc:66:29:f9:ae:3b:71:98:fd:bc:61: b0:19:86:13:18:51:c2:66:bc:b9:de:84:be:d5:90: 47:96:f0:8f:51:b1:d2:28:cd:a0:57:aa:ef:96:40: 7e:1e:d3:bf:a2:42:ce:0b:f1:fb:ad:33:e1:aa:56: b5:75:4f:93:e4:7d:70:4d:b6:8d:ea:d2:f3:58:45: 14:b8:72:d0:a4:d3:86:9e:f9:a8:fc:5c:b5:da:de: ad:89:49:4f:ac:c5:b6:67:b9:ee:a5:6a:cd:83:d0: f6:a3:35:b7:43:9d:18:b7:85:7e:ed:6e:31:85:30: 95:0e:bf:b2:4a:76:99:e3:a8:fe:b4:35:c1:d7:10: 9f:fc:1c:d9:47:4c:4c:28:d6:32:52:2f:b4:72:ef: 47:68:e4:0b:8e:d0:8d:f4:07:5f:ed:e2:93:7f:02: 5a:32:da:e7:71:99:81:ad:f0:f7:d7:01:56:f3:fd: a2:21:f4:8d:07:eb:04:05:97:e4:a8:3e:6d:cc:dd: 9e:18:69:df:46:df:f4:e5:eb:8f:36:76:14:a4:98: 0b:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:F4:07:0A:96:D1:AC:8B:56:1C:C7:0C:93:3C:F8:BF:3C:6E:20:DA X509v3 Authority Key Identifier: keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:89:69:82:be:3a:32:1e:f4:f7:55:16:1b:31:84:f8:22:0d: 34:67:a4:41:d0:f0:05:8b:6f:0a:07:89:01:1c:90:4b:ed:01: f2:e1:c7:ca:28:2c:f9:20:12:f7:81:85:79:42:7b:68:4a:d1: 70:9a:a2:ec:62:13:0f:4a:c1:20:52:d6:0e:38:5b:20:88:6a: b8:b0:4f:b7:56:b2:d4:7b:19:7b:68:05:24:c4:56:a9:6c:78: bc:44:20:71:17:70:14:4e:c0:83:2f:bb:59:46:46:2e:92:bc: 3b:bc:c4:e9:cc:21:a2:7d:a4:78:b6:34:2f:26:04:79:8c:eb: b6:64:7e:dc:47:be:4d:5f:2a:b4:aa:fe:fd:74:9c:42:f1:f7: 7f:09:9d:02:ea:60:1a:1c:84:f9:be:2e:9c:f0:e8:a6:2d:d4: 84:f4:59:8d:04:87:81:5e:ef:40:ef:71:ac:96:22:94:7f:dc: f0:17:2e:cc:fb:98:5a:c8:4a:be:bd:3a:c4:79:54:3f:6e:1c: 50:e3:82:f6:c2:04:db:c5:5d:09:88:8d:b4:e1:c6:45:ee:1b: 35:f0:3b:43:5b:51:7b:5d:07:07:71:47:00:72:51:a6:6f:a0: 0d:dd:f4:35:a1:25:33:d4:74:92:31:09:49:f2:64:32:4c:39: 70:97:e2:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdxtVccgGVfs48XIrAhxtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh ZDlkNzIwHhcNMjUxMjI2MDcwMjE2WhcNMjUxMjI3MDcwMjE2WjAzMTEwLwYDVQQD EyhhNWY0MDcwYTk2ZDFhYzhiNTYxY2M3MGM5MzNjZjhiZjNjNmUyMGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG9pELQQ/eMvr+jYTKWDnDA6BikO sJfgWhvJ0rfNBN6bTutdRW5ZcGjyuCIuRfu5vGYp+a47cZj9vGGwGYYTGFHCZry5 3oS+1ZBHlvCPUbHSKM2gV6rvlkB+HtO/okLOC/H7rTPhqla1dU+T5H1wTbaN6tLz WEUUuHLQpNOGnvmo/Fy12t6tiUlPrMW2Z7nupWrNg9D2ozW3Q50Yt4V+7W4xhTCV Dr+ySnaZ46j+tDXB1xCf/BzZR0xMKNYyUi+0cu9HaOQLjtCN9Adf7eKTfwJaMtrn cZmBrfD31wFW8/2iIfSNB+sEBZfkqD5tzN2eGGnfRt/05euPNnYUpJgLdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKX0BwqW0ayLVhzHDJM8+L88biDaMB8GA1UdIwQY MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB4lpgr46 Mh7091UWGzGE+CINNGekQdDwBYtvCgeJARyQS+0B8uHHyigs+SAS94GFeUJ7aErR cJqi7GITD0rBIFLWDjhbIIhquLBPt1ay1HsZe2gFJMRWqWx4vEQgcRdwFE7Agy+7 WUZGLpK8O7zE6cwhon2keLY0LyYEeYzrtmR+3Ee+TV8qtKr+/XScQvH3fwmdAupg GhyE+b4unPDopi3UhPRZjQSHgV7vQO9xrJYilH/c8BcuzPuYWshKvr06xHlUP24c UOOC9sIE28VdCYiNtOHGRe4bNfA7Q1tRe10HB3FHAHJRpm+gDd30NaElM9R0kjEJ SfJkMkw5cJfi+Q== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:37 2025 by rpki-client