This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft File: NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json) Hash identifier: zJjqXDPYkeCufCYjDOKkMz6vRomywq683q+6WrRHj0s= Subject key identifier: 9D:59:B1:83:6B:7A:C2:71:E4:DD:F4:6A:59:0D:A0:44:53:00:77:F8 Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5 Certificate issuer: /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5 Certificate serial: 019B435BE834D49EC333464B9D31393CEACE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft Manifest number: 04F6 Signing time: Mon 22 Dec 2025 00:00:55 +0000 Manifest this update: Mon 22 Dec 2025 00:00:55 +0000 Manifest next update: Tue 23 Dec 2025 00:00:55 +0000 Files and hashes: 1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: nhdzdURdqKOpRC8wHPSQ+rI59qnXRp84JiOmArgEhJU=) 2: zdd_itkr61DwlSbiF7xORGma-Mg.roa (hash: s7+y8n33Kdf5OFXebrrUAhH6tASSitV8ofo7STn/T1o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5b:e8:34:d4:9e:c3:33:46:4b:9d:31:39:3c:ea:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5 Validity Not Before: Dec 22 00:00:55 2025 GMT Not After : Dec 23 00:00:55 2025 GMT Subject: CN=9d59b1836b7ac271e4ddf46a590da044530077f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f3:0b:c3:0f:98:7d:9c:67:1b:ad:4a:18:28: 90:30:ea:84:18:99:6d:8c:bf:b5:48:b3:3a:06:ca: b0:3b:76:6f:73:ac:60:c8:e1:11:9c:87:06:3c:d8: 36:68:4f:e1:7c:78:ce:75:b4:e2:c1:0d:52:79:c3: 56:32:57:e3:d9:9d:38:98:21:d8:8b:6e:98:09:f4: 4f:bd:c3:cc:64:16:b2:48:39:e2:c0:21:08:f6:b0: 21:f2:b3:b3:97:e4:f4:44:30:59:06:3d:de:b0:38: 43:b3:72:f9:7c:28:20:9d:5d:cc:ac:75:79:58:38: bf:5f:b4:1f:0f:9d:d3:34:fa:f6:74:36:e2:96:9c: 71:3d:c7:19:10:81:b6:8a:67:a1:82:07:b1:9d:ab: 38:51:22:89:e6:aa:76:1d:d8:e0:50:1e:3e:d8:00: 7d:56:ab:f7:9a:64:f2:fa:ca:6d:12:ec:92:0e:f2: 58:2a:b3:ad:51:e3:26:12:2b:d2:1e:69:5b:29:18: 7a:16:4b:9d:db:42:4d:f8:2e:7c:fb:7e:5a:09:2b: c2:c9:f9:fb:1c:e6:b2:6e:aa:95:8e:41:fa:3c:e7: 8b:fc:74:63:5a:1f:d1:6b:58:41:37:90:e9:63:ef: 00:8a:5c:f8:31:f2:55:c2:63:fe:f3:1c:a7:c6:13: e2:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:59:B1:83:6B:7A:C2:71:E4:DD:F4:6A:59:0D:A0:44:53:00:77:F8 X509v3 Authority Key Identifier: keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:70:5c:9a:f3:20:3e:e9:9f:0d:f1:51:0f:5b:07:14:5b:4b: c9:6c:19:8c:37:42:ba:25:1f:91:6c:c4:a9:92:ee:9b:ad:98: 51:ed:69:8c:44:c1:7b:ce:0a:42:50:5f:bb:8e:cd:b3:82:98: 71:87:18:a3:63:49:1d:96:0a:ee:2a:69:2c:69:b8:e8:09:00: 23:92:c7:13:27:3c:8f:f1:0b:c9:bb:9a:24:57:5d:11:ce:bb: 37:2f:79:93:d4:e3:f4:2e:12:96:7e:bf:d7:e0:6a:36:d5:5f: 58:f4:5a:84:45:dd:dc:e5:5f:56:af:08:8b:64:bf:ae:2c:8a: 75:3d:70:65:66:d6:fb:f8:88:e9:ee:83:cc:fc:4c:9d:95:c3: f4:19:48:dc:c4:fd:1c:1f:b7:a5:9e:76:67:9a:83:23:08:03: fd:fa:0f:b0:ba:b5:19:a4:c7:34:ff:a9:9b:e7:29:5f:41:47: 80:8b:42:39:91:1f:f3:d5:a7:6b:9a:e2:9e:04:f1:f1:4f:fb: 70:46:7d:6a:d7:76:c3:98:b6:51:5f:3f:00:b7:ea:b5:b0:eb: 44:d7:7c:3a:db:78:81:39:0c:e4:96:56:62:9c:f7:e4:88:6f: 1e:21:09:d7:45:71:57:9e:35:fe:db:5a:3b:e4:e3:5d:af:3a: 1d:3a:d3:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDW+g01J7DM0ZLnTE5POrOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk MGJmZDUwHhcNMjUxMjIyMDAwMDU1WhcNMjUxMjIzMDAwMDU1WjAzMTEwLwYDVQQD Eyg5ZDU5YjE4MzZiN2FjMjcxZTRkZGY0NmE1OTBkYTA0NDUzMDA3N2Y4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPMLww+YfZxnG61KGCiQMOqEGJlt jL+1SLM6BsqwO3Zvc6xgyOERnIcGPNg2aE/hfHjOdbTiwQ1SecNWMlfj2Z04mCHY i26YCfRPvcPMZBaySDniwCEI9rAh8rOzl+T0RDBZBj3esDhDs3L5fCggnV3MrHV5 WDi/X7QfD53TNPr2dDbilpxxPccZEIG2imehggexnas4USKJ5qp2HdjgUB4+2AB9 Vqv3mmTy+sptEuySDvJYKrOtUeMmEivSHmlbKRh6Fkud20JN+C58+35aCSvCyfn7 HOaybqqVjkH6POeL/HRjWh/Ra1hBN5DpY+8Ailz4MfJVwmP+8xynxhPicQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ1ZsYNresJx5N30alkNoERTAHf4MB8GA1UdIwQY MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3 LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXBcmvMg PumfDfFRD1sHFFtLyWwZjDdCuiUfkWzEqZLum62YUe1pjETBe84KQlBfu47Ns4KY cYcYo2NJHZYK7ippLGm46AkAI5LHEyc8j/ELybuaJFddEc67Ny95k9Tj9C4Sln6/ 1+BqNtVfWPRahEXd3OVfVq8Ii2S/riyKdT1wZWbW+/iI6e6DzPxMnZXD9BlI3MT9 HB+3pZ52Z5qDIwgD/foPsLq1GaTHNP+pm+cpX0FHgItCOZEf89Wna5ringTx8U/7 cEZ9atd2w5i2UV8/ALfqtbDrRNd8Ott4gTkM5JZWYpz35IhvHiEJ10VxV541/tta O+TjXa86HTrTNg== -----END CERTIFICATE-----Generated at Mon Dec 22 04:43:56 2025 by rpki-client