This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json) Hash identifier: s26cdjx+r8th40exqCZxcmhG8+84Fan9ecqO51x+yX4= Subject key identifier: CA:EB:22:D1:87:83:8C:3C:AB:6E:CF:CA:A3:E4:03:EE:D3:FB:5F:7B Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Certificate serