This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft File: nB7k05z6obOseZwX94grjOTigSA.mft (raw, json) Hash identifier: zCDcKD/j7oOoieLmqIeAveEtz7ay8S1kRUuj0VP1WbE= Subject key identifier: 38:F5:05:04:B6:90:A8:F8:A8:E4:CA:78:B3:03:41:74:34:FE:4D:2E Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20 Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120 Certificate serial: 019B21E249B4582F4EC627BFEEE6EDC6FB9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft Manifest number: 0A2D Signing time: Mon 15 Dec 2025 12:00:36 +0000 Manifest this update: Mon 15 Dec 2025 12:00:36 +0000 Manifest next update: Tue 16 Dec 2025 12:00:36 +0000 Files and hashes: 1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=) 2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: e6jtxgEyRGDy+zN1f7QP0yrsIHkiUWZoZvU2aLhwgMU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 12:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:e2:49:b4:58:2f:4e:c6:27:bf:ee:e6:ed:c6:fb:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120 Validity Not Before: Dec 15 12:00:36 2025 GMT Not After : Dec 16 12:00:36 2025 GMT Subject: CN=38f50504b690a8f8a8e4ca78b303417434fe4d2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:65:dc:03:4c:f9:fa:12:a4:54:80:6e:a4:f2: f5:08:d7:a7:38:ce:a1:66:d1:64:da:6a:0e:19:4c: b2:0d:ba:ea:56:5f:c6:1e:2e:1a:16:d2:9d:de:5f: 01:52:a9:4d:61:ba:af:4c:db:3f:f8:aa:c9:5d:91: f9:41:6f:93:b3:b7:a4:de:f4:9d:fe:d7:75:64:20: 30:cf:05:ae:e5:1b:66:8b:3c:ac:81:44:03:82:62: 75:e9:1e:02:ee:3f:11:bd:63:7b:71:d2:19:92:cf: 1c:27:67:ee:5f:bf:a1:e1:ec:20:13:15:87:07:9c: ca:ce:62:bc:d8:df:c0:b2:03:50:f1:a3:a8:ec:62: 6f:73:fb:d3:ce:f7:9b:78:3d:c5:2a:14:73:52:34: e5:aa:cf:ed:20:f9:ff:f4:8b:f1:82:3f:b2:4a:5d: 43:69:e4:cf:53:fd:3c:0f:07:b9:8f:79:c2:df:b8: 16:f6:42:4b:a4:fb:23:8b:a9:34:de:ff:da:83:ed: 38:1a:b1:d5:c7:4d:82:1f:41:9b:5d:9f:46:13:7a: ad:13:ca:e6:06:27:c7:05:af:31:b0:ea:5c:1a:31: 97:c4:76:3c:db:cc:7d:4a:c9:1c:70:3a:92:83:f5: 32:f0:c0:2f:dd:f1:a2:fb:12:f7:04:90:5b:db:9a: 90:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:F5:05:04:B6:90:A8:F8:A8:E4:CA:78:B3:03:41:74:34:FE:4D:2E X509v3 Authority Key Identifier: keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:a2:60:6b:d9:3e:6c:47:ea:ae:51:89:cc:40:1c:96:fd:90: 32:49:57:67:9b:9d:9e:3d:2b:32:45:f3:65:3a:6b:7f:35:85: 5a:b3:f7:37:71:9b:68:65:e6:6d:c4:a4:5c:d0:39:5c:62:c8: 16:bf:72:75:41:7c:ae:b2:df:01:f5:09:6c:3a:55:50:7b:3e: 20:fc:c0:3e:6c:2a:92:bb:4e:e0:e8:23:98:b2:4c:88:c6:ce: 44:c3:9b:0b:7c:05:9e:a8:d4:a9:9d:44:2c:f8:3d:16:59:1b: 07:e9:f6:57:56:70:9e:0d:2f:55:01:21:eb:ce:5c:ad:e5:cf: f9:b6:cb:33:9c:c2:d4:f3:13:dc:08:85:1c:e3:8d:6c:c4:9a: 12:1a:61:30:64:cd:67:9c:ab:64:65:b6:5e:46:fe:e6:9f:f3: 16:53:dd:62:5a:f8:66:13:8a:d3:75:c0:a1:36:11:33:24:70: 52:71:43:5d:dd:79:63:63:56:b3:19:7d:61:ea:5f:39:91:bf: 3a:20:40:64:cb:cb:81:25:db:e4:fe:6d:2b:61:2c:67:10:9f: f4:aa:31:0a:ce:28:2c:30:d6:f3:b2:7d:20:78:f7:86:9e:90: 98:5f:c8:8a:8b:67:fd:83:ba:b3:58:e9:f2:f1:58:a7:89:cc: 69:bc:ec:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsh4km0WC9Oxie/7ubtxvubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl MjgxMjAwHhcNMjUxMjE1MTIwMDM2WhcNMjUxMjE2MTIwMDM2WjAzMTEwLwYDVQQD EygzOGY1MDUwNGI2OTBhOGY4YThlNGNhNzhiMzAzNDE3NDM0ZmU0ZDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWXcA0z5+hKkVIBupPL1CNenOM6h ZtFk2moOGUyyDbrqVl/GHi4aFtKd3l8BUqlNYbqvTNs/+KrJXZH5QW+Ts7ek3vSd /td1ZCAwzwWu5RtmizysgUQDgmJ16R4C7j8RvWN7cdIZks8cJ2fuX7+h4ewgExWH B5zKzmK82N/AsgNQ8aOo7GJvc/vTzvebeD3FKhRzUjTlqs/tIPn/9Ivxgj+ySl1D aeTPU/08Dwe5j3nC37gW9kJLpPsji6k03v/ag+04GrHVx02CH0GbXZ9GE3qtE8rm BifHBa8xsOpcGjGXxHY828x9SskccDqSg/Uy8MAv3fGi+xL3BJBb25qQ/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDj1BQS2kKj4qOTKeLMDQXQ0/k0uMB8GA1UdIwQY MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARqJga9k+ bEfqrlGJzEAclv2QMklXZ5udnj0rMkXzZTprfzWFWrP3N3GbaGXmbcSkXNA5XGLI Fr9ydUF8rrLfAfUJbDpVUHs+IPzAPmwqkrtO4OgjmLJMiMbORMObC3wFnqjUqZ1E LPg9FlkbB+n2V1Zwng0vVQEh685creXP+bbLM5zC1PMT3AiFHOONbMSaEhphMGTN Z5yrZGW2Xkb+5p/zFlPdYlr4ZhOK03XAoTYRMyRwUnFDXd15Y2NWsxl9YepfOZG/ OiBAZMvLgSXb5P5tK2EsZxCf9KoxCs4oLDDW87J9IHj3hp6QmF/Iiotn/YO6s1jp 8vFYp4nMabzsiQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:56:48 2025 by rpki-client