This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json) Hash identifier: N1EnEaLL6NcwW641sWHdsBd/anKjbdHSxI3Y3Bvt11U= Subject key identifier: 86:66:CA:1D:5C:19:F2:F8:EF:BC:D7:56:7E:7D:76:F9:02:71:01:89 Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4 Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4 Certificate serial: 019B59E4824142220DE4B0898047EA3FE225 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 09:01:46 +0000 Manifest this update: Fri 26 Dec 2025 09:01:46 +0000 Manifest next update: Sat 27 Dec 2025 09:01:46 +0000 Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=) 2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: bIAXWybUuuJD73g/5Pl2pvGFEob9+u3Ku8JiBW5xCSM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:82:41:42:22:0d:e4:b0:89:80:47:ea:3f:e2:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4 Validity Not Before: Dec 26 09:01:46 2025 GMT Not After : Dec 27 09:01:46 2025 GMT Subject: CN=8666ca1d5c19f2f8efbcd7567e7d76f902710189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:95:e4:7c:23:f9:7d:8e:53:d0:1e:ae:aa:8c: 6e:c6:2a:8e:c9:be:25:56:f8:81:26:91:09:4b:7a: 18:6b:1e:01:e5:2f:32:ab:2c:94:be:06:77:14:43: d9:b1:01:ef:f7:69:bd:1d:05:31:f0:59:5d:fc:b2: 31:b3:ae:96:92:49:54:9a:4b:3b:9b:d0:fb:4b:3c: 17:73:18:b2:6d:7a:db:88:e8:34:f1:16:9a:41:43: 8a:11:01:59:3d:20:51:56:3f:d1:e0:8a:a1:57:28: 19:a6:e5:3a:8f:51:18:ef:68:7d:a6:42:2c:37:d4: c4:6d:f7:9a:89:53:8e:14:68:85:64:44:89:48:34: c6:be:a8:3e:d5:4e:78:e8:74:ec:a8:76:a2:c0:3a: f2:52:fa:34:1f:2b:f4:09:32:b9:c5:1f:0c:83:ae: 72:f3:23:77:5a:55:a1:36:9c:f6:d8:c7:e7:2c:89: 44:fb:26:e7:13:26:1a:ba:37:29:10:f5:a5:ea:04: 4f:aa:6f:6a:87:44:8d:d1:ec:47:3b:cd:d9:07:1d: b8:47:52:3d:f2:b9:5b:5f:a2:aa:98:f2:bd:47:05: f7:ad:82:b0:02:f1:00:54:38:83:05:b8:12:08:0e: 1d:b2:50:0f:00:3d:10:73:eb:9b:e8:a7:22:5d:76: 6d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:66:CA:1D:5C:19:F2:F8:EF:BC:D7:56:7E:7D:76:F9:02:71:01:89 X509v3 Authority Key Identifier: keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:ed:85:79:19:03:ff:c5:f1:a9:7a:55:36:48:55:26:68:fb: 51:87:60:e6:78:f0:68:3a:bf:49:45:99:96:28:a4:0e:f1:34: 6d:82:40:9d:f1:b5:f1:0a:fe:9c:fe:7b:82:b2:81:c9:7e:68: ac:42:48:76:5b:8f:d0:11:ab:e9:82:bd:b2:75:67:c5:87:2b: 61:63:a7:b8:75:d6:a3:2b:4a:b1:3d:86:1e:da:ed:ba:61:95: fa:b4:d5:f1:2d:e0:ea:85:61:f2:e9:3c:75:c3:d7:50:7c:60: 99:36:e9:a4:8b:1e:1f:7c:55:58:98:07:0e:3f:24:e6:ba:8c: a0:b9:24:d1:2b:a2:a9:b9:fb:71:16:85:85:9f:97:fa:ce:79: 42:89:6f:ea:df:e0:d9:73:30:f7:df:b8:08:87:d7:21:15:91: c0:8b:84:3e:50:8c:5b:1c:ff:d2:cf:58:dc:19:b9:51:f4:63: 6b:9d:82:9d:25:c6:4d:ac:66:41:25:94:55:90:b5:2f:f7:bb: 15:01:1e:fd:08:7b:5a:67:6a:25:11:b8:09:5a:e2:05:7b:be: 42:36:bf:30:69:be:6b:0a:44:84:78:6b:a2:a4:56:57:60:04: 69:8d:16:7b:7e:de:23:fd:92:b5:75:75:f6:01:72:e2:fa:d5: 01:34:bf:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5IJBQiIN5LCJgEfqP+IlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj ZjM4ZjQwHhcNMjUxMjI2MDkwMTQ2WhcNMjUxMjI3MDkwMTQ2WjAzMTEwLwYDVQQD Eyg4NjY2Y2ExZDVjMTlmMmY4ZWZiY2Q3NTY3ZTdkNzZmOTAyNzEwMTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5XkfCP5fY5T0B6uqoxuxiqOyb4l VviBJpEJS3oYax4B5S8yqyyUvgZ3FEPZsQHv92m9HQUx8Fld/LIxs66WkklUmks7 m9D7SzwXcxiybXrbiOg08RaaQUOKEQFZPSBRVj/R4IqhVygZpuU6j1EY72h9pkIs N9TEbfeaiVOOFGiFZESJSDTGvqg+1U546HTsqHaiwDryUvo0Hyv0CTK5xR8Mg65y 8yN3WlWhNpz22MfnLIlE+ybnEyYaujcpEPWl6gRPqm9qh0SN0exHO83ZBx24R1I9 8rlbX6KqmPK9RwX3rYKwAvEAVDiDBbgSCA4dslAPAD0Qc+ub6KciXXZtqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIZmyh1cGfL477zXVn59dvkCcQGJMB8GA1UdIwQY MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0 LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+2FeRkD /8XxqXpVNkhVJmj7UYdg5njwaDq/SUWZliikDvE0bYJAnfG18Qr+nP57grKByX5o rEJIdluP0BGr6YK9snVnxYcrYWOnuHXWoytKsT2GHtrtumGV+rTV8S3g6oVh8uk8 dcPXUHxgmTbppIseH3xVWJgHDj8k5rqMoLkk0Suiqbn7cRaFhZ+X+s55Qolv6t/g 2XMw99+4CIfXIRWRwIuEPlCMWxz/0s9Y3Bm5UfRja52CnSXGTaxmQSWUVZC1L/e7 FQEe/Qh7WmdqJRG4CVriBXu+Qja/MGm+awpEhHhroqRWV2AEaY0We37eI/2StXV1 9gFy4vrVATS/pg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:28 2025 by rpki-client