This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json) Hash identifier: 3Az/o5jrCSVwzXNwKDd+7cFhE7ISkMVvfT/Kv6Y1N3Q= Subject key identifier: 9B:AC:6B:4D:02:CC:F2:46:7E:9A:70:AA:24:4A:D7:FE:0E:9A:16:8B Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Certificate serial: 019B3E6C3074E50566D94ADE75F3EB10EC52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft Manifest number: 0A01 Signing time: Sun 21 Dec 2025 01:00:36 +0000 Manifest this update: Sun 21 Dec 2025 01:00:36 +0000 Manifest next update: Mon 22 Dec 2025 01:00:36 +0000 Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=) 2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: i3RS+uF5XcuVpWaQ7Sntm1X0Be10hKSQOXKfzVLX4hg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 01:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:30:74:e5:05:66:d9:4a:de:75:f3:eb:10:ec:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0 Validity Not Before: Dec 21 01:00:36 2025 GMT Not After : Dec 22 01:00:36 2025 GMT Subject: CN=9bac6b4d02ccf2467e9a70aa244ad7fe0e9a168b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:41:19:bb:7c:e3:dd:35:cd:d2:5a:07:39:a8: 88:b9:2f:96:80:d6:32:e1:ca:b8:4b:6e:4a:0c:da: 85:f5:ee:ca:75:c3:4f:57:d1:79:61:48:6c:1f:16: 52:c1:e6:c0:3d:bb:7a:76:b5:06:b3:6c:22:25:43: bb:57:7a:92:20:60:89:9f:e9:21:74:05:ad:55:ba: bf:c6:85:14:2c:1e:6f:a9:de:b5:e4:a3:12:b1:50: c3:83:82:2b:55:86:d4:9c:5b:38:b5:63:9e:67:45: ef:2c:81:34:a6:00:d8:2b:91:00:cb:81:d0:57:2f: 2e:4b:c3:6c:da:05:c5:62:22:24:68:4e:bb:1c:32: d4:35:11:4e:cd:51:8d:83:39:53:c4:89:d0:13:07: 86:3f:6d:2e:e4:66:b5:9f:f9:ee:7f:e2:d0:09:1b: 44:a6:ea:67:6a:00:67:a9:d8:4e:ec:bc:44:c3:6d: 03:a0:9e:ff:ca:4a:b3:e0:c9:0f:20:99:0a:03:4d: 52:a1:ec:1f:06:fb:e7:6d:73:04:86:03:e5:98:45: 54:5a:b6:89:54:64:bf:16:e8:b9:dc:a8:b3:2a:55: f5:09:89:6f:18:5a:99:71:15:b6:f1:a4:06:67:fd: bc:e8:18:1c:6c:db:0b:da:88:df:d2:a3:94:65:ed: bc:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:AC:6B:4D:02:CC:F2:46:7E:9A:70:AA:24:4A:D7:FE:0E:9A:16:8B X509v3 Authority Key Identifier: keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:3a:a3:7b:a9:7b:08:d5:6d:03:fc:3c:d6:48:51:4a:23:23: 1c:dd:c4:36:39:dc:2a:4c:e3:4d:dd:e9:a4:da:89:35:b1:5f: 85:11:ce:fb:54:90:99:4f:bd:29:99:6c:93:67:fa:cb:90:0a: eb:27:b3:1b:21:b9:16:75:d6:10:46:d4:b7:6a:b9:19:6b:c6: 82:bb:bf:f2:8d:fd:87:7a:b9:e4:9e:14:c7:a7:05:fd:13:24: 90:31:e8:aa:56:72:9d:b5:76:aa:1a:99:f9:91:ff:fb:b4:36: 34:64:d9:8d:5b:47:8b:1b:72:82:d8:89:1b:34:7f:b9:30:28: 4f:9c:57:96:fd:2b:24:5e:e5:07:b6:ed:4e:25:0f:72:41:4e: 80:ae:54:96:62:59:c3:1a:21:14:51:51:58:bc:06:da:ce:2c: 8e:2d:65:2b:ba:c1:3b:ae:77:d6:e3:71:77:65:d0:e9:96:49: db:3c:89:be:e2:3a:51:c2:fe:ed:dd:68:05:d9:9a:b8:1c:99: 00:17:90:49:21:fb:ed:2d:30:35:4c:c1:38:60:0b:0b:a0:7e: 1c:fb:6a:0a:26:e6:c1:48:28:83:ac:ea:5f:f9:2d:28:65:e4: 72:99:f2:d6:9e:af:04:2f:f0:10:57:1d:64:6e:cd:ca:21:96: 87:96:33:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bDB05QVm2UredfPrEOxSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx ZTkxYTAwHhcNMjUxMjIxMDEwMDM2WhcNMjUxMjIyMDEwMDM2WjAzMTEwLwYDVQQD Eyg5YmFjNmI0ZDAyY2NmMjQ2N2U5YTcwYWEyNDRhZDdmZTBlOWExNjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEEZu3zj3TXN0loHOaiIuS+WgNYy 4cq4S25KDNqF9e7KdcNPV9F5YUhsHxZSwebAPbt6drUGs2wiJUO7V3qSIGCJn+kh dAWtVbq/xoUULB5vqd615KMSsVDDg4IrVYbUnFs4tWOeZ0XvLIE0pgDYK5EAy4HQ Vy8uS8Ns2gXFYiIkaE67HDLUNRFOzVGNgzlTxInQEweGP20u5Ga1n/nuf+LQCRtE pupnagBnqdhO7LxEw20DoJ7/ykqz4MkPIJkKA01SoewfBvvnbXMEhgPlmEVUWraJ VGS/Fui53KizKlX1CYlvGFqZcRW28aQGZ/286BgcbNsL2ojf0qOUZe283QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJusa00CzPJGfppwqiRK1/4OmhaLMB8GA1UdIwQY MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0 LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDqje6l7 CNVtA/w81khRSiMjHN3ENjncKkzjTd3ppNqJNbFfhRHO+1SQmU+9KZlsk2f6y5AK 6yezGyG5FnXWEEbUt2q5GWvGgru/8o39h3q55J4Ux6cF/RMkkDHoqlZynbV2qhqZ +ZH/+7Q2NGTZjVtHixtygtiJGzR/uTAoT5xXlv0rJF7lB7btTiUPckFOgK5UlmJZ wxohFFFRWLwG2s4sji1lK7rBO6531uNxd2XQ6ZZJ2zyJvuI6UcL+7d1oBdmauByZ ABeQSSH77S0wNUzBOGALC6B+HPtqCibmwUgog6zqX/ktKGXkcpny1p6vBC/wEFcd ZG7NyiGWh5Yzxg== -----END CERTIFICATE-----Generated at Sun Dec 21 10:49:06 2025 by rpki-client