This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft File: nGCyJ8t1doofV4Vuw1M8loSCYZw.mft (raw, json) Hash identifier: yf8Tkv1byZn7g9p+hvwRtlfjWtZ36bl254ca/ES7b8s= Subject key identifier: B1:64:DD:1F:1A:11:96:BC:28:D1:6A:14:D7:C9:C5:23:61:9C:8A:9B Authority key identifier: 9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C Certificate issuer: /CN=9c60b227cb75768a1f57856ec3533c968482619c Certificate serial: 019B21E2303FAF70CA4BEE2B69D973E8096F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft Manifest number: 162C Signing time: Mon 15 Dec 2025 12:00:30 +0000 Manifest this update: Mon 15 Dec 2025 12:00:30 +0000 Manifest next update: Tue 16 Dec 2025 12:00:30 +0000 Files and hashes: 1: nGCyJ8t1doofV4Vuw1M8loSCYZw.crl (hash: M1Irzk0rtCR5iGhyI168D0BnbsOJgCf/7vZxdUvzs4w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:e2:30:3f:af:70:ca:4b:ee:2b:69:d9:73:e8:09:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c60b227cb75768a1f57856ec3533c968482619c Validity Not Before: Dec 15 12:00:30 2025 GMT Not After : Dec 16 12:00:30 2025 GMT Subject: CN=b164dd1f1a1196bc28d16a14d7c9c523619c8a9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:41:8e:01:ea:db:0d:23:65:b4:30:3f:c8:1c: 33:b2:a6:a4:5d:6a:90:e8:77:b8:e5:7f:04:23:63: a8:cf:0b:1e:b6:6c:34:88:8c:c0:23:9c:aa:86:10: 50:05:06:97:a0:bd:2d:99:5c:2d:2f:e1:91:47:72: d0:4c:57:ad:2c:22:0b:f0:c0:78:6c:e7:86:56:fb: 8f:bd:e2:0d:f5:d4:41:4e:e3:95:ea:d5:3b:cc:fd: 06:42:60:97:fc:31:4a:9e:3b:32:97:e8:92:64:ea: 1e:04:2f:f9:e3:1d:e3:88:27:1e:3a:c6:73:14:b2: de:7b:81:76:ee:14:d2:cd:5c:0d:95:67:9c:d6:08: cd:d2:77:08:6b:24:19:44:ff:44:2b:f8:86:71:55: d0:cf:13:fc:4f:57:b8:f9:aa:3f:df:a8:1e:d6:3a: d5:3a:af:42:1d:1d:11:fd:01:e0:5c:2c:a4:0e:13: e1:21:28:bc:09:3d:75:6b:e6:a3:92:52:06:4c:97: a6:3b:66:dd:24:67:84:63:97:2d:a0:e8:75:62:f2: 6e:e6:6a:9d:2d:c7:a4:54:30:90:f5:08:ea:fc:03: 2a:3f:5e:4f:5e:97:71:2f:ac:86:ec:15:7c:dc:92: a3:f0:e7:b7:d2:57:ec:07:12:aa:b9:63:66:e4:3f: de:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:64:DD:1F:1A:11:96:BC:28:D1:6A:14:D7:C9:C5:23:61:9C:8A:9B X509v3 Authority Key Identifier: keyid:9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:10:72:ef:ce:50:33:36:a5:21:fc:6f:95:04:01:db:25:fd: 61:f9:4c:a9:52:e3:d2:12:8b:40:d9:71:ff:17:7c:b4:78:37: a8:a1:68:ec:b2:e6:f4:9e:f9:33:36:e2:7d:83:ea:b9:7b:65: 4f:59:70:90:f3:ca:78:8b:7e:ef:fa:ae:37:bf:24:0c:63:f2: 63:1f:c5:c7:bd:e9:bd:94:0f:7a:db:7a:00:c1:8a:1e:32:83: 35:68:ab:99:48:82:07:d2:3c:99:ac:ef:2e:d2:77:eb:c3:21: 9e:d3:cd:b5:b0:66:31:48:e6:40:d6:17:eb:13:e3:86:17:62: 8c:7e:87:94:2a:b7:ec:df:b2:4e:10:ee:3c:00:96:fa:be:d6: 74:3e:82:f3:03:64:fd:2e:db:72:20:ca:c0:ed:a6:92:9f:c4: d2:44:aa:2e:e8:e4:ea:98:65:e0:28:ad:1d:e4:f7:50:44:68: 53:09:09:6c:83:32:84:fe:81:01:89:5b:b4:f4:0c:c0:32:ac: c5:0b:67:3d:92:1c:a4:95:a0:fd:a6:dd:3b:af:ee:23:35:a9: a9:70:2a:b0:a9:a3:a0:2a:ef:7b:3d:81:37:f6:e6:cc:03:00: 1c:92:5e:74:0d:0b:75:06:5b:33:dd:45:23:bc:44:50:21:4a: a4:d2:ff:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsh4jA/r3DKS+4radlz6AlvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNjBiMjI3Y2I3NTc2OGExZjU3ODU2ZWMzNTMzYzk2ODQ4 MjYxOWMwHhcNMjUxMjE1MTIwMDMwWhcNMjUxMjE2MTIwMDMwWjAzMTEwLwYDVQQD EyhiMTY0ZGQxZjFhMTE5NmJjMjhkMTZhMTRkN2M5YzUyMzYxOWM4YTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkGOAerbDSNltDA/yBwzsqakXWqQ 6He45X8EI2Oozwsetmw0iIzAI5yqhhBQBQaXoL0tmVwtL+GRR3LQTFetLCIL8MB4 bOeGVvuPveIN9dRBTuOV6tU7zP0GQmCX/DFKnjsyl+iSZOoeBC/54x3jiCceOsZz FLLee4F27hTSzVwNlWec1gjN0ncIayQZRP9EK/iGcVXQzxP8T1e4+ao/36ge1jrV Oq9CHR0R/QHgXCykDhPhISi8CT11a+ajklIGTJemO2bdJGeEY5ctoOh1YvJu5mqd LcekVDCQ9Qjq/AMqP15PXpdxL6yG7BV83JKj8Oe30lfsBxKquWNm5D/eFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLFk3R8aEZa8KNFqFNfJxSNhnIqbMB8GA1UdIwQY MBaAFJxgsifLdXaKH1eFbsNTPJaEgmGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQt ODkxOGEyOGM0ZjdjLzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQtODkxOGEyOGM0Zjdj LzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAChBy785Q MzalIfxvlQQB2yX9YflMqVLj0hKLQNlx/xd8tHg3qKFo7LLm9J75MzbifYPquXtl T1lwkPPKeIt+7/quN78kDGPyYx/Fx73pvZQPett6AMGKHjKDNWirmUiCB9I8mazv LtJ368MhntPNtbBmMUjmQNYX6xPjhhdijH6HlCq37N+yThDuPACW+r7WdD6C8wNk /S7bciDKwO2mkp/E0kSqLujk6phl4CitHeT3UERoUwkJbIMyhP6BAYlbtPQMwDKs xQtnPZIcpJWg/abdO6/uIzWpqXAqsKmjoCrvez2BN/bmzAMAHJJedA0LdQZbM91F I7xEUCFKpNL/Zw== -----END CERTIFICATE-----Generated at Mon Dec 15 13:34:24 2025 by rpki-client