This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft File: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft (raw, json) Hash identifier: zvTjO1NVUAiIh0tTOqqyUB/oXHHs1KVNEkkWmX0oa7s= Subject key identifier: 08:64:A3:58:A9:EB:28:95:0F:EA:8F:D8:3E:21:8D:83:63:00:9A:F0 Authority key identifier: 9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61 Certificate issuer: /CN=9d0e2b9e69f562df14cf772bde05f7dacde25961 Certificate serial: 019B3DC7D40784A513D6B2898F2BFB505D92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft Manifest number: 0E5B Signing time: Sat 20 Dec 2025 22:01:04 +0000 Manifest this update: Sat 20 Dec 2025 22:01:04 +0000 Manifest next update: Sun 21 Dec 2025 22:01:04 +0000 Files and hashes: 1: aRmXLbWgvqCrB_ieixDwg5bWHH4.roa (hash: NkuU0nUuwUULqqtGwJsRiK14f6VjdQm0HvAAtBo3GJQ=) 2: nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl (hash: HNIdM3yWC41P85qrW4nUt9zYcJ+1j4R3ScpcGb64rAM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:d4:07:84:a5:13:d6:b2:89:8f:2b:fb:50:5d:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d0e2b9e69f562df14cf772bde05f7dacde25961 Validity Not Before: Dec 20 22:01:04 2025 GMT Not After : Dec 21 22:01:04 2025 GMT Subject: CN=0864a358a9eb28950fea8fd83e218d8363009af0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:37:de:73:db:5b:15:d5:2f:dc:eb:c3:c6:f6: f2:61:63:c7:e3:db:90:cf:4c:5b:05:d3:52:ce:85: 41:be:83:55:4b:5b:a8:9c:25:6c:7c:41:c0:a6:d0: 6a:8a:f3:28:c0:0d:bc:8c:39:19:9a:5a:de:4e:c4: 91:f4:96:8b:9e:ef:7e:54:44:12:85:6b:ad:da:97: 82:0d:62:3d:5a:46:ca:84:06:02:32:34:e4:fa:67: 93:9c:4f:f0:70:1f:2e:5e:c1:76:0d:bb:0e:fb:66: c9:5c:4b:c8:f3:98:03:6e:4c:31:c3:bd:b9:77:75: 88:cf:77:63:bf:aa:0f:6a:47:cd:42:12:48:6f:7b: b3:d1:f1:99:d7:d4:0f:4f:15:cf:cd:2b:00:3f:2c: 4e:95:c2:f3:e1:eb:9c:76:3e:7f:b5:b4:d3:4c:a3: c8:27:b0:2e:7f:a6:b1:a0:64:82:17:ce:cf:1b:80: 76:74:38:b1:77:1b:ca:9f:f9:81:15:e9:11:2e:b1: 86:40:34:71:44:8c:a8:86:a8:9b:db:c7:55:4e:dd: 4f:d1:fa:32:97:7b:cd:60:0d:23:af:c7:88:62:7e: bc:b3:36:8a:f6:35:19:b3:a9:d6:95:2f:90:39:46: 2d:5f:67:1a:a6:b6:29:6a:6f:91:d0:be:c1:91:95: c1:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:64:A3:58:A9:EB:28:95:0F:EA:8F:D8:3E:21:8D:83:63:00:9A:F0 X509v3 Authority Key Identifier: keyid:9D:0E:2B:9E:69:F5:62:DF:14:CF:77:2B:DE:05:F7:DA:CD:E2:59:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/25be2f-92eb-4cde-a247-d8dc34036ce7/1/nQ4rnmn1Yt8Uz3cr3gX32s3iWWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:d5:11:9f:00:5d:aa:7b:2a:c3:f9:0d:c9:88:7b:53:2d:9f: