This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft File: nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json) Hash identifier: dnBvZ4bLq58f+epxRDDYSzi1QIIxryd/zXeBZRnciRs= Subject key identifier: 37:8B:20:4C:C7:9E:59:CB:E1:0B:FD:10:F8:9B:AF:30:7A:37:C7:DF Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 Certificate issuer: /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Certificate serial: 019B619DD07E4D22215730178C4BCA88E907 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft Manifest number: 1798 Signing time: Sat 27 Dec 2025 21:01:30 +0000 Manifest this update: Sat 27 Dec 2025 21:01:30 +0000 Manifest next update: Sun 28 Dec 2025 21:01:30 +0000 Files and hashes: 1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: qgRQH+wZ3mlnlh9FhDZY6wjoH/UsZVFlNYs2G/R0H8Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 21:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:61:9d:d0:7e:4d:22:21:57:30:17:8c:4b:ca:88:e9:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385 Validity Not Before: Dec 27 21:01:30 2025 GMT Not After : Dec 28 21:01:30 2025 GMT Subject: CN=378b204cc79e59cbe10bfd10f89baf307a37c7df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:43:6b:ba:88:47:07:32:95:1d:cd:e2:16:57: 45:2a:cf:e1:15:ec:04:d5:4c:48:b7:59:34:d2:8e: 27:72:6a:2c:05:2c:b5:9a:2e:44:b8:9d:37:3f:cc: 27:9c:3c:ed:47:99:9c:8f:0a:86:fd:aa:d8:d0:f0: 4e:d2:d5:af:39:cd:1b:e7:39:c5:bf:78:79:a5:a7: 9a:77:0d:8b:c7:cc:f3:87:37:29:d8:4a:50:57:cc: f8:5c:25:cf:81:ba:8e:b9:a1:d4:bf:1f:a1:26:a7: d4:eb:f3:c1:3f:80:67:ad:c9:0e:a0:a5:b3:ce:a9: 41:4f:72:40:e7:ce:97:45:63:e7:8d:6f:37:32:12: 28:33:2c:86:f8:e2:e3:b6:af:d4:d7:aa:52:e6:b8: 17:f5:e4:5b:d5:44:d3:5c:85:d0:6e:83:76:ac:c8: 2b:43:9a:f3:1c:ec:65:d8:7c:c6:78:ed:7b:5e:e7: 02:2d:52:e2:bb:38:b9:fa:74:56:3d:3b:be:7c:ed: 8e:a9:3f:09:48:33:3f:e2:34:2c:b3:15:d7:fd:d8: 77:76:1a:80:ec:3d:bc:ab:3f:d8:b5:84:71:2c:d7: 9d:a9:31:8a:fe:81:f4:2a:b3:75:8e:73:7e:4d:f2: 6d:01:86:0d:91:4f:8e:29:7f:55:81:52:cf:f4:94: f2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:8B:20:4C:C7:9E:59:CB:E1:0B:FD:10:F8:9B:AF:30:7A:37:C7:DF X509v3 Authority Key Identifier: keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:40:be:7c:aa:98:66:57:c5:72:32:09:ba:48:12:06:10:50: b5:ba:d0:40:57:d3:7c:60:a1:80:89:84:df:cb:35:76:04:98: 46:38:fe:93:ef:a1:06:5e:8a:ff:e5:02:7c:fe:0c:66:50:b3: 69:12:14:2a:05:b1:3a:4a:51:5e:7a:e5:cf:94:10:c7:f4:3c: 3a:c8:15:56:2e:e3:1d:08:bf:df:4b:38:8e:47:e2:92:48:3a: 74:7e:eb:78:f7:b7:c9:3f:29:c4:f7:80:4d:d5:73:3f:bf:96: 96:a7:20:ae:7c:3d:09:e2:8a:c7:87:8f:8e:1e:b5:a8:43:3d: f8:36:ad:b9:56:0b:c8:f4:a7:0d:6d:e2:9f:56:21:54:41:f6: 83:ca:0a:a6:3e:1e:b1:3b:ab:ea:2a:34:b2:ad:38:14:0e:11: 3e:b9:37:c5:ba:d1:fc:54:2e:ac:f2:bb:a4:44:6a:fb:9d:15: ca:2d:33:fc:ca:18:f9:8a:08:75:ac:1c:4b:72:af:ae:ed:21: d3:e9:57:c4:86:ea:c2:82:50:86:de:a8:7f:7f:7b:ba:cc:dc: 9b:be:d2:34:26:46:f0:c3:e5:21:84:2d:6d:e9:9d:f3:4d:7e: 10:d6:12:39:27:0d:9f:32:bf:83:2a:04:d2:d7:ee:1f:46:ec: a3:57:98:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZthndB+TSIhVzAXjEvKiOkHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0 ZGQzODUwHhcNMjUxMjI3MjEwMTMwWhcNMjUxMjI4MjEwMTMwWjAzMTEwLwYDVQQD EygzNzhiMjA0Y2M3OWU1OWNiZTEwYmZkMTBmODliYWYzMDdhMzdjN2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkNruohHBzKVHc3iFldFKs/hFewE 1UxIt1k00o4ncmosBSy1mi5EuJ03P8wnnDztR5mcjwqG/arY0PBO0tWvOc0b5znF v3h5paeadw2Lx8zzhzcp2EpQV8z4XCXPgbqOuaHUvx+hJqfU6/PBP4BnrckOoKWz zqlBT3JA586XRWPnjW83MhIoMyyG+OLjtq/U16pS5rgX9eRb1UTTXIXQboN2rMgr Q5rzHOxl2HzGeO17XucCLVLiuzi5+nRWPTu+fO2OqT8JSDM/4jQssxXX/dh3dhqA 7D28qz/YtYRxLNedqTGK/oH0KrN1jnN+TfJtAYYNkU+OKX9VgVLP9JTy1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDeLIEzHnlnL4Qv9EPibrzB6N8ffMB8GA1UdIwQY MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4 LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzUC+fKqY ZlfFcjIJukgSBhBQtbrQQFfTfGChgImE38s1dgSYRjj+k++hBl6K/+UCfP4MZlCz aRIUKgWxOkpRXnrlz5QQx/Q8OsgVVi7jHQi/30s4jkfikkg6dH7rePe3yT8pxPeA TdVzP7+Wlqcgrnw9CeKKx4ePjh61qEM9+DatuVYLyPSnDW3in1YhVEH2g8oKpj4e sTur6io0sq04FA4RPrk3xbrR/FQurPK7pERq+50Vyi0z/MoY+YoIdawcS3Kvru0h 0+lXxIbqwoJQht6of397uszcm77SNCZG8MPlIYQtbemd801+ENYSOScNnzK/gyoE 0tfuH0bso1eY2w== -----END CERTIFICATE-----Generated at Sun Dec 28 06:39:47 2025 by rpki-client