This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft File: nlaYDUienFO8gp8-jWPTg_ONDeM.mft (raw, json) Hash identifier: kmXX2O2zJksR9mR9HQXc+5Bbl+CVYSOBudGi4kgp3fQ= Subject key identifier: 40:27:C9:06:56:99:10:AB:58:7E:FF:EA:48:20:20:CE:D6:D5:CA:5C Authority key identifier: 9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3 Certificate issuer: /CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3 Certificate serial: 019B3D906947B2620CF8BBAFBEA528FDE904 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft Manifest number: 16E5 Signing time: Sat 20 Dec 2025 21:00:32 +0000 Manifest this update: Sat 20 Dec 2025 21:00:32 +0000 Manifest next update: Sun 21 Dec 2025 21:00:32 +0000 Files and hashes: 1: 5LKnYfYeN0M1IwSjOCfaAZydc0E.roa (hash: R6rY8mHoFXXwwf30CLdp4brLxdq1SUoGP6TPbyDWGN8=) 2: nlaYDUienFO8gp8-jWPTg_ONDeM.crl (hash: y637bSe87AKIxKwDh5hhG0a3Jh6zKuRonJZBUJdoHdY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:69:47:b2:62:0c:f8:bb:af:be:a5:28:fd:e9:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e56980d489e9c53bc829f3e8d63d383f38d0de3 Validity Not Before: Dec 20 21:00:32 2025 GMT Not After : Dec 21 21:00:32 2025 GMT Subject: CN=4027c906569910ab587effea482020ced6d5ca5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:09:71:a4:4b:50:b3:d6:f9:be:37:a5:b9:95: 86:eb:74:b1:1e:51:87:96:11:53:0d:63:9b:7a:05: 00:83:d7:e8:b8:fd:12:f6:48:95:59:06:d2:0b:99: dd:40:62:43:e3:6a:08:a1:ca:73:21:72:83:4f:5c: 27:60:7d:50:44:aa:70:4b:71:ff:c4:3f:a7:a1:83: 95:02:9f:1a:00:c8:ca:39:7c:12:b4:bf:57:58:57: 66:e1:1c:61:c4:d4:c5:1a:ef:cf:81:7e:af:de:99: d4:f4:c3:0d:c5:f2:dd:a1:1c:33:58:f2:22:b1:31: 47:51:43:ef:57:c7:65:04:fd:35:1c:e8:86:3b:9e: d9:56:4f:24:19:3b:72:da:9a:9e:17:32:14:19:b1: 4c:13:83:90:43:bc:6a:07:39:8a:25:98:3c:62:13: b5:0b:7e:4b:d4:3c:a7:32:55:06:d5:d1:b5:3c:2d: ea:8f:d2:67:e9:19:69:41:4f:a4:9d:d2:06:6a:97: ed:7d:b8:f9:a9:f5:0a:6e:11:06:8d:6c:28:6a:56: 5c:bb:74:e6:f6:58:8d:60:b9:64:d9:c9:ae:b8:aa: 06:8b:e8:2c:33:9d:e1:67:78:7b:5d:84:0d:6f:7d: b3:a5:e3:30:06:79:29:00:39:54:34:59:d9:f2:44: d4:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:27:C9:06:56:99:10:AB:58:7E:FF:EA:48:20:20:CE:D6:D5:CA:5C X509v3 Authority Key Identifier: keyid:9E:56:98:0D:48:9E:9C:53:BC:82:9F:3E:8D:63:D3:83:F3:8D:0D:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlaYDUienFO8gp8-jWPTg_ONDeM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a30360-0329-4cf1-a37f-db7498dade0c/1/nlaYDUienFO8gp8-jWPTg_ONDeM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:c6:c5:f6:ac:0a:46:f0:ec:b7:fa:d0:eb:27:78:72:19:fc: 