This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft File: NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json) Hash identifier: k+vSkBP1iGqhM+AjKx4yeSCAQ4s5oJCExcT6pZJt4gg= Subject key identifier: BD:2A:26:5C:61:19:15:12:A3:70:7A:AD:D9:7B:4F:AB:E4:21:CC:C6 Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E Certificate issuer: /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e Certificate serial: 019B680D75B77530A466141F59A497F31788 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft Manifest number: 05BB Signing time: Mon 29 Dec 2025 03:01:11 +0000 Manifest this update: Mon 29 Dec 2025 03:01:11 +0000 Manifest next update: Tue 30 Dec 2025 03:01:11 +0000 Files and hashes: 1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: Ywpc3YwkFQt+wCEfu49LXWjOm33/n7w3Jnlpcdk3DVU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 21:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:0d:75:b7:75:30:a4:66:14:1f:59:a4:97:f3:17:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e Validity Not Before: Dec 29 03:01:11 2025 GMT Not After : Dec 30 03:01:11 2025 GMT Subject: CN=bd2a265c61191512a3707aadd97b4fabe421ccc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:51:b5:67:d4:5a:ca:83:53:65:61:12:83:6f: 07:bc:4e:b5:61:75:81:4a:2e:d3:e8:83:44:04:85: ef:19:7e:93:d4:54:9b:cb:5b:1f:5f:95:0e:c8:32: a1:70:2c:77:35:36:d9:c5:66:07:bf:30:11:f9:a2: 86:2a:da:56:15:86:f8:0a:ea:31:79:79:83:79:a4: e4:b2:c7:45:be:41:fb:30:97:68:c0:cc:e2:c3:c5: 33:0c:ca:d4:a1:88:9b:6d:2e:7b:43:fb:6d:9c:33: a9:f5:8d:a0:2a:7b:f9:ea:aa:fa:84:d5:d1:7b:aa: fd:83:b6:68:f2:89:b9:0a:b9:f9:86:ac:3f:f7:43: 6e:ec:61:d5:fe:28:7b:e7:b8:e8:bb:01:ed:de:4e: 61:11:d9:e0:2c:dc:f7:a0:9c:23:4a:ad:09:bb:da: 29:05:9d:5e:f4:58:ee:b2:7f:fb:e4:e1:87:9c:6b: 77:16:56:b5:20:8c:e7:47:39:fa:8b:b3:5e:6c:07: 21:fc:52:d6:0d:23:da:cd:4e:b4:7c:30:08:c5:41: a1:c7:05:82:5a:7f:7f:eb:e8:30:fe:86:44:7c:35: 1e:59:a7:94:df:47:56:aa:4b:d8:8a:92:33:c5:73: 87:21:a1:67:0a:30:a6:55:47:5b:67:a9:31:fc:7a: 6e:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:2A:26:5C:61:19:15:12:A3:70:7A:AD:D9:7B:4F:AB:E4:21:CC:C6 X509v3 Authority Key Identifier: keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:09:31:4c:74:5c:0d:88:47:43:6d:c2:17:c6:2d:e9:90:a7: c3:aa:87:01:eb:35:57:21:40:cf:4c:7e:7f:92:6f:3d:09:fb: 48:27:08:58:1c:8d:57:f1:c8:ba:7a:a5:d1:7c:b1:2c:2d:b0: 32:4d:ac:11:9c:fc:05:b9:12:f5:ad:5b:fa:ec:75:88:b4:dd: 40:c7:31:b8:35:76:b2:f5:0e:0b:3b:fa:6a:08:bb:82:7b:b3: c4:20:48:16:5e:85:eb:c0:01:9d:61:d6:03:20:54:89:23:09: 84:e9:37:b5:d7:60:ec:eb:cd:aa:93:cb:45:53:73:39:cf:67: bd:c1:5b:d7:fa:86:ef:56:d8:e9:35:b5:bc:ff:a6:a9:c5:15: 34:47:e2:89:2c:99:d0:72:d4:b7:5e:58:39:76:8b:f6:db:e4: ac:96:38:6a:76:bc:04:1f:4e:6a:fb:d6:d8:59:ca:47:ca:34: c2:ce:d0:bc:67:54:4e:4a:59:78:21:38:8e:1a:5b:ea:e5:0a: 22:a9:b3:9d:f6:32:fa:a9:32:c0:84:a7:92:3c:24:10:f3:33: bb:11:47:fb:89:dc:e8:49:2c:1d:cd:33:88:ee:d5:b6:41:9f: c3:bb:82:dc:dc:8a:e2:78:f2:2c:e1:b2:de:41:8d:c2:d8:de: 06:54:18:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtoDXW3dTCkZhQfWaSX8xeIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz ZDBjNmUwHhcNMjUxMjI5MDMwMTExWhcNMjUxMjMwMDMwMTExWjAzMTEwLwYDVQQD EyhiZDJhMjY1YzYxMTkxNTEyYTM3MDdhYWRkOTdiNGZhYmU0MjFjY2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVG1Z9RayoNTZWESg28HvE61YXWB Si7T6INEBIXvGX6T1FSby1sfX5UOyDKhcCx3NTbZxWYHvzAR+aKGKtpWFYb4Cuox eXmDeaTkssdFvkH7MJdowMziw8UzDMrUoYibbS57Q/ttnDOp9Y2gKnv56qr6hNXR e6r9g7Zo8om5Crn5hqw/90Nu7GHV/ih757jouwHt3k5hEdngLNz3oJwjSq0Ju9op BZ1e9Fjusn/75OGHnGt3Fla1IIznRzn6i7NebAch/FLWDSPazU60fDAIxUGhxwWC Wn9/6+gw/oZEfDUeWaeU30dWqkvYipIzxXOHIaFnCjCmVUdbZ6kx/HpuvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL0qJlxhGRUSo3B6rdl7T6vkIczGMB8GA1UdIwQY MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQkxTHRc DYhHQ23CF8Yt6ZCnw6qHAes1VyFAz0x+f5JvPQn7SCcIWByNV/HIunql0XyxLC2w Mk2sEZz8BbkS9a1b+ux1iLTdQMcxuDV2svUOCzv6agi7gnuzxCBIFl6F68ABnWHW AyBUiSMJhOk3tddg7OvNqpPLRVNzOc9nvcFb1/qG71bY6TW1vP+mqcUVNEfiiSyZ 0HLUt15YOXaL9tvkrJY4ana8BB9OavvW2FnKR8o0ws7QvGdUTkpZeCE4jhpb6uUK IqmznfYy+qkywISnkjwkEPMzuxFH+4nc6EksHc0ziO7VtkGfw7uC3NyK4njyLOGy 3kGNwtjeBlQY5A== -----END CERTIFICATE-----Generated at Mon Dec 29 06:51:00 2025 by rpki-client