This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json) Hash identifier: W3GG9pqgOW4mSY9oUugf3rzvIMeQPmeyoaV23FeJbbQ= Subject key identifier: A2:5B:F5:E3:C0:EE:03:FD:90:9D:1F:38:04:70:C1:31:04:95:CC:75 Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Certificate serial: 019B50E0AEF22AC60F264AADEB361C4C18C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft Manifest number: 086B Signing time: Wed 24 Dec 2025 15:01:00 +0000 Manifest this update: Wed 24 Dec 2025 15:01:00 +0000 Manifest next update: Thu 25 Dec 2025 15:01:00 +0000 Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: WFaTHUNtiGSrbAFtQr/sMxLyZUTtu/Q+M0ZvPwIWQOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:e0:ae:f2:2a:c6:0f:26:4a:ad:eb:36:1c:4c:18:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Validity Not Before: Dec 24 15:01:00 2025 GMT Not After : Dec 25 15:01:00 2025 GMT Subject: CN=a25bf5e3c0ee03fd909d1f380470c1310495cc75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:fb:70:c6:d3:30:79:c6:d8:e3:6e:75:ff:d9: e9:bd:30:8e:94:51:12:eb:1b:20:18:22:db:99:e6: 6a:d4:29:50:2e:cc:45:63:9f:f2:34:69:ba:a3:02: 6c:60:3b:c1:08:62:ad:42:0f:65:ce:cc:74:f2:62: 52:d4:f3:4c:37:a3:33:27:a0:dd:52:cd:23:a5:ad: 47:9f:7d:f7:fe:d8:a2:1f:80:71:a1:d5:b4:37:71: 46:97:ea:45:3d:6c:da:d5:d6:41:4e:c4:83:a0:e7: 2c:5a:78:79:8f:74:c4:a0:8d:bb:7a:0c:9a:ab:6e: ba:c1:1e:68:e8:b7:57:dd:f2:9a:c3:87:6c:98:a6: 07:37:0f:8d:5a:9d:49:5b:93:be:73:8b:77:e6:fa: c2:e8:45:24:0f:4b:f4:b4:c4:d8:d9:7a:fa:ce:35: 69:e6:46:3c:83:15:7d:aa:69:e7:ac:ee:e5:f7:d0: dd:d3:44:cf:f2:37:92:ed:d1:87:53:f9:6d:4e:01: b5:34:02:11:f8:17:e7:d6:3d:7a:3e:e1:58:6a:fa: 6b:9f:b7:71:54:94:0e:e2:00:7e:c4:6d:f5:2b:a5: 98:41:0e:f7:15:bb:b0:ad:53:fb:fe:45:77:27:0e: ef:72:b0:96:ca:ef:52:1c:f5:1c:fd:19:46:66:9c: 2b:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:5B:F5:E3:C0:EE:03:FD:90:9D:1F:38:04:70:C1:31:04:95:CC:75 X509v3 Authority Key Identifier: keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:0f:c9:59:72:32:a4:8e:67:18:eb:29:15:6e:c4:5a:9a:f1: 0e:2e:cc:6b:44:85:7c:d9:b1:d8:74:41:e7:68:8e:34:b7:da: 92:04:45:28:7d:26:4d:7f:3a:55:69:4a:b3:17:c4:11:d2:95: 6a:1c:4b:70:70:43:d4:57:8f:04:24:f4:31:d0:ac:37:f1:45: 3d:b0:c4:34:48:e6:44:bc:8b:33:8b:08:ca:4b:91:e2:3b:6b: 9f:03:df:9c:7f:8c:11:17:f6:1b:da:d3:2b:8f:49:e7:18:01: be:2a:20:68:c8:63:bc:66:15:5d:c3:ba:4f:56:04:c1:9e:c8: 8a:73:fa:c0:f7:21:b8:a5:d4:bf:d3:81:f5:3e:1e:a9:ef:2b: 06:aa:f7:79:f2:2b:18:2b:2d:ef:6c:1f:33:1f:34:6f:80:60: 18:58:d5:66:7a:3b:7c:2f:71:d8:ca:80:5a:d0:2f:e9:d9:ed: dc:2b:79:84:17:c2:17:ba:32:46:86:e5:ec:7e:8a:ae:5f:4b: 17:e3:ff:3c:c7:05:0d:b1:cd:1c:5e:8d:eb:bc:dd:e2:1e:73: e4:3f:0e:0e:14:32:05:82:3b:a6:5b:dd:95:a4:97:cd:03:74: df:e9:20:91:a9:4d:f4:8e:80:ff:be:dc:ee:a4:1a:66:03:f6: fd:58:2f:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQ4K7yKsYPJkqt6zYcTBjAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm NDg2OWUwHhcNMjUxMjI0MTUwMTAwWhcNMjUxMjI1MTUwMTAwWjAzMTEwLwYDVQQD EyhhMjViZjVlM2MwZWUwM2ZkOTA5ZDFmMzgwNDcwYzEzMTA0OTVjYzc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/twxtMwecbY4251/9npvTCOlFES 6xsgGCLbmeZq1ClQLsxFY5/yNGm6owJsYDvBCGKtQg9lzsx08mJS1PNMN6MzJ6Dd Us0jpa1Hn333/tiiH4BxodW0N3FGl+pFPWza1dZBTsSDoOcsWnh5j3TEoI27egya q266wR5o6LdX3fKaw4dsmKYHNw+NWp1JW5O+c4t35vrC6EUkD0v0tMTY2Xr6zjVp 5kY8gxV9qmnnrO7l99Dd00TP8jeS7dGHU/ltTgG1NAIR+Bfn1j16PuFYavprn7dx VJQO4gB+xG31K6WYQQ73FbuwrVP7/kV3Jw7vcrCWyu9SHPUc/RlGZpwriQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKJb9ePA7gP9kJ0fOARwwTEElcx1MB8GA1UdIwQY MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHA/JWXIy pI5nGOspFW7EWprxDi7Ma0SFfNmx2HRB52iONLfakgRFKH0mTX86VWlKsxfEEdKV ahxLcHBD1FePBCT0MdCsN/FFPbDENEjmRLyLM4sIykuR4jtrnwPfnH+MERf2G9rT K49J5xgBviogaMhjvGYVXcO6T1YEwZ7IinP6wPchuKXUv9OB9T4eqe8rBqr3efIr GCst72wfMx80b4BgGFjVZno7fC9x2MqAWtAv6dnt3Ct5hBfCF7oyRobl7H6Krl9L F+P/PMcFDbHNHF6N67zd4h5z5D8ODhQyBYI7plvdlaSXzQN03+kgkalN9I6A/77c 7qQaZgP2/VgvgQ== -----END CERTIFICATE-----Generated at Wed Dec 24 20:03:34 2025 by rpki-client