This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: DSUNv5j5mX7LBBmbGgfjY/EuU3m14qZTlrZTdKxwEz8= Subject key identifier: 3C:82:C6:C7:69:75:21:BA:7A:F2:3B:B6:DC:44:8D:0A:94:C0:BC:03 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 352753219A8703872AF6280E48FF982D0CEB9F67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: BF Signing time: Thu 18 Dec 2025 12:02:06 +0000 Manifest this update: Thu 18 Dec 2025 11:57:06 +0000 Manifest next update: Fri 19 Dec 2025 15:14:06 +0000 Files and hashes: 1: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 2: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 3: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 4: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 5: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) 6: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 7: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: fFCvSS/MfNlFA9wyjWjrk/XTM+wLR4MQD3yc9BxZeqE=) 8: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 9: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 10: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 11: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 12: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 13: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 14: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 15: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:27:53:21:9a:87:03:87:2a:f6:28:0e:48:ff:98:2d:0c:eb:9f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Dec 18 11:57:06 2025 GMT Not After : Dec 19 15:14:06 2025 GMT Subject: CN=3C82C6C7697521BA7AF23BB6DC448D0A94C0BC03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:3a:8c:81:25:ab:17:2e:59:15:dd:76:88:22: ce:88:ab:d7:3b:76:5f:3d:57:b3:b2:af:b4:8c:f0: 63:4e:c1:c8:4a:27:8e:5d:e9:ec:12:c4:25:7b:1b: 18:41:96:d3:c4:c5:21:7d:94:e9:7b:93:9e:8d:42: fc:cd:0f:38:e5:cb:4e:a5:04:20:3b:7b:db:0a:11: 3b:6b:da:91:e3:c2:35:06:7d:70:95:62:9e:88:64: 23:ac:c7:7f:93:54:2d:84:9f:13:03:92:da:d4:1c: c2:f8:e5:12:1b:4b:0e:28:c2:bd:db:24:10:af:1e: d8:f6:02:c5:40:28:b9:7e:ff:ca:d8:38:10:32:f7: 96:c4:80:a2:67:7e:b0:dc:82:50:77:08:ae:34:20: 2a:fc:e9:92:54:b3:c1:f5:24:d3:46:28:a3:de:e8: 3a:53:3d:1a:37:ac:73:7f:b9:91:99:01:b8:7f:e3: 57:14:60:cc:e1:dd:56:ef:5b:aa:4b:d1:7f:ed:c9: b9:8d:dc:5e:e4:e6:76:a0:3a:5e:d4:4e:78:48:d2: 2a:b5:15:5b:b6:da:2d:22:41:05:d6:3c:ae:21:2c: 85:f9:e4:a2:c5:72:97:69:76:f4:e0:37:1c:a4:7e: ee:e7:96:34:50:3f:15:e2:9d:5f:77:71:29:8a:25: 2a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:82:C6:C7:69:75:21:BA:7A:F2:3B:B6:DC:44:8D:0A:94:C0:BC:03 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:08:0b:c9:f4:15:9b:e0:47:20:fc:0d:fa:b2:b7:9d:7a:c6: d3:69:c6:a1:35:5c:8c:e1:93:2f:79:cf:b7:06:0f:69:78:13: 6a:4c:03:4c:0d:7b:36:2f:5c:e4:e8:9c:47:85:c3:32:ff:9d: 7f:f3:d5:a7:70:58:57:02:a5:63:84:bd:ec:fb:a1:a9:b4:1f: 4f:7d:34:71:fb:64:3b:71:23:2c:7d:9b:3a:7e:6c:87:8d:4e: ad:3f:3c:72:ef:d8:5a:a8:d6:00:f5:29:2a:a4:2c:d3:14:87: e7:58:f3:07:ab:40:a1:ba:87:4d:1b:d2:de:91:37:a5:a4:f9: 06:64:4f:f3:4c:26:02:e3:4c:86:02:bb:92:aa:b3:2c:af:74: 4c:95:b7:5b:ac:53:c0:d3:48:39:82:39:22:a4:d6:f9:72:48: 4f:99:9d:b4:61:9d:2c:bb:c1:7c:d1:ef:4d:b6:bb:47:41:14: 61:12:b4:5a:31:92:a8:0e:78:42:43:ad:6b:04:df:c8:0d:ec: 61:3c:52:39:5d:14:cb:8e:91:2b:31:04:1d:d1:87:1e:ec:fa: 17:34:9b:a7:4b:43:88:f6:ae:92:c9:67:26:15:ef:e7:25:6d: bd:7a:2b:d6:08:45:0e:f2:0c:94:bc:2b:6e:45:e6:d0:07:bf: 45:12:57:7a -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUNSdTIZqHA4cq9igOSP+YLQzrn2cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNTEyMTgxMTU3MDZaFw0yNTEyMTkxNTE0MDZaMDMxMTAvBgNV BAMTKDNDODJDNkM3Njk3NTIxQkE3QUYyM0JCNkRDNDQ4RDBBOTRDMEJDMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaOoyBJasXLlkV3XaIIs6Iq9c7 dl89V7Oyr7SM8GNOwchKJ45d6ewSxCV7GxhBltPExSF9lOl7k56NQvzNDzjly06l BCA7e9sKETtr2pHjwjUGfXCVYp6IZCOsx3+TVC2EnxMDktrUHML45RIbSw4owr3b JBCvHtj2AsVAKLl+/8rYOBAy95bEgKJnfrDcglB3CK40ICr86ZJUs8H1JNNGKKPe 6DpTPRo3rHN/uZGZAbh/41cUYMzh3VbvW6pL0X/tybmN3F7k5nagOl7UTnhI0iq1 FVu22i0iQQXWPK4hLIX55KLFcpdpdvTgNxykfu7nljRQPxXinV93cSmKJSozAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUPILGx2l1Ibp68ju23ESNCpTAvAMwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQA+CAvJ9BWb4Ecg/A36sredesbTacahNVyM4ZMvec+3Bg9peBNqTANMDXs2 L1zk6JxHhcMy/51/89WncFhXAqVjhL3s+6GptB9PfTRx+2Q7cSMsfZs6fmyHjU6t Pzxy79haqNYA9SkqpCzTFIfnWPMHq0ChuodNG9LekTelpPkGZE/zTCYC40yGAruS qrMsr3RMlbdbrFPA00g5gjkipNb5ckhPmZ20YZ0su8F80e9NtrtHQRRhErRaMZKo DnhCQ61rBN/IDexhPFI5XRTLjpErMQQd0Yce7PoXNJunS0OI9q6SyWcmFe/nJW29 eivWCEUO8gyUvCtuRebQB79FEld6 -----END CERTIFICATE-----Generated at Thu Dec 18 21:44:40 2025 by rpki-client