ed:07:b0:e9:1c:fc:cc:67:10:f8:b9:b1:b4:f7:f6:d0:43:ed: 46:17:42:25:c4:92:d3:ff:81:42:e6:85:d8:f4:ed:ea:a1:49: 08:1f:d6:de:63:96:ea:bf:4e:ae:26:8f:a0:c7:2c:b6:60:d2: 5d:a1:26:f5:74:55:ed:8e:5f:56:8d:99:6c:55:5f:2f:e8:7c: 55:47:c1:8b:fa:f5:9e:94:ba:2d:3a:6d:bb:92:ec:6d:01:38: eb:38:62:e1:71:83:c6:d5:86:23:b1:5f:48:c2:ee:76:e1:28: 1f:5d:0c:6c:a6:f5:e8:16:18:e8:db:7e:1c:d5:f3:f1:b2:5a: e5:b0:73:03:92:3f:1b:15:04:72:4b:8d:c0:5f:31:02:d0:fc: ea:96:2f:82:35:5f:51:e7:0e:bd:2c:1c:c6:bf:c4:82:50:1c: 45:9b:8e:10:e1:ef:7b:04:7f:a0:d0:67:ab:5c:be:49:38:b3: bf:2a:05:8a:d1:58:33:f7:7c:6c:fb:9f:77:1b:a9:75:7d:94: bb:4a:46:29:98:d3:fa:cb:9e:44:57:6c:db:71:02:8c:8d:69: 45:62:06:e4:e4:32:ff:3f:57:ee:df:fd:cf:e0:4f:e9:21:76: 2c:81:a9:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x9QHhKUT1rKJjyv7UF2SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMGUyYjllNjlmNTYyZGYxNGNmNzcyYmRlMDVmN2RhY2Rl MjU5NjEwHhcNMjUxMjIwMjIwMTA0WhcNMjUxMjIxMjIwMTA0WjAzMTEwLwYDVQQD EygwODY0YTM1OGE5ZWIyODk1MGZlYThmZDgzZTIxOGQ4MzYzMDA5YWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTfec9tbFdUv3OvDxvbyYWPH49uQ z0xbBdNSzoVBvoNVS1uonCVsfEHAptBqivMowA28jDkZmlreTsSR9JaLnu9+VEQS hWut2peCDWI9WkbKhAYCMjTk+meTnE/wcB8uXsF2DbsO+2bJXEvI85gDbkwxw725 d3WIz3djv6oPakfNQhJIb3uz0fGZ19QPTxXPzSsAPyxOlcLz4eucdj5/tbTTTKPI J7Auf6axoGSCF87PG4B2dDixdxvKn/mBFekRLrGGQDRxRIyohqib28dVTt1P0foy l3vNYA0jr8eIYn68szaK9jUZs6nWlS+QOUYtX2caprYpam+R0L7BkZXBVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAhko1ip6yiVD+qP2D4hjYNjAJrwMB8GA1UdIwQY MBaAFJ0OK55p9WLfFM93K94F99rN4llhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDct ZDhkYzM0MDM2Y2U3LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8yNWJlMmYtOTJlYi00Y2RlLWEyNDctZDhkYzM0MDM2Y2U3 LzEvblE0cm5tbjFZdDhVejNjcjNnWDMyczNpV1dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAadURnwBd qnsqw/kNyYh7Uy2f7Qew6Rz8zGcQ+LmxtPf20EPtRhdCJcSS0/+BQuaF2PTt6qFJ CB/W3mOW6r9OriaPoMcstmDSXaEm9XRV7Y5fVo2ZbFVfL+h8VUfBi/r1npS6LTpt u5LsbQE46zhi4XGDxtWGI7FfSMLuduEoH10MbKb16BYY6Nt+HNXz8bJa5bBzA5I/ GxUEckuNwF8xAtD86pYvgjVfUecOvSwcxr/EglAcRZuOEOHvewR/oNBnq1y+STiz vyoFitFYM/d8bPufdxupdX2Uu0pGKZjT+sueRFds23ECjI1pRWIG5OQy/z9X7t/9 z+BP6SF2LIGpFA== -----END CERTIFICATE-----Generated at Sat Dec 20 23:57:21 2025 by rpki-client