This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft File: ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json) Hash identifier: pJMN1GSvTFiVlAfnnP5KEu5/IasDdQ7+foMM0VT0Ejc= Subject key identifier: 0B:57:AB:58:A3:3A:48:BA:68:73:AE:87:1E:A2:46:07:40:47:38:DE Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70 Certificate issuer: /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570 Certificate serial: 019B736C05F46D0BEBCD7903E8A76BB5D3D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft Manifest number: 1452 Signing time: Wed 31 Dec 2025 08:00:17 +0000 Manifest this update: Wed 31 Dec 2025 08:00:17 +0000 Manifest next update: Thu 01 Jan 2026 08:00:17 +0000 Files and hashes: 1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: WFzTjU9F+dpA1Aj6LZYh5fuYC9RaxC3ZqU6VBRIA0Gk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 08:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:73:6c:05:f4:6d:0b:eb:cd:79:03:e8:a7:6b:b5:d3:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570 Validity Not Before: Dec 31 08:00:17 2025 GMT Not After : Jan 1 08:00:17 2026 GMT Subject: CN=0b57ab58a33a48ba6873ae871ea24607404738de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8b:49:37:0a:03:a1:52:5b:62:8b:cc:70:5c: cc:cd:b3:a7:72:1b:cb:b8:14:b0:09:7b:6d:d1:95: 62:03:42:3d:f2:17:4f:46:47:87:e4:88:73:81:f9: 1f:6d:47:fe:19:ae:97:99:8d:1a:da:92:1b:79:51: cd:38:fd:47:3a:dd:f3:c0:b9:ec:8b:a3:ee:87:49: cc:a0:89:b9:68:d3:75:40:48:64:c8:3e:c0:36:a2: d7:75:7a:bb:a7:77:4a:57:47:69:49:1c:e8:c8:1b: fd:ec:4a:f0:5b:f2:5c:5c:d9:c3:a2:45:4a:79:4a: cf:8e:4c:64:88:29:76:93:f4:44:13:28:58:0b:69: b0:62:99:3e:d1:6c:96:e8:ec:31:93:88:76:47:d6: 1c:9a:47:0c:77:0b:69:6e:15:d1:6a:34:1e:78:5c: 4a:bd:9c:db:c0:9c:5a:89:a9:ee:b5:d2:15:14:84: 33:c8:f2:81:38:c2:bc:4f:36:b1:a9:d6:b3:b4:44: 76:56:5a:43:d6:01:3b:ae:1c:7e:cd:71:57:17:a2: 54:af:31:f2:d6:60:2b:e6:24:13:ee:f9:1c:e3:f6: 37:87:31:43:6d:d1:81:46:1c:71:fd:10:db:d8:e1: 65:f2:b9:a5:0f:f6:b4:a1:94:6d:ed:2c:9d:fb:98: aa:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:57:AB:58:A3:3A:48:BA:68:73:AE:87:1E:A2:46:07:40:47:38:DE X509v3 Authority Key Identifier: keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cf:1d:3b:10:b5:19:5d:ac:af:ca:62:7c:89:57:e6:45:72:68: 2b:3e:51:9a:dd:e7:28:53:e4:09:f9:6b:5c:29:bc:91:ac:be: 74:6d:bf:3d:b9:3d:09:9f:06:d6:2d:6b:7a:5e:66:a5:32:4d: 7c:dc:5a:41:5d:32:a7:b1:58:11:ac:d6:10:86:10:f2:4b:5c: e6:d5:cb:b8:32:d5:f6:9b:31:2b:4a:27:91:18:bc:a6:1c:62: 6f:dc:be:41:c8:1e:3f:80:96:59:7b:26:f7:08:5f:30:d0:0e: bb:74:24:86:22:3f:61:8d:ad:e8:20:76:8e:3b:45:c5:ab:62: 1d:b5:1a:0a:c8:b2:80:26:2c:09:13:23:90:4a:a9:92:72:63: 9e:37:9c:6a:0d:a6:f0:22:83:13:e3:0b:62:fb:43:a5:7a:e9: 58:b7:1b:18:8c:77:07:1f:ee:0c:ab:77:2a:0b:d4:a6:cf:86: 58:ff:7a:12:30:28:a5:09:65:c5:7f:f4:f5:65:d4:02:c3:ff: a1:00:c1:17:86:1a:04:6d:75:cf:d5:f9:8f:0c:9d:b6:18:7d: 1f:07:7d:84:dc:f2:ff:26:45:cb:b1:1a:00:12:79:b7:d8:6b: be:9a:4f:95:a8:e4:5c:06:28:3b:51:94:7c:56:55:7f:51:9c: 2e:45:96:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtzbAX0bQvrzXkD6KdrtdPZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh NTE1NzAwHhcNMjUxMjMxMDgwMDE3WhcNMjYwMTAxMDgwMDE3WjAzMTEwLwYDVQQD EygwYjU3YWI1OGEzM2E0OGJhNjg3M2FlODcxZWEyNDYwNzQwNDczOGRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ItJNwoDoVJbYovMcFzMzbOnchvL uBSwCXtt0ZViA0I98hdPRkeH5IhzgfkfbUf+Ga6XmY0a2pIbeVHNOP1HOt3zwLns i6Puh0nMoIm5aNN1QEhkyD7ANqLXdXq7p3dKV0dpSRzoyBv97ErwW/JcXNnDokVK eUrPjkxkiCl2k/REEyhYC2mwYpk+0WyW6Owxk4h2R9YcmkcMdwtpbhXRajQeeFxK vZzbwJxaianutdIVFIQzyPKBOMK8TzaxqdaztER2VlpD1gE7rhx+zXFXF6JUrzHy 1mAr5iQT7vkc4/Y3hzFDbdGBRhxx/RDb2OFl8rmlD/a0oZRt7Syd+5iqwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAtXq1ijOki6aHOuhx6iRgdARzjeMB8GA1UdIwQY MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzx07ELUZ XayvymJ8iVfmRXJoKz5Rmt3nKFPkCflrXCm8kay+dG2/Pbk9CZ8G1i1rel5mpTJN fNxaQV0yp7FYEazWEIYQ8ktc5tXLuDLV9psxK0onkRi8phxib9y+QcgeP4CWWXsm 9whfMNAOu3QkhiI/YY2t6CB2jjtFxatiHbUaCsiygCYsCRMjkEqpknJjnjecag2m 8CKDE+MLYvtDpXrpWLcbGIx3Bx/uDKt3KgvUps+GWP96EjAopQllxX/09WXUAsP/ oQDBF4YaBG11z9X5jwydthh9Hwd9hNzy/yZFy7EaABJ5t9hrvppPlajkXAYoO1GU fFZVf1GcLkWWiQ== -----END CERTIFICATE-----Generated at Wed Dec 31 10:46:52 2025 by rpki-client