This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft File: NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json) Hash identifier: EA+QZg1l68tZFcQ87QrGJT/0y0gOvKCfSxTqN7rH5Ws= Subject key identifier: 83:EA:8A:5D:53:DA:C2:D2:EA:75:7E:9F:7A:AA:69:63:F9:AB:C8:81 Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00 Certificate issuer: /CN=3470523cc59d4f052757e712291e2bb79df92800 Certificate serial: 019B281B7B09F4B61212648F7FBC3B829022 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft Manifest number: 028C Signing time: Tue 16 Dec 2025 17:00:48 +0000 Manifest this update: Tue 16 Dec 2025 17:00:48 +0000 Manifest next update: Wed 17 Dec 2025 17:00:48 +0000 Files and hashes: 1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: EtoqSqsN+0ZpjlCuFXuL0aiOhX+A2VnMCkMZPUTkqmQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:1b:7b:09:f4:b6:12:12:64:8f:7f:bc:3b:82:90:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800 Validity Not Before: Dec 16 17:00:48 2025 GMT Not After : Dec 17 17:00:48 2025 GMT Subject: CN=83ea8a5d53dac2d2ea757e9f7aaa6963f9abc881 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2b:d0:16:97:0d:a1:11:60:57:60:d7:f8:52: f5:ca:57:b5:77:7f:14:d0:73:14:34:b5:de:69:21: bf:83:8a:4a:08:2f:91:6b:5f:e1:97:84:ed:66:7e: aa:fa:f4:b1:5a:16:01:27:2d:69:8f:02:12:19:42: 9a:16:21:53:4f:2a:8b:3a:4e:4c:99:d0:29:31:55: f2:af:66:38:75:11:41:4c:c5:76:63:f7:7b:db:fa: 70:2d:29:d6:b7:75:26:83:e1:0f:fb:f7:a2:cb:df: a4:cd:34:96:1f:73:64:17:b2:52:d5:90:a9:71:cd: eb:1b:d1:2a:62:a3:e9:d3:12:d4:44:ce:b3:b6:22: 8b:76:13:b0:8b:5f:63:a8:ec:1b:46:4d:de:d9:17: 3d:6b:48:c9:b7:4b:0e:38:a8:c7:8a:ca:67:6c:9e: cd:be:0d:6e:d0:39:98:8a:55:a9:03:8f:3a:e7:31: 9d:fd:18:60:e7:ef:11:e4:d1:f3:36:59:81:a9:ab: 0e:2c:37:40:69:b4:c7:2b:fd:be:b2:3b:dc:1b:8f: 50:cc:29:24:ef:be:8d:10:e7:c6:d5:c1:ca:b8:1e: 8b:78:f4:f4:b1:04:f1:c5:0e:ba:bf:ac:12:cc:0b: 38:82:c6:e4:1c:05:12:86:01:ed:6f:63:8b:47:45: dd:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:EA:8A:5D:53:DA:C2:D2:EA:75:7E:9F:7A:AA:69:63:F9:AB:C8:81 X509v3 Authority Key Identifier: keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:41:8a:0c:7d:ef:16:c9:93:94:59:a4:00:74:54:23:85:30: 4a:ea:66:f4:9f:e6:1c:b8:e7:32:2e:32:5a:9d:77:3a:d6:7b: b1:6d:39:87:d0:72:4a:6f:5a:33:c5:db:22:81:de:dc:3b:6a: 3a:05:00:33:49:bd:58:0d:32:cb:ee:ab:0d:50:a6:16:6c:51: 37:79:50:1c:a7:42:1f:fc:bd:a0:06:ee:d1:ec:68:b9:c5:1b: eb:70:7a:cc:3f:79:cb:2d:c8:0f:7c:fd:56:2d:56:af:bb:cd: 2b:45:08:64:83:a9:79:f1:bb:84:95:04:b5:bd:ae:95:9f:4c: c8:d9:75:62:ef:1d:19:11:12:ee:2d:57:81:84:d3:5b:76:d8: 17:e0:af:ab:3d:c0:62:33:00:37:4b:9a:71:05:b7:ea:2b:a2: 02:58:0a:7e:b8:6a:32:2a:ff:94:ba:94:03:86:48:5f:81:af: a3:e1:ac:d7:31:84:28:00:4f:14:11:77:bf:27:29:23:94:3a: 57:54:93:72:81:f1:aa:ee:9f:e2:27:74:79:8e:54:c0:53:fd: e5:0c:f5:6c:fe:79:31:c7:82:1b:b6:12:5b:85:19:67:c2:4a: 5f:fd:11:b5:c7:53:50:c3:5d:4c:04:93:bd:63:57:24:8e:7c: 30:be:9f:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsoG3sJ9LYSEmSPf7w7gpAiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm OTI4MDAwHhcNMjUxMjE2MTcwMDQ4WhcNMjUxMjE3MTcwMDQ4WjAzMTEwLwYDVQQD Eyg4M2VhOGE1ZDUzZGFjMmQyZWE3NTdlOWY3YWFhNjk2M2Y5YWJjODgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSvQFpcNoRFgV2DX+FL1yle1d38U 0HMUNLXeaSG/g4pKCC+Ra1/hl4TtZn6q+vSxWhYBJy1pjwISGUKaFiFTTyqLOk5M mdApMVXyr2Y4dRFBTMV2Y/d72/pwLSnWt3Umg+EP+/eiy9+kzTSWH3NkF7JS1ZCp cc3rG9EqYqPp0xLURM6ztiKLdhOwi19jqOwbRk3e2Rc9a0jJt0sOOKjHispnbJ7N vg1u0DmYilWpA4865zGd/Rhg5+8R5NHzNlmBqasOLDdAabTHK/2+sjvcG49QzCkk 776NEOfG1cHKuB6LePT0sQTxxQ66v6wSzAs4gsbkHAUShgHtb2OLR0XdOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIPqil1T2sLS6nV+n3qqaWP5q8iBMB8GA1UdIwQY MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1 LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEGKDH3v FsmTlFmkAHRUI4UwSupm9J/mHLjnMi4yWp13OtZ7sW05h9BySm9aM8XbIoHe3Dtq OgUAM0m9WA0yy+6rDVCmFmxRN3lQHKdCH/y9oAbu0exoucUb63B6zD95yy3ID3z9 Vi1Wr7vNK0UIZIOpefG7hJUEtb2ulZ9MyNl1Yu8dGRES7i1XgYTTW3bYF+Cvqz3A YjMAN0uacQW36iuiAlgKfrhqMir/lLqUA4ZIX4Gvo+Gs1zGEKABPFBF3vycpI5Q6 V1STcoHxqu6f4id0eY5UwFP95Qz1bP55MceCG7YSW4UZZ8JKX/0RtcdTUMNdTAST vWNXJI58ML6fAg== -----END CERTIFICATE-----Generated at Tue Dec 16 22:32:38 2025 by rpki-client