This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.mft File: NB--B1HiEYiTdNFdYxLCJPaV-qI.mft (raw, json) Hash identifier: FHOBbhGwugOTO5zijDHsbzb8IJFkVdKAB0lG0yU/h6o= Subject key identifier: A1:E2:F3:0D:24:49:28:F7:2B:C6:46:62:C1:31:BB:AF:2C:20:E6:A9 Authority key identifier: 34:1F:BE:07:51:E2:11:88:93:74:D1:5D:63:12:C2:24:F6:95:FA:A2 Certificate issuer: /CN=341fbe0751e211889374d15d6312c224f695faa2 Certificate serial: 019B3D59FE102BE908917E63C3A2ECAE3E55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NB--B1HiEYiTdNFdYxLCJPaV-qI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.mft Manifest number: 10AF Signing time: Sat 20 Dec 2025 20:01:06 +0000 Manifest this update: Sat 20 Dec 2025 20:01:06 +0000 Manifest next update: Sun 21 Dec 2025 20:01:06 +0000 Files and hashes: 1: Giw6c3ykUw3nYPNE5UpuuM_ybFY.roa (hash: 4QE8zLtdTCj1Z8B1PqQUFcIb6Is1jjshW97EzIqWBB0=) 2: NB--B1HiEYiTdNFdYxLCJPaV-qI.crl (hash: tHW/dzmI2h2MxXg1D0SadUBY70OCiAonVN8i9wMiPfg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.mft rsync://rpki.ripe.net/repository/DEFAULT/NB--B1HiEYiTdNFdYxLCJPaV-qI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:fe:10:2b:e9:08:91:7e:63:c3:a2:ec:ae:3e:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=341fbe0751e211889374d15d6312c224f695faa2 Validity Not Before: Dec 20 20:01:06 2025 GMT Not After : Dec 21 20:01:06 2025 GMT Subject: CN=a1e2f30d244928f72bc64662c131bbaf2c20e6a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:55:32:18:81:d9:f6:5f:2e:74:b3:d0:c0:1b: fd:0f:ab:83:ba:37:03:88:2e:2d:bd:66:7c:c0:2e: 86:03:e3:e1:c2:a6:e5:4c:1c:95:69:17:50:98:45: bd:7f:60:c2:20:41:0a:54:51:ad:b2:11:01:f0:65: c9:48:e2:67:a3:4e:9e:a6:be:28:60:d2:1a:e2:59: b1:4f:9a:d3:71:6f:51:7f:e3:02:77:df:a2:cb:f8: 8f:80:2b:68:11:f8:17:94:63:f3:5a:5d:9e:96:25: ad:74:90:49:57:5c:64:c2:b9:e6:2f:fa:32:0f:1e: dc:87:65:d8:25:94:2b:23:8f:77:6c:f6:6b:fb:f9: c6:c3:bd:7b:f7:f8:5e:5d:b6:29:c2:ec:92:a3:2e: 69:6d:73:a7:84:4f:c5:54:41:6c:fc:a9:64:a3:11: 85:6c:d0:d4:f5:29:fc:60:0f:86:f8:c9:a7:79:3f: af:5e:db:04:ef:c7:9d:4b:82:71:e4:c4:c7:6d:75: 7c:44:1e:e7:bf:91:8b:1b:9a:0b:cc:d9:81:2a:3c: f3:b5:75:5b:8d:f9:36:ef:82:50:87:0f:6a:0c:b1: a2:59:d8:24:23:d1:8b:ec:ec:7e:bd:dc:52:94:b9: 1f:80:fa:5c:4d:bc:64:b4:22:e9:31:b3:e3:d0:00: a0:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:E2:F3:0D:24:49:28:F7:2B:C6:46:62:C1:31:BB:AF:2C:20:E6:A9 X509v3 Authority Key Identifier: keyid:34:1F:BE:07:51:E2:11:88:93:74:D1:5D:63:12:C2:24:F6:95:FA:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB--B1HiEYiTdNFdYxLCJPaV-qI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/014a63-ca18-41df-91e9-c28ee869faa0/1/NB--B1HiEYiTdNFdYxLCJPaV-qI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:45:39:f0:66:e7:0e:74:29:25:9e:4e:e0:de:3b:04:da:b8: 80:84:d2:01:a8:4b:18:76:b6:74:5f:2b:7d:7a:40:77:c0:44: 73:6b:a8:e9:c9:9d:52:f1:c1:41:cd:32:b5:36:77:42:de:1f: 2a:6e:67:90:98:32:9b:89:45:1d:55:db:fe:eb:36:ca:42:b5: 02:5a:54:7a:89:d5:3c:db:67:fe:62:17:c7:42:a0:8a:6d:c3: 5e:a8:65:c1:82:de:f4:e2:87:fb:2b:36:6c:db:ff:ea:ef:1e: 4d:3b:ca:c0:75:38:ac:ba:16:a2:6a:c1:58:55:58:c0:b6:a1: e4:87:c5:79:d1:35:2d:92:45:b6:6a:fb:52:bc:f0:9a:b3:74: 99:ff:11:cc:c0:b1:ad:43:91:a6:4b:58:81:34:88:63:39:e9: 05:0b:75:fb:92:c7:86:9d:54:b6:f4:4b:40:fa:5a:15:be:bf: 89:f8:fe:2e:a0:82:c2:3b:d4:2b:8d:b1:61:8c:3e:db:45:a2: ff:02:36:c9:23:9f:57:8c:15:a6:75:10:be:3c:f2:7b:3f:61: 35:b8:fd:f3:8c:31:72:3b:10:50:7d:28:27:63:98:3d:92:05: 1a:8a:df:9c:7c:a3:fe:b4:f1:c6:52:c6:79:be:19:29:6e:f4: 6a:fc:6f:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Wf4QK+kIkX5jw6Lsrj5VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MWZiZTA3NTFlMjExODg5Mzc0ZDE1ZDYzMTJjMjI0ZjY5 NWZhYTIwHhcNMjUxMjIwMjAwMTA2WhcNMjUxMjIxMjAwMTA2WjAzMTEwLwYDVQQD EyhhMWUyZjMwZDI0NDkyOGY3MmJjNjQ2NjJjMTMxYmJhZjJjMjBlNmE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVUyGIHZ9l8udLPQwBv9D6uDujcD iC4tvWZ8wC6GA+PhwqblTByVaRdQmEW9f2DCIEEKVFGtshEB8GXJSOJno06epr4o YNIa4lmxT5rTcW9Rf+MCd9+iy/iPgCtoEfgXlGPzWl2eliWtdJBJV1xkwrnmL/oy Dx7ch2XYJZQrI493bPZr+/nGw7179/heXbYpwuySoy5pbXOnhE/FVEFs/KlkoxGF bNDU9Sn8YA+G+MmneT+vXtsE78edS4Jx5MTHbXV8RB7nv5GLG5oLzNmBKjzztXVb jfk274JQhw9qDLGiWdgkI9GL7Ox+vdxSlLkfgPpcTbxktCLpMbPj0ACgwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKHi8w0kSSj3K8ZGYsExu68sIOapMB8GA1UdIwQY MBaAFDQfvgdR4hGIk3TRXWMSwiT2lfqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkItLUIxSGlFWWlUZE5GZFl4TENKUGFWLXFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wMTRhNjMtY2ExOC00MWRmLTkxZTkt YzI4ZWU4NjlmYWEwLzEvTkItLUIxSGlFWWlUZE5GZFl4TENKUGFWLXFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8wMTRhNjMtY2ExOC00MWRmLTkxZTktYzI4ZWU4NjlmYWEw LzEvTkItLUIxSGlFWWlUZE5GZFl4TENKUGFWLXFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm0U58Gbn DnQpJZ5O4N47BNq4gITSAahLGHa2dF8rfXpAd8BEc2uo6cmdUvHBQc0ytTZ3Qt4f Km5nkJgym4lFHVXb/us2ykK1AlpUeonVPNtn/mIXx0Kgim3DXqhlwYLe9OKH+ys2 bNv/6u8eTTvKwHU4rLoWomrBWFVYwLah5IfFedE1LZJFtmr7UrzwmrN0mf8RzMCx rUORpktYgTSIYznpBQt1+5LHhp1UtvRLQPpaFb6/ifj+LqCCwjvUK42xYYw+20Wi /wI2ySOfV4wVpnUQvjzyez9hNbj984wxcjsQUH0oJ2OYPZIFGorfnHyj/rTxxlLG eb4ZKW70avxvdA== -----END CERTIFICATE-----Generated at Sat Dec 20 23:04:20 2025 by rpki-client