This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft File: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft (raw, json) Hash identifier: hjfYTwqglXa7/ome09evyBMzpMMvsZer6lc6/e4Iw/4= Subject key identifier: 80:E9:69:16:F8:61:D2:AB:6B:84:4D:AF:40:5A:23:86:C1:97:AD:75 Authority key identifier: 35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05 Certificate issuer: /CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05 Certificate serial: 019B58D1339D83029CC7668C4B34F7519FBD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft Manifest number: 0B43 Signing time: Fri 26 Dec 2025 04:01:03 +0000 Manifest this update: Fri 26 Dec 2025 04:01:03 +0000 Manifest next update: Sat 27 Dec 2025 04:01:03 +0000 Files and hashes: 1: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl (hash: fXVF2P/I12K06BVRBjK6nWBcN2JEJowmeAo93YC/AxU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:33:9d:83:02:9c:c7:66:8c:4b:34:f7:51:9f:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05 Validity Not Before: Dec 26 04:01:03 2025 GMT Not After : Dec 27 04:01:03 2025 GMT Subject: CN=80e96916f861d2ab6b844daf405a2386c197ad75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:80:8f:7e:dd:93:b3:be:d0:f2:bd:4f:53:d8: 63:cd:45:77:de:05:b6:2a:b6:02:ea:e6:fa:cd:3f: ff:0b:96:90:3d:e4:31:ae:83:2b:a0:a5:46:03:95: e3:67:d5:db:3e:2d:6d:7d:84:24:a2:f2:56:f2:98: d5:eb:55:1e:ec:4b:e3:dc:d2:13:1e:da:4b:22:de: bf:56:01:72:6e:c3:90:0b:b3:83:30:f5:11:53:9b: 76:16:33:6c:23:aa:e1:7e:81:58:da:8d:0d:43:71: 74:ab:fd:2c:eb:c3:1d:3f:d3:e6:60:3a:01:76:5a: ff:f1:f8:7c:67:d3:af:e6:c0:9b:e9:1e:27:48:ca: 75:c9:08:97:ac:23:26:dd:77:8a:28:8b:f1:bd:af: 9d:c5:48:90:86:76:fa:6c:d0:0c:26:84:89:64:c0: 30:e0:de:33:e9:9d:44:48:04:33:8a:86:ec:8d:25: eb:f9:a3:bf:6c:27:30:67:ce:78:40:01:a3:07:7a: 7c:fd:5c:0b:e9:93:65:1d:0d:d8:20:d6:99:fd:0f: e8:ea:40:fe:68:e9:39:d7:c1:11:e7:25:a5:42:ca: dd:c7:6e:bd:ae:39:2b:19:b0:f2:16:81:20:f5:a0: 6b:69:a3:00:5b:41:cc:8b:e0:7f:d7:ff:9f:2f:03: 96:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:E9:69:16:F8:61:D2:AB:6B:84:4D:AF:40:5A:23:86:C1:97:AD:75 X509v3 Authority Key Identifier: keyid:35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:a2:d5:21:92:9c:b9:17:7c:a6:27:94:66:39:d8:4d:8a:2b: f1:c0:f6:08:fa:6b:87:58:66:60:41:a9:47:89:9d:17:d4:d3: 0e:0b:49:02:9b:24:a0:ba:26:f4:5c:5d:a7:b5:02:51:c9:a7: f0:80:5a:11:66:ce:3b:9f:5d:f7:3c:5c:3c:c0:cb:31:7e:13: 87:05:a7:2f:8c:c5:43:84:ba:3a:e3:42:71:03:b5:8c:84:b6: 2b:a2:83:f4:59:87:70:be:19:6a:0c:da:99:1c:c1:2c:30:d0: 93:b0:f9:fd:35:e7:b9:63:f0:20:38:20:d8:54:a8:85:fa:d1: e7:73:3d:95:25:91:c2:20:6c:26:a9:b4:d7:18:a7:6a:b1:60: 49:95:b0:4b:5a:2d:d3:6e:b1:1e:1f:dd:4d:cc:44:9d:75:5f: 9e:04:bd:d7:99:47:d1:9d:5b:d4:ff:cc:3b:a1:ea:e1:77:c1: a1:fc:45:1b:10:2a:9f:a1:7d:26:0f:2b:05:0a:c4:03:e8:be: 09:c4:33:e6:95:f9:27:fb:50:06:4e:0e:36:e5:ab:d2:da:fb: 4a:fc:85:64:b0:50:0a:07:8c:70:6c:ec:1c:54:00:6b:27:f5: 05:44:51:79:b3:f3:c8:f0:50:fa:bc:15:61:5b:42:3b:e3:02: 8d:78:e3:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0TOdgwKcx2aMSzT3UZ+9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1YTU1NWUxNDZiZTRhZTVmN2NjZmU1YTNjMTJkM2YyYTI1 NDNiMDUwHhcNMjUxMjI2MDQwMTAzWhcNMjUxMjI3MDQwMTAzWjAzMTEwLwYDVQQD Eyg4MGU5NjkxNmY4NjFkMmFiNmI4NDRkYWY0MDVhMjM4NmMxOTdhZDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoCPft2Ts77Q8r1PU9hjzUV33gW2 KrYC6ub6zT//C5aQPeQxroMroKVGA5XjZ9XbPi1tfYQkovJW8pjV61Ue7Evj3NIT HtpLIt6/VgFybsOQC7ODMPURU5t2FjNsI6rhfoFY2o0NQ3F0q/0s68MdP9PmYDoB dlr/8fh8Z9Ov5sCb6R4nSMp1yQiXrCMm3XeKKIvxva+dxUiQhnb6bNAMJoSJZMAw 4N4z6Z1ESAQziobsjSXr+aO/bCcwZ854QAGjB3p8/VwL6ZNlHQ3YINaZ/Q/o6kD+ aOk518ER5yWlQsrdx269rjkrGbDyFoEg9aBraaMAW0HMi+B/1/+fLwOWHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIDpaRb4YdKra4RNr0BaI4bBl611MB8GA1UdIwQY MBaAFDWlVeFGvkrl98z+WjwS0/KiVDsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgt MDUxY2QzMGNiY2YxLzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgtMDUxY2QzMGNiY2Yx LzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOqLVIZKc uRd8pieUZjnYTYor8cD2CPprh1hmYEGpR4mdF9TTDgtJApskoLom9Fxdp7UCUcmn 8IBaEWbOO59d9zxcPMDLMX4ThwWnL4zFQ4S6OuNCcQO1jIS2K6KD9FmHcL4Zagza mRzBLDDQk7D5/TXnuWPwIDgg2FSohfrR53M9lSWRwiBsJqm01xinarFgSZWwS1ot 026xHh/dTcxEnXVfngS915lH0Z1b1P/MO6Hq4XfBofxFGxAqn6F9Jg8rBQrEA+i+ CcQz5pX5J/tQBk4ONuWr0tr7SvyFZLBQCgeMcGzsHFQAayf1BURRebPzyPBQ+rwV YVtCO+MCjXjjWw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:59 2025 by rpki-client