94:9b:a4:de:6c:a7:18:e3:b9:2a:3b:59:27:7c:92:76:e4:23: 81:b8:ab:15:5c:54:6d:80:69:6f:51:00:92:19:be:4f:db:19: cc:1e:94:d8:72:ff:0c:b0:2c:3c:ad:bf:7a:e3:d7:6f:f9:86: 53:0f:d1:49:6f:fc:4c:3f:a4:38:51:9a:41:c7:bd:fb:bf:db: d8:65:00:69:35:5c:f3:5c:31:75:a0:60:0e:ca:f8:09:ce:52: e3:f9:1b:c6:f7:3a:b9:bd:e3:08:d1:1f:79:59:c7:31:dd:b1: bb:e5:e9:d0:14:2d:27:c1:cb:d1:1c:53:ee:ce:02:25:a1:b7: fc:86:13:59:c4:85:3d:73:f4:b9:6a:46:f9:6d:89:03:70:85: 16:be:79:b8:66:92:71:15:bf:58:ba:54:5e:46:47:90:20:cb: a4:c9:aa:ca:cd:6f:23:16:bf:ab:d2:47:ec:24:53:cf:4a:5b: d0:1b:0c:f1:93:be:3e:b9:c6:a7:13:57:76:8c:bb:90:e5:c9: fe:11:ad:12:27:cf:4c:50:b4:22:c9:b0:46:bb:b8:98:ac:b1: b5:7b:60:08:40:9d:73:c8:80:ea:fa:df:e8:c4:69:81:ef:65: 21:64:16:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kGlHsmIM+LuvvqUo/ekEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllNTY5ODBkNDg5ZTljNTNiYzgyOWYzZThkNjNkMzgzZjM4 ZDBkZTMwHhcNMjUxMjIwMjEwMDMyWhcNMjUxMjIxMjEwMDMyWjAzMTEwLwYDVQQD Eyg0MDI3YzkwNjU2OTkxMGFiNTg3ZWZmZWE0ODIwMjBjZWQ2ZDVjYTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5glxpEtQs9b5vjeluZWG63SxHlGH lhFTDWObegUAg9fouP0S9kiVWQbSC5ndQGJD42oIocpzIXKDT1wnYH1QRKpwS3H/ xD+noYOVAp8aAMjKOXwStL9XWFdm4RxhxNTFGu/PgX6v3pnU9MMNxfLdoRwzWPIi sTFHUUPvV8dlBP01HOiGO57ZVk8kGTty2pqeFzIUGbFME4OQQ7xqBzmKJZg8YhO1 C35L1DynMlUG1dG1PC3qj9Jn6RlpQU+kndIGapftfbj5qfUKbhEGjWwoalZcu3Tm 9liNYLlk2cmuuKoGi+gsM53hZ3h7XYQNb32zpeMwBnkpADlUNFnZ8kTU8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEAnyQZWmRCrWH7/6kggIM7W1cpcMB8GA1UdIwQY MBaAFJ5WmA1InpxTvIKfPo1j04PzjQ3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2Yt ZGI3NDk4ZGFkZTBjLzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi9hMzAzNjAtMDMyOS00Y2YxLWEzN2YtZGI3NDk4ZGFkZTBj LzEvbmxhWURVaWVuRk84Z3A4LWpXUFRnX09ORGVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMbF9qwK RvDst/rQ6yd4chn8lJuk3mynGOO5KjtZJ3ySduQjgbirFVxUbYBpb1EAkhm+T9sZ zB6U2HL/DLAsPK2/euPXb/mGUw/RSW/8TD+kOFGaQce9+7/b2GUAaTVc81wxdaBg Dsr4Cc5S4/kbxvc6ub3jCNEfeVnHMd2xu+Xp0BQtJ8HL0RxT7s4CJaG3/IYTWcSF PXP0uWpG+W2JA3CFFr55uGaScRW/WLpUXkZHkCDLpMmqys1vIxa/q9JH7CRTz0pb 0BsM8ZO+PrnGpxNXdoy7kOXJ/hGtEifPTFC0IsmwRru4mKyxtXtgCECdc8iA6vrf 6MRpge9lIWQW6Q== -----END CERTIFICATE-----Generated at Sat Dec 20 22:46:24 2025 by rpki-client