This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft File: nlY8Qm0ark7R5_WVNnSQIgiehHk.mft (raw, json) Hash identifier: b6JHEWkQKvpKc1HgIGXWjpRAtM74mkgggcutj3E0vkU= Subject key identifier: 40:B0:9B:A7:FC:B5:68:94:19:A2:38:60:91:F4:41:D5:E2:E7:57:20 Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79 Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479 Certificate serial: 019B3FECAB0F5B7C203E12399E1417FCACC0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft Manifest number: 0C4B Signing time: Sun 21 Dec 2025 08:00:33 +0000 Manifest this update: Sun 21 Dec 2025 08:00:33 +0000 Manifest next update: Mon 22 Dec 2025 08:00:33 +0000 Files and hashes: 1: DLPCyIKM7jz79PsqVnrxNoMgYXE.roa (hash: +QgaTeTZpZ2fDtls8hcOtAF0lYWHQbDmqjy56TBm3AY=) 2: nlY8Qm0ark7R5_WVNnSQIgiehHk.crl (hash: OlLFB+Pg+b41Nn/uiH+QwdaYB4P2IQfxCqVQhiWWml4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ec:ab:0f:5b:7c:20:3e:12:39:9e:14:17:fc:ac:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479 Validity Not Before: Dec 21 08:00:33 2025 GMT Not After : Dec 22 08:00:33 2025 GMT Subject: CN=40b09ba7fcb5689419a2386091f441d5e2e75720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:fd:a4:44:b5:fb:6b:c5:34:fc:88:16:da:5e: b5:21:17:95:40:05:0e:29:b8:04:05:29:b4:f9:25: 5a:91:cc:ad:49:c5:8a:36:d7:7d:10:44:8b:28:8b: d6:a9:df:15:f4:cb:22:0a:f6:77:42:cb:4a:fb:be: 62:ee:cc:8b:90:69:6e:63:9f:31:c6:06:75:1c:50: 65:55:64:cf:a6:2c:89:f7:cc:7f:80:4f:ba:7e:60: 5e:c5:33:60:65:d3:72:b5:cc:f8:a1:7a:52:63:80: d6:e9:8b:9c:fe:70:1e:88:e2:bd:51:09:b9:4e:f3: c7:46:67:01:d5:c3:d2:b7:fc:ce:3f:a3:02:0c:68: 04:71:ab:41:d5:77:66:bb:c5:3d:90:67:cb:58:ac: c6:9d:4f:99:08:0f:4d:91:6c:aa:54:27:c7:9b:cc: e3:03:d5:55:f0:70:aa:36:51:b2:6e:3d:08:7c:e4: 52:2f:9e:e4:a2:3e:f9:55:65:2c:34:07:3f:77:8e: 25:5e:7f:47:91:81:e8:9d:36:46:41:49:05:e1:ba: d8:df:1a:8f:9c:4d:e8:fb:40:f1:76:1b:4f:9d:c6: 23:f0:d8:d7:6d:b0:a3:c2:c2:24:9b:b9:78:23:a6: 41:e8:f1:6c:f9:c7:63:47:af:7c:44:17:5a:36:1b: 3d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:B0:9B:A7:FC:B5:68:94:19:A2:38:60:91:F4:41:D5:E2:E7:57:20 X509v3 Authority Key Identifier: keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:8f:2c:2d:ef:7c:c4:8e:97:14:24:55:99:d7:79:fa:0f:a6: 11:06:a9:ec:74:6f:5b:70:f8:4e:87:6e:d7:a1:f8:b4:01:ad: 33:21:84:19:93:3c:fa:10:08:42:77:94:8f:7b:33:9c:ac:c0: 15:8c:ca:de:a6:5c:30:ea:8e:53:79:17:2d:bf:6f:ae:af:8f: cc:53:6d:f5:f0:a1:3f:e8:e5:5a:ad:64:11:4a:59:65:ab:6e: 46:ab:ef:ee:20:6d:34:a4:c4:93:b4:04:9e:65:64:46:be:bf: 1d:51:b9:11:93:b5:44:89:fc:90:f0:fb:71:ca:e8:84:74:2b: fa:77:e5:d9:ed:02:74:f4:7f:d8:0a:44:53:52:e9:bc:dd:4f: 9a:b6:99:56:ad:29:5c:d3:79:ed:dc:1c:94:2c:73:7a:36:38: b4:65:fe:f5:54:c4:b9:f5:e9:16:ad:3b:28:b5:51:ad:80:5b: d6:20:46:34:92:80:0e:24:36:04:e4:ea:52:65:a2:d8:64:d0: 35:26:de:2b:5a:9d:53:81:63:50:3a:ed:4b:cc:55:e3:e8:0c: 8a:0b:a7:0b:45:21:af:5b:5d:77:b5:fc:b1:0b:7d:fe:d6:3a: f4:2f:f8:ca:b7:d1:8b:e4:09:10:78:4a:0f:f3:6c:ab:a3:d6: 7a:a8:6a:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7KsPW3wgPhI5nhQX/KzAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5 ZTg0NzkwHhcNMjUxMjIxMDgwMDMzWhcNMjUxMjIyMDgwMDMzWjAzMTEwLwYDVQQD Eyg0MGIwOWJhN2ZjYjU2ODk0MTlhMjM4NjA5MWY0NDFkNWUyZTc1NzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9v2kRLX7a8U0/IgW2l61IReVQAUO KbgEBSm0+SVakcytScWKNtd9EESLKIvWqd8V9MsiCvZ3QstK+75i7syLkGluY58x xgZ1HFBlVWTPpiyJ98x/gE+6fmBexTNgZdNytcz4oXpSY4DW6Yuc/nAeiOK9UQm5 TvPHRmcB1cPSt/zOP6MCDGgEcatB1Xdmu8U9kGfLWKzGnU+ZCA9NkWyqVCfHm8zj A9VV8HCqNlGybj0IfORSL57koj75VWUsNAc/d44lXn9HkYHonTZGQUkF4brY3xqP nE3o+0DxdhtPncYj8NjXbbCjwsIkm7l4I6ZB6PFs+cdjR698RBdaNhs9ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECwm6f8tWiUGaI4YJH0QdXi51cgMB8GA1UdIwQY MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt YWZiY2YzNjZiYjA3LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3 LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZY8sLe98 xI6XFCRVmdd5+g+mEQap7HRvW3D4Todu16H4tAGtMyGEGZM8+hAIQneUj3sznKzA FYzK3qZcMOqOU3kXLb9vrq+PzFNt9fChP+jlWq1kEUpZZatuRqvv7iBtNKTEk7QE nmVkRr6/HVG5EZO1RIn8kPD7ccrohHQr+nfl2e0CdPR/2ApEU1LpvN1PmraZVq0p XNN57dwclCxzejY4tGX+9VTEufXpFq07KLVRrYBb1iBGNJKADiQ2BOTqUmWi2GTQ NSbeK1qdU4FjUDrtS8xV4+gMigunC0Uhr1tdd7X8sQt9/tY69C/4yrfRi+QJEHhK D/Nsq6PWeqhqBw== -----END CERTIFICATE-----Generated at Sun Dec 21 13:03:52 2025 by rpki-client