This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft File: NgAOvu0kK5VkrclUhTI7lr1vXAI.mft (raw, json) Hash identifier: C5l5AX2gEQFfp9bFFPQk/JY4K9ISopdtE3zU1c7bqsY= Subject key identifier: 93:DA:C1:4D:78:9C:D8:02:FA:0E:AF:3C:D4:44:E0:C1:08:7B:81:66 Authority key identifier: 36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02 Certificate issuer: /CN=36000ebeed242b9564adc95485323b96bd6f5c02 Certificate serial: 019AAC157CBB3E8601852C68B77CB682225D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft Manifest number: 12AB Signing time: Sat 22 Nov 2025 15:01:20 +0000 Manifest this update: Sat 22 Nov 2025 15:01:20 +0000 Manifest next update: Sun 23 Nov 2025 15:01:20 +0000 Files and hashes: 1: NgAOvu0kK5VkrclUhTI7lr1vXAI.crl (hash: Sj9yffX0Vod0fwxZja2eDFtRoQ5qORXz/MBYy0eaXpQ=) 2: PcqW_01nYr_g65r_pcHJ33ZMGuA.roa (hash: ldAGcbaFd4WhyCTSLv1tpLkIbH81eRDfpjEnAMP8NwM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ac:15:7c:bb:3e:86:01:85:2c:68:b7:7c:b6:82:22:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36000ebeed242b9564adc95485323b96bd6f5c02 Validity Not Before: Nov 22 15:01:20 2025 GMT Not After : Nov 23 15:01:20 2025 GMT Subject: CN=93dac14d789cd802fa0eaf3cd444e0c1087b8166 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f9:78:85:60:fa:1e:eb:f8:6d:f0:c0:c6:cd: d1:db:d8:17:94:d0:39:9c:ca:ae:db:f1:f7:ad:7c: 10:f7:01:13:50:5d:1d:27:8d:f0:88:63:61:61:45: 60:0b:87:73:24:39:1c:4b:49:eb:4b:2d:ff:6d:77: ec:b2:9a:8a:76:f8:10:a1:b2:12:77:47:e9:61:10: 0e:dd:17:6e:a3:19:15:9e:1b:8d:d5:af:42:20:aa: 03:ea:88:72:de:f4:44:5a:da:1e:ad:21:7f:e6:40: c5:7c:49:5a:80:d3:83:e7:76:ca:b2:1a:14:06:a5: 29:ae:55:08:24:44:60:a4:c2:72:da:6c:98:3e:13: b1:f4:ad:d8:b2:5a:ff:ba:6f:3a:9f:1d:be:70:fb: 53:30:c1:cd:da:81:f9:5e:c6:a7:e1:15:63:b0:97: 7f:86:c0:e7:1c:db:b4:b1:48:2e:fd:10:ad:83:4d: bc:03:98:97:87:a8:94:56:92:6c:06:26:56:e0:92: ca:29:c5:47:70:3e:30:b4:79:2b:eb:e3:29:8d:22: 5a:62:45:0a:87:d6:24:b5:a8:5b:3d:ed:7d:94:60: d4:cc:aa:49:19:ce:bf:28:bc:d3:ee:d7:44:35:fa: a5:c4:d2:c3:fd:37:b2:8f:1f:94:5f:50:e7:66:66: 54:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:DA:C1:4D:78:9C:D8:02:FA:0E:AF:3C:D4:44:E0:C1:08:7B:81:66 X509v3 Authority Key Identifier: keyid:36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:2f:32:4b:91:d8:06:bd:3e:38:6f:8b:61:54:61:58:c1:38: f2:15:51:59:3b:e6:8a:b4:1f:23:71:1e:81:0b:30:ed:dc:55: 45:45:f3:0f:75:16:f6:67:24:95:47:b7:53:fe:71:7a:a4:b1: 1f:6f:bf:73:b5:ca:28:1d:47:8d:b6:38:b4:ab:e2:6c:71:17: e8:42:78:ed:19:38:8a:1b:28:9d:32:f4:2a:ee:1d:3d:d7:a7: 18:80:b9:f7:f7:b4:d2:5a:4e:4b:94:e3:ea:e7:e1:a2:db:8b: 26:63:52:5b:b8:15:e8:f8:65:19:29:8c:56:5d:4e:77:83:e7: 20:65:23:89:43:00:e6:8e:7c:7c:2b:12:e0:0a:1f:b6:a7:0b: 60:e7:60:b0:28:59:e7:6b:6d:5c:b2:b6:99:0b:f6:c2:c4:59: f6:de:5f:cb:dd:16:29:40:f5:50:a0:93:99:8b:91:44:2f:a7: 43:e8:8c:be:c7:9b:b1:e1:0e:67:d7:f1:df:c8:75:1b:f5:65: 0d:af:c1:dd:b9:80:55:61:1c:3f:ef:4e:fa:05:f2:c2:d3:a9: 2f:a5:f6:a2:b4:80:b6:5a:e7:26:bb:eb:70:51:66:cd:18:3a: ce:05:6f:15:5c:b6:d2:b4:79:c1:3a:1c:0c:f3:8f:5b:a2:5d: 13:b2:7d:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqsFXy7PoYBhSxot3y2giJdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MDAwZWJlZWQyNDJiOTU2NGFkYzk1NDg1MzIzYjk2YmQ2 ZjVjMDIwHhcNMjUxMTIyMTUwMTIwWhcNMjUxMTIzMTUwMTIwWjAzMTEwLwYDVQQD Eyg5M2RhYzE0ZDc4OWNkODAyZmEwZWFmM2NkNDQ0ZTBjMTA4N2I4MTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl4hWD6Huv4bfDAxs3R29gXlNA5 nMqu2/H3rXwQ9wETUF0dJ43wiGNhYUVgC4dzJDkcS0nrSy3/bXfsspqKdvgQobIS d0fpYRAO3RduoxkVnhuN1a9CIKoD6ohy3vREWtoerSF/5kDFfElagNOD53bKshoU BqUprlUIJERgpMJy2myYPhOx9K3Yslr/um86nx2+cPtTMMHN2oH5Xsan4RVjsJd/ hsDnHNu0sUgu/RCtg028A5iXh6iUVpJsBiZW4JLKKcVHcD4wtHkr6+MpjSJaYkUK h9YktahbPe19lGDUzKpJGc6/KLzT7tdENfqlxNLD/Teyjx+UX1DnZmZUuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJPawU14nNgC+g6vPNRE4MEIe4FmMB8GA1UdIwQY MBaAFDYADr7tJCuVZK3JVIUyO5a9b1wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEt MzcwMTUwYjY2OWU0LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEtMzcwMTUwYjY2OWU0 LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsS8yS5HY Br0+OG+LYVRhWME48hVRWTvmirQfI3EegQsw7dxVRUXzD3UW9mcklUe3U/5xeqSx H2+/c7XKKB1HjbY4tKvibHEX6EJ47Rk4ihsonTL0Ku4dPdenGIC59/e00lpOS5Tj 6ufhotuLJmNSW7gV6PhlGSmMVl1Od4PnIGUjiUMA5o58fCsS4AoftqcLYOdgsChZ 52ttXLK2mQv2wsRZ9t5fy90WKUD1UKCTmYuRRC+nQ+iMvsebseEOZ9fx38h1G/Vl Da/B3bmAVWEcP+9O+gXywtOpL6X2orSAtlrnJrvrcFFmzRg6zgVvFVy20rR5wToc DPOPW6JdE7J9PA== -----END CERTIFICATE-----Generated at Sat Nov 22 21:42:39 2025 by rpki-client