This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft File: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json) Hash identifier: ajexwehnea5aILeXV3DS2eyfGF5BXwmbBb1uuZXYq0o= Subject key identifier: B2:43:F9:4F:44:C3:3B:2C:5F:E3:E3:BF:B0:C7:0F:CD:CA:73:8D:A0 Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 Certificate issuer: /CN=3541e9d600daab653543725cf1f9cf988b50d879 Certificate serial: 019B2F671E83A70A84EC8D0621BBCEA3E63B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft Manifest number: 0BE3 Signing time: Thu 18 Dec 2025 03:00:45 +0000 Manifest this update: Thu 18 Dec 2025 03:00:45 +0000 Manifest next update: Fri 19 Dec 2025 03:00:45 +0000 Files and hashes: 1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: Y9PgxZ5n7WtZpI5TCsDEiOb8tvhn169THbA8jPGkNGE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 03:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:1e:83:a7:0a:84:ec:8d:06:21:bb:ce:a3:e6:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879 Validity Not Before: Dec 18 03:00:45 2025 GMT Not After : Dec 19 03:00:45 2025 GMT Subject: CN=b243f94f44c33b2c5fe3e3bfb0c70fcdca738da0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:85:31:dc:d9:d6:e3:8d:a6:bf:bb:be:de:24: fe:46:b8:86:c1:b4:d9:06:e6:05:9d:2a:8c:de:2f: 89:10:71:e1:72:80:ea:d4:3b:dc:fe:03:08:76:fc: b3:88:47:af:66:10:a7:cf:5d:47:82:91:45:a6:6d: d3:60:9a:9f:4d:34:49:60:9c:00:52:cf:27:39:a4: 4a:87:bc:43:f7:50:27:3e:9c:54:59:69:2d:61:6a: 08:78:7c:87:f7:3d:20:1c:fd:51:d4:b4:2c:06:41: e0:1c:1b:06:1d:36:70:c7:70:3c:b1:65:02:54:d9: bd:fe:c6:56:ce:bf:96:71:ae:38:7e:f6:fc:a0:cb: 83:53:34:f8:ba:61:63:49:1e:33:80:ae:34:1a:ae: 3c:24:44:7a:c5:39:77:63:34:e0:87:1c:7a:7c:2e: 2b:32:31:1f:93:eb:ef:94:61:5d:ba:99:e2:40:e6: b4:ae:40:cf:6a:01:fd:1a:98:16:3a:3f:51:76:15: 7e:b5:43:26:d6:9c:dd:91:d5:e1:f5:f5:d1:10:fd: 94:87:a3:32:12:18:82:ac:19:99:84:dd:ec:c0:22: 92:28:06:c5:70:42:d8:32:2d:a8:d2:b7:bd:43:0c: ca:58:b1:15:49:94:02:dc:ee:7d:b7:e6:a0:c4:c6: 7a:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:43:F9:4F:44:C3:3B:2C:5F:E3:E3:BF:B0:C7:0F:CD:CA:73:8D:A0 X509v3 Authority Key Identifier: keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:32:ae:83:59:c4:2e:f5:f2:81:f8:90:d8:0d:d5:60:9e:60: de:bf:55:a3:21:87:5e:6a:ae:34:bc:cc:13:34:67:ed:39:9d: 49:9d:a7:00:93:34:56:4a:3d:d0:b3:d9:01:08:11:c5:43:93: c7:f4:fc:35:e2:2b:3b:9c:2e:10:03:60:40:9a:c3:af:f3:88: 70:22:09:23:7b:60:98:75:3a:22:f0:90:1d:57:ec:7b:4c:50: 69:6b:f0:6a:0b:3e:bd:38:4c:42:ee:b1:2c:39:dc:85:38:5a: 4b:92:01:b9:e3:03:e2:6f:41:b0:56:b5:b8:c9:ee:af:df:ea: 0d:17:ae:3b:68:f4:5c:99:ce:57:c7:da:9a:2b:89:fc:9c:49: 26:42:55:1e:a1:27:c8:6a:8c:37:d4:9c:04:91:d9:7e:cf:8d: 1b:e4:e3:32:be:82:62:fe:4e:f1:93:d1:0b:6f:a0:9f:25:28: 2e:12:22:84:f4:fd:91:fa:ba:21:a8:a3:1c:91:14:41:a6:96: 58:e5:26:51:d8:ff:fc:2a:a3:cc:51:46:0c:1b:93:ed:99:e3: de:9a:c4:75:bc:71:77:b1:82:4c:1e:45:35:5e:de:53:6a:e9: 4c:f0:b9:d5:07:f2:9d:1d:5d:d2:b4:1b:ac:1a:d2:bd:a7:ee: 17:77:83:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZx6DpwqE7I0GIbvOo+Y7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1 MGQ4NzkwHhcNMjUxMjE4MDMwMDQ1WhcNMjUxMjE5MDMwMDQ1WjAzMTEwLwYDVQQD EyhiMjQzZjk0ZjQ0YzMzYjJjNWZlM2UzYmZiMGM3MGZjZGNhNzM4ZGEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoUx3NnW442mv7u+3iT+RriGwbTZ BuYFnSqM3i+JEHHhcoDq1Dvc/gMIdvyziEevZhCnz11HgpFFpm3TYJqfTTRJYJwA Us8nOaRKh7xD91AnPpxUWWktYWoIeHyH9z0gHP1R1LQsBkHgHBsGHTZwx3A8sWUC VNm9/sZWzr+Wca44fvb8oMuDUzT4umFjSR4zgK40Gq48JER6xTl3YzTghxx6fC4r MjEfk+vvlGFdupniQOa0rkDPagH9GpgWOj9RdhV+tUMm1pzdkdXh9fXREP2Uh6My EhiCrBmZhN3swCKSKAbFcELYMi2o0re9QwzKWLEVSZQC3O59t+agxMZ6FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLJD+U9EwzssX+Pjv7DHD83Kc42gMB8GA1UdIwQY MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAezKug1nE LvXygfiQ2A3VYJ5g3r9VoyGHXmquNLzMEzRn7TmdSZ2nAJM0Vko90LPZAQgRxUOT x/T8NeIrO5wuEANgQJrDr/OIcCIJI3tgmHU6IvCQHVfse0xQaWvwags+vThMQu6x LDnchThaS5IBueMD4m9BsFa1uMnur9/qDReuO2j0XJnOV8famiuJ/JxJJkJVHqEn yGqMN9ScBJHZfs+NG+TjMr6CYv5O8ZPRC2+gnyUoLhIihPT9kfq6IaijHJEUQaaW WOUmUdj//CqjzFFGDBuT7Znj3prEdbxxd7GCTB5FNV7eU2rpTPC51QfynR1d0rQb rBrSvafuF3eDzQ== -----END CERTIFICATE-----Generated at Thu Dec 18 11:14:02 2025 by rpki-client