This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json) Hash identifier: sBMO3hvanue1WiUXXjhWXfKz8bo9LFG9l4dGJSEJij8= Subject key identifier: E0:B6:1B:B2:FF:D0:DC:ED:25:EA:68:A9:8A:A4:4E:AE:B2:88:EB:38 Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67 Certificate serial: 019B0E25770F7DBAB2EE286D7774DF8C5D6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft Manifest number: 0E50 Signing time: Thu 11 Dec 2025 16:01:34 +0000 Manifest this update: Thu 11 Dec 2025 16:01:34 +0000 Manifest next update: Fri 12 Dec 2025 16:01:34 +0000 Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=) 2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: hR+Cwm3jYtYfZjYTnHgTdBXyhbmYvj0vlICwsrv1N7I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 16:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:25:77:0f:7d:ba:b2:ee:28:6d:77:74:df:8c:5d:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67 Validity Not Before: Dec 11 16:01:34 2025 GMT Not After : Dec 12 16:01:34 2025 GMT Subject: CN=e0b61bb2ffd0dced25ea68a98aa44eaeb288eb38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e9:dc:71:dc:b4:f9:83:b3:fa:05:34:d5:42: c4:76:ad:06:d0:d0:fd:6c:73:39:1e:bb:32:e8:30: 6d:ea:94:e2:de:43:a7:3f:25:7c:a3:83:c3:0a:79: 7c:fb:03:28:f2:70:ab:29:f0:8c:41:dc:cc:a1:3f: 99:b1:77:49:63:54:cc:d2:9a:06:11:3c:a8:70:55: f1:dd:7f:d8:9b:9d:a4:a6:c3:3c:f4:a7:b0:94:cb: 1f:e5:c3:ec:23:a7:f5:60:e0:8f:9e:c0:88:3a:8a: 56:5e:d8:ec:68:fb:56:ca:8c:45:ca:bf:a3:f6:70: f4:6b:da:84:39:32:8e:02:4a:02:74:71:0b:42:01: 3e:06:fd:02:7a:a8:d6:48:fb:c8:8a:d2:47:82:95: 8e:17:07:f1:8f:f4:e6:b6:ef:35:23:ca:5a:6c:d0: 36:b7:ea:a7:f0:fe:9d:5f:f1:66:e7:14:d9:1c:41: ce:5f:e0:4a:4b:e6:0c:6d:aa:df:ca:35:53:a5:e1: 67:81:e2:13:c6:ab:89:24:bd:1d:35:57:95:a0:9c: c7:5f:e2:5b:8e:10:24:64:31:92:43:d8:ad:6f:14: 0f:a7:32:8f:cb:77:e4:24:5b:d0:90:d4:51:2a:fd: 66:e5:28:fd:e1:de:80:cf:f9:9e:bc:e1:e6:44:8c: 8c:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B6:1B:B2:FF:D0:DC:ED:25:EA:68:A9:8A:A4:4E:AE:B2:88:EB:38 X509v3 Authority Key Identifier: keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:6e:bb:a1:57:18:2f:19:e7:b0:35:d9:de:c0:01:3b:86:a0: ed:b0:ff:26:0d:24:02:d5:43:72:61:34:e6:94:ce:b9:ee:76: d5:98:d3:02:0a:b6:09:de:92:a6:74:99:02:24:65:18:73:26: 51:f9:51:4d:c3:77:15:39:08:f6:33:79:24:28:48:72:89:66: 0c:4a:99:f1:15:2c:61:2b:e6:54:3e:cf:c5:0b:53:4d:d6:4f: 2d:86:e8:5b:4d:36:ef:bc:1a:e7:f9:66:16:25:8e:18:15:82: b9:75:f2:9f:8a:fa:ad:b3:a2:21:56:ec:64:98:28:27:db:61: ea:8b:bd:ae:2c:6f:00:22:dd:9c:4b:0b:cf:3f:4d:b8:43:3d: 16:cf:13:74:60:12:6f:0e:70:9b:af:72:59:87:da:5a:91:1d: fc:42:4b:2a:18:c7:2f:99:f0:d3:de:bd:fe:3d:4c:50:29:81: 06:e2:32:ee:ef:dd:f9:3c:67:45:80:2b:6c:ef:e9:6f:a8:a8: f6:61:e1:29:46:d7:47:3d:d7:0a:48:40:b3:ce:88:c3:6d:c0: 42:b8:cc:02:c6:45:e4:95:de:c4:8e:97:4f:54:9c:27:31:5a: 6a:a8:bc:9e:53:64:b1:4b:9f:3b:61:17:0b:64:ce:30:8d:ec: d8:22:c9:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJXcPfbqy7ihtd3TfjF1tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2 OTJlNjcwHhcNMjUxMjExMTYwMTM0WhcNMjUxMjEyMTYwMTM0WjAzMTEwLwYDVQQD EyhlMGI2MWJiMmZmZDBkY2VkMjVlYTY4YTk4YWE0NGVhZWIyODhlYjM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwenccdy0+YOz+gU01ULEdq0G0ND9 bHM5Hrsy6DBt6pTi3kOnPyV8o4PDCnl8+wMo8nCrKfCMQdzMoT+ZsXdJY1TM0poG ETyocFXx3X/Ym52kpsM89KewlMsf5cPsI6f1YOCPnsCIOopWXtjsaPtWyoxFyr+j 9nD0a9qEOTKOAkoCdHELQgE+Bv0CeqjWSPvIitJHgpWOFwfxj/Tmtu81I8pabNA2 t+qn8P6dX/Fm5xTZHEHOX+BKS+YMbarfyjVTpeFngeITxquJJL0dNVeVoJzHX+Jb jhAkZDGSQ9itbxQPpzKPy3fkJFvQkNRRKv1m5Sj94d6Az/mevOHmRIyMMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOC2G7L/0NztJepoqYqkTq6yiOs4MB8GA1UdIwQY MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB267oVcY LxnnsDXZ3sABO4ag7bD/Jg0kAtVDcmE05pTOue521ZjTAgq2Cd6SpnSZAiRlGHMm UflRTcN3FTkI9jN5JChIcolmDEqZ8RUsYSvmVD7PxQtTTdZPLYboW00277wa5/lm FiWOGBWCuXXyn4r6rbOiIVbsZJgoJ9th6ou9rixvACLdnEsLzz9NuEM9Fs8TdGAS bw5wm69yWYfaWpEd/EJLKhjHL5nw0969/j1MUCmBBuIy7u/d+TxnRYArbO/pb6io 9mHhKUbXRz3XCkhAs86Iw23AQrjMAsZF5JXexI6XT1ScJzFaaqi8nlNksUufO2EX C2TOMI3s2CLJYQ== -----END CERTIFICATE-----Generated at Fri Dec 12 00:38:07 2025 by rpki-client