This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft File: NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft (raw, json) Hash identifier: r+0pjrYCc2z/2iHbJOzxMU6r3wFnSC8G7G2XqApjDh0= Subject key identifier: 14:82:11:63:6C:73:19:DC:49:A8:08:DF:F1:3A:97:F8:38:B3:4C:9F Authority key identifier: 35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB Certificate issuer: /CN=35d2929f1652f958812d099a233f33ad3445bbfb Certificate serial: 019B7CA76EAA17F51122BDE5152762304B95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft Manifest number: 1768 Signing time: Fri 02 Jan 2026 03:01:46 +0000 Manifest this update: Fri 02 Jan 2026 03:01:46 +0000 Manifest next update: Sat 03 Jan 2026 03:01:46 +0000 Files and hashes: 1: NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl (hash: S79lH0ZTyle5BpFs/qydGbghuJBEakwWnT+WE7r37mY=) 2: RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa (hash: ZwW8RhsC1c6THaCJDOUF+Lquzo4U71ipuOUtISL9Y48=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:a7:6e:aa:17:f5:11:22:bd:e5:15:27:62:30:4b:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35d2929f1652f958812d099a233f33ad3445bbfb Validity Not Before: Jan 2 03:01:46 2026 GMT Not After : Jan 3 03:01:46 2026 GMT Subject: CN=148211636c7319dc49a808dff13a97f838b34c9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f6:4c:4d:fa:65:f4:d0:16:90:2d:6d:62:d0: 35:af:af:27:0e:48:a6:8c:16:6c:93:5b:3a:dc:54: 31:2d:a7:48:ac:ed:ca:1c:54:5d:3f:4a:ba:4c:86: b0:12:20:53:af:8a:04:aa:b9:30:d9:40:38:96:b3: 55:58:41:b5:43:3a:82:8d:27:20:b3:42:a6:43:45: 32:16:bb:72:9c:b1:e1:15:21:8b:33:d1:01:c8:43: 94:e3:bc:20:9f:cb:72:1c:14:bc:90:1b:d3:01:3b: db:20:ef:26:f9:e4:f2:98:8c:14:65:8f:de:ca:7c: 64:d6:d3:79:a1:33:a3:b7:43:89:82:d1:02:66:1d: 7f:c9:a9:34:72:32:5a:b5:f3:b6:76:79:9d:33:a6: a2:25:18:e8:55:6c:48:75:03:1b:82:5f:c9:fa:cc: c8:d4:2d:f0:b8:35:59:a3:88:bb:28:d9:f2:84:70: 4c:c4:1b:53:a8:93:8d:77:c0:24:ef:ad:70:87:c3: 49:36:95:12:46:c9:03:4f:56:e6:46:af:34:11:2f: 88:04:02:b0:13:a9:d7:64:07:75:8c:8f:da:bc:50: 4c:a6:d6:17:75:5b:1a:e5:28:07:46:1e:c6:aa:f3: 85:e9:82:6d:c6:bf:0a:ba:ac:c9:b4:25:1f:24:92: 73:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:82:11:63:6C:73:19:DC:49:A8:08:DF:F1:3A:97:F8:38:B3:4C:9F X509v3 Authority Key Identifier: keyid:35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:62:0b:56:01:9d:b4:74:d1:8a:38:81:26:35:d0:00:39:bb: 7b:04:37:3e:b0:65:71:46:e6:af:be:2b:a3:37:b1:50:f7:ac: e7:f2:b0:89:b1:7d:58:d7:d0:d2:f9:80:d6:66:20:33:85:70: de:64:b5:01:1c:b1:12:89:54:e7:08:d6:4e:cd:ff:86:21:45: 6c:6a:cc:02:b7:fa:db:71:f8:70:45:d4:59:63:df:f1:01:ea: 29:37:1b:f2:50:11:71:90:6e:54:f5:67:e2:64:fd:2a:bd:e5: d6:3b:bd:2c:26:46:b4:1f:e5:89:ec:c9:34:f2:3e:5a:7c:f7: 17:7d:2d:50:d5:99:16:b6:45:86:82:34:db:0c:bc:4c:69:5f: 50:6f:f1:cc:51:ae:67:d8:ab:52:a9:b2:c7:b6:94:81:17:16: 68:f1:77:77:82:09:61:16:63:40:3a:bb:02:36:80:ea:7a:26: c5:a7:ba:9c:e8:78:b1:2f:10:92:5b:55:21:c2:ed:83:f7:72: 90:b1:82:e5:a5:0e:93:db:0f:cf:bd:a3:c3:80:cd:63:65:37: 1e:f2:29:9d:ad:df:8b:04:f6:b2:0d:99:97:e6:67:40:4f:b9: ce:4c:69:b4:e0:e3:b0:50:08:4c:e8:ee:9d:8a:dd:9e:a1:15: 98:83:20:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt8p26qF/URIr3lFSdiMEuVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZDI5MjlmMTY1MmY5NTg4MTJkMDk5YTIzM2YzM2FkMzQ0 NWJiZmIwHhcNMjYwMTAyMDMwMTQ2WhcNMjYwMTAzMDMwMTQ2WjAzMTEwLwYDVQQD EygxNDgyMTE2MzZjNzMxOWRjNDlhODA4ZGZmMTNhOTdmODM4YjM0YzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfZMTfpl9NAWkC1tYtA1r68nDkim jBZsk1s63FQxLadIrO3KHFRdP0q6TIawEiBTr4oEqrkw2UA4lrNVWEG1QzqCjScg s0KmQ0UyFrtynLHhFSGLM9EByEOU47wgn8tyHBS8kBvTATvbIO8m+eTymIwUZY/e ynxk1tN5oTOjt0OJgtECZh1/yak0cjJatfO2dnmdM6aiJRjoVWxIdQMbgl/J+szI 1C3wuDVZo4i7KNnyhHBMxBtTqJONd8Ak761wh8NJNpUSRskDT1bmRq80ES+IBAKw E6nXZAd1jI/avFBMptYXdVsa5SgHRh7GqvOF6YJtxr8KuqzJtCUfJJJzWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBSCEWNscxncSagI3/E6l/g4s0yfMB8GA1UdIwQY MBaAFDXSkp8WUvlYgS0JmiM/M600Rbv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEt YjI4MGQ0YzYyNzQ1LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEtYjI4MGQ0YzYyNzQ1 LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATWILVgGd tHTRijiBJjXQADm7ewQ3PrBlcUbmr74rozexUPes5/KwibF9WNfQ0vmA1mYgM4Vw 3mS1ARyxEolU5wjWTs3/hiFFbGrMArf623H4cEXUWWPf8QHqKTcb8lARcZBuVPVn 4mT9Kr3l1ju9LCZGtB/liezJNPI+Wnz3F30tUNWZFrZFhoI02wy8TGlfUG/xzFGu Z9irUqmyx7aUgRcWaPF3d4IJYRZjQDq7AjaA6nomxae6nOh4sS8QkltVIcLtg/dy kLGC5aUOk9sPz72jw4DNY2U3HvIpna3fiwT2sg2Zl+ZnQE+5zkxptODjsFAITOju nYrdnqEVmIMgZg== -----END CERTIFICATE-----Generated at Fri Jan 2 13:06:55 2026 by rpki-client