This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft File: NiQhSOPmNqkDQ_PpUES439udHNk.mft (raw, json) Hash identifier: 5N9PyRL3mouyvR2FHGnUFhdBWesNpVJh7IEZjE49j4w= Subject key identifier: 7D:8C:CE:55:3B:0A:84:EC:0F:C7:B2:31:0E:02:94:04:2B:B8:BC:0A Authority key identifier: 36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9 Certificate issuer: /CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9 Certificate serial: 019B4136ACD0ED4F47FFDF8B85057A5CC8D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft Manifest number: 02E5 Signing time: Sun 21 Dec 2025 14:01:00 +0000 Manifest this update: Sun 21 Dec 2025 14:01:00 +0000 Manifest next update: Mon 22 Dec 2025 14:01:00 +0000 Files and hashes: 1: NiQhSOPmNqkDQ_PpUES439udHNk.crl (hash: dBa7RMbiR7PPnHvD55RrZpjMyIyC0ehOMN2m88Gu3Rk=) 2: zIR-Nz3H2D4s_KM8Bm98PoR8Mws.roa (hash: vxeo0iUuDX5Ze9Stf4uTh6KeWV+Vu5qvbWwTZuqVEFY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:ac:d0:ed:4f:47:ff:df:8b:85:05:7a:5c:c8:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9 Validity Not Before: Dec 21 14:01:00 2025 GMT Not After : Dec 22 14:01:00 2025 GMT Subject: CN=7d8cce553b0a84ec0fc7b2310e0294042bb8bc0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:68:ee:3f:45:5a:94:38:87:00:25:0f:bc:ec: 70:5d:4e:1a:e5:e0:43:40:31:09:1f:0e:dd:fd:3f: cc:55:27:49:2b:6d:77:30:9c:3e:f9:88:e2:30:4a: b4:0b:14:73:a2:aa:b9:df:34:4b:be:67:7b:56:b7: 63:66:f3:c0:ac:ea:07:a9:ac:46:ba:2c:7d:65:9d: b0:3e:53:22:2e:30:99:a3:7c:df:4f:90:dc:ce:1e: a7:d4:8a:bc:73:37:33:73:6d:d8:a6:7c:12:5c:49: de:39:63:c9:3e:71:29:dc:58:15:ba:99:ea:a4:d3: 4b:0a:42:24:75:a5:7e:cc:11:45:13:9c:86:7f:b5: 71:91:4b:3c:4a:5d:61:71:14:ac:9c:f7:3c:42:fc: 9a:bc:bc:00:e3:14:6e:91:ea:2a:16:35:e5:c4:87: ef:98:31:f8:fc:08:86:23:ef:10:77:b6:4b:fc:61: df:8f:7e:f5:04:8b:ea:da:ab:77:84:4f:52:db:e0: 86:b8:8d:32:ea:73:ba:2f:88:96:45:2c:5c:c5:32: ba:5d:f9:01:3d:1d:7c:fa:79:b0:07:6b:84:1c:d4: 55:4b:99:e7:16:e9:09:be:a0:7e:a8:b0:4b:be:67: f0:de:25:46:92:10:67:b9:12:ba:de:ed:86:a3:23: 1b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:8C:CE:55:3B:0A:84:EC:0F:C7:B2:31:0E:02:94:04:2B:B8:BC:0A X509v3 Authority Key Identifier: keyid:36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:df:67:e7:b9:8a:b1:bb:a3:3e:a3:c0:03:b5:11:fe:69:a7: 97:e2:7a:33:73:23:22:b9:63:e0:5e:8b:d0:eb:2e:09:88:3b: 39:29:a3:c7:e1:18:f7:ed:e1:dc:a0:65:a8:ae:44:ec:d8:bd: a2:b8:df:bf:0f:8b:e0:60:1a:13:ec:5d:2e:8b:24:49:f8:b8: cf:ba:48:a7:0d:e9:c3:76:cc:3a:c0:3a:d9:52:c2:e4:36:c6: 31:b6:9f:65:a0:16:55:fb:a2:29:8d:c2:36:69:b3:58:bf:af: 7c:09:96:b9:fb:11:27:32:f4:3b:3f:a8:ba:0b:a0:2d:70:2e: a4:bf:14:5b:74:c8:aa:a2:04:75:6b:c6:59:31:ad:e2:d5:77: 2a:43:3c:39:d3:1f:26:e9:a5:a5:b9:22:75:41:1c:72:7e:90: 6b:cb:3f:f7:97:96:d0:4a:c6:0d:96:14:f7:8d:e2:1b:9f:ea: 6d:d3:0e:d4:27:c4:3c:f1:62:fa:3f:9f:e6:14:06:b7:c6:a4: b2:92:44:6c:0d:33:5f:cb:ba:41:83:5f:87:97:07:53:00:45: 83:80:da:cc:0f:bd:41:14:f8:42:05:03:59:80:52:77:7c:84: ce:61:0e:1b:52:cf:56:0b:e1:10:1e:7c:e1:d4:22:47:03:ec: ba:41:fc:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNqzQ7U9H/9+LhQV6XMjXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MjQyMTQ4ZTNlNjM2YTkwMzQzZjNlOTUwNDRiOGRmZGI5 ZDFjZDkwHhcNMjUxMjIxMTQwMTAwWhcNMjUxMjIyMTQwMTAwWjAzMTEwLwYDVQQD Eyg3ZDhjY2U1NTNiMGE4NGVjMGZjN2IyMzEwZTAyOTQwNDJiYjhiYzBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWjuP0ValDiHACUPvOxwXU4a5eBD QDEJHw7d/T/MVSdJK213MJw++YjiMEq0CxRzoqq53zRLvmd7VrdjZvPArOoHqaxG uix9ZZ2wPlMiLjCZo3zfT5Dczh6n1Iq8czczc23YpnwSXEneOWPJPnEp3FgVupnq pNNLCkIkdaV+zBFFE5yGf7VxkUs8Sl1hcRSsnPc8QvyavLwA4xRukeoqFjXlxIfv mDH4/AiGI+8Qd7ZL/GHfj371BIvq2qt3hE9S2+CGuI0y6nO6L4iWRSxcxTK6XfkB PR18+nmwB2uEHNRVS5nnFukJvqB+qLBLvmfw3iVGkhBnuRK63u2GoyMb8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH2MzlU7CoTsD8eyMQ4ClAQruLwKMB8GA1UdIwQY MBaAFDYkIUjj5japA0Pz6VBEuN/bnRzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQt MjZkNzU5MzY1NDAyLzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQtMjZkNzU5MzY1NDAy LzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK99n57mK sbujPqPAA7UR/mmnl+J6M3MjIrlj4F6L0OsuCYg7OSmjx+EY9+3h3KBlqK5E7Ni9 orjfvw+L4GAaE+xdLoskSfi4z7pIpw3pw3bMOsA62VLC5DbGMbafZaAWVfuiKY3C NmmzWL+vfAmWufsRJzL0Oz+ougugLXAupL8UW3TIqqIEdWvGWTGt4tV3KkM8OdMf JumlpbkidUEccn6Qa8s/95eW0ErGDZYU943iG5/qbdMO1CfEPPFi+j+f5hQGt8ak spJEbA0zX8u6QYNfh5cHUwBFg4DazA+9QRT4QgUDWYBSd3yEzmEOG1LPVgvhEB58 4dQiRwPsukH8fQ== -----END CERTIFICATE-----Generated at Sun Dec 21 20:38:00 2025 by rpki-client