This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft File: NTPUOQNczcXww50bP7FhlbVV_KM.mft (raw, json) Hash identifier: gynBI5KwPFOL/leyo8ha7OhofkGxvhwjSDtgPjolpyE= Subject key identifier: 59:32:8C:6F:F7:C7:9D:A9:7B:07:3E:AF:1D:18:23:A0:3D:ED:26:2D Authority key identifier: 35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3 Certificate issuer: /CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3 Certificate serial: 019B6F900D971CDFCE2A4D0C41A7B3661A7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft Manifest number: 0C98 Signing time: Tue 30 Dec 2025 14:01:10 +0000 Manifest this update: Tue 30 Dec 2025 14:01:10 +0000 Manifest next update: Wed 31 Dec 2025 14:01:10 +0000 Files and hashes: 1: NTPUOQNczcXww50bP7FhlbVV_KM.crl (hash: rtj32RWeiHxWVr9dTBQ4Kra/CAuWbr/1qymY2LkctZ0=) 2: rAVoUvT6eIAoJ9DaPocwQDvvkoc.roa (hash: 1BFZOwvrkIRFql6imBqxsdk52Ly1yvo/6JadLNNcDZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 14:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6f:90:0d:97:1c:df:ce:2a:4d:0c:41:a7:b3:66:1a:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3 Validity Not Before: Dec 30 14:01:10 2025 GMT Not After : Dec 31 14:01:10 2025 GMT Subject: CN=59328c6ff7c79da97b073eaf1d1823a03ded262d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e1:6e:c0:da:d1:bc:3f:e7:e7:98:bf:fd:74: 91:89:3f:23:11:08:1c:8b:32:58:eb:0e:3f:16:12: 44:14:1f:79:a1:6e:97:5a:1e:4f:83:06:d8:f4:23: a8:b6:55:4d:bc:b8:17:88:a2:33:fb:b6:81:86:f6: 0d:23:3b:ef:ec:3e:4e:95:6c:70:66:bc:06:5b:8e: b9:c2:0e:1c:ae:6f:30:be:0f:b2:ce:e0:83:68:1f: 66:41:4c:32:0c:d1:04:ce:11:6f:11:b9:cb:33:a8: a5:2d:81:89:ad:89:85:47:d5:dd:d9:ef:0d:6e:1a: 98:f7:49:ce:85:cf:13:0b:9e:13:bf:10:67:35:e1: 74:94:b6:22:2c:47:29:f9:71:3b:c8:2f:20:ee:f1: e3:f3:81:f9:16:bd:77:12:6c:d6:11:9d:37:66:e7: 1a:90:13:28:37:09:07:7a:ba:0b:4d:e1:0b:b6:0b: c2:fc:38:58:64:d6:c8:97:88:c0:17:04:bf:40:74: b3:3b:b1:88:f8:9f:fa:54:77:69:ec:b1:c8:af:2a: 27:70:18:7b:be:de:2e:3e:90:2e:1e:2e:b1:61:27: fa:07:16:06:cb:b1:68:aa:2c:78:61:72:21:cc:0e: a4:cb:d9:d9:43:37:66:a4:27:dd:d4:e1:2c:01:bb: 15:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:32:8C:6F:F7:C7:9D:A9:7B:07:3E:AF:1D:18:23:A0:3D:ED:26:2D X509v3 Authority Key Identifier: keyid:35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:be:9a:8c:b9:96:7d:82:41:9f:70:42:7e:47:c2:3c:69:5b: 8f:70:29:9d:50:38:c7:2c:08:d5:cf:82:2a:64:5d:34:75:33: eb:70:62:fb:88:8a:db:f1:e5:59:26:dc:98:56:32:dd:34:0d: f9:08:c0:02:e1:61:ce:36:b8:6d:41:78:9a:97:fc:0b:1a:ba: 90:03:3b:48:46:fa:84:e4:4b:05:45:89:94:04:67:04:5c:69: d7:43:39:c4:69:68:01:1c:d3:e2:5a:e8:6a:a0:f5:5f:19:81: b1:06:9a:6f:7e:76:da:08:4a:1d:80:1b:b2:96:f6:90:76:c6: be:41:cd:f5:fd:41:c7:9e:33:ce:b8:5a:1d:65:3c:01:09:5d: c9:33:3f:d8:8b:a8:15:51:e6:78:9f:89:ef:16:33:fe:1c:b1: ef:b3:2e:d5:a7:1f:5e:05:06:28:25:37:51:12:b4:cd:5a:18: 46:cc:c0:ef:6a:ae:dd:db:5b:3e:0f:c4:0b:ef:03:b5:9f:3d: 0c:f5:46:59:c9:6d:e7:c1:c2:40:cb:55:ed:e2:0c:68:48:21: cc:b4:36:eb:50:bc:cb:d8:4e:56:94:82:d3:ee:76:d0:c9:fd: 53:b8:cb:04:77:a8:f1:dd:92:c3:60:e2:7a:4b:fe:bc:7c:fe: 2a:a7:2a:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtvkA2XHN/OKk0MQaezZhp/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MzNkNDM5MDM1Y2NkYzVmMGMzOWQxYjNmYjE2MTk1YjU1 NWZjYTMwHhcNMjUxMjMwMTQwMTEwWhcNMjUxMjMxMTQwMTEwWjAzMTEwLwYDVQQD Eyg1OTMyOGM2ZmY3Yzc5ZGE5N2IwNzNlYWYxZDE4MjNhMDNkZWQyNjJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOFuwNrRvD/n55i//XSRiT8jEQgc izJY6w4/FhJEFB95oW6XWh5PgwbY9COotlVNvLgXiKIz+7aBhvYNIzvv7D5OlWxw ZrwGW465wg4crm8wvg+yzuCDaB9mQUwyDNEEzhFvEbnLM6ilLYGJrYmFR9Xd2e8N bhqY90nOhc8TC54TvxBnNeF0lLYiLEcp+XE7yC8g7vHj84H5Fr13EmzWEZ03Zuca kBMoNwkHeroLTeELtgvC/DhYZNbIl4jAFwS/QHSzO7GI+J/6VHdp7LHIryoncBh7 vt4uPpAuHi6xYSf6BxYGy7Foqix4YXIhzA6ky9nZQzdmpCfd1OEsAbsVqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFkyjG/3x52pewc+rx0YI6A97SYtMB8GA1UdIwQY MBaAFDUz1DkDXM3F8MOdGz+xYZW1VfyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODIt MzZlODVhYmU1MmZmLzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODItMzZlODVhYmU1MmZm LzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnb6ajLmW fYJBn3BCfkfCPGlbj3ApnVA4xywI1c+CKmRdNHUz63Bi+4iK2/HlWSbcmFYy3TQN +QjAAuFhzja4bUF4mpf8Cxq6kAM7SEb6hORLBUWJlARnBFxp10M5xGloARzT4lro aqD1XxmBsQaab3522ghKHYAbspb2kHbGvkHN9f1Bx54zzrhaHWU8AQldyTM/2Iuo FVHmeJ+J7xYz/hyx77Mu1acfXgUGKCU3URK0zVoYRszA72qu3dtbPg/EC+8DtZ89 DPVGWclt58HCQMtV7eIMaEghzLQ261C8y9hOVpSC0+520Mn9U7jLBHeo8d2Sw2Di ekv+vHz+Kqcq7Q== -----END CERTIFICATE-----Generated at Tue Dec 30 18:40:27 2025 by rpki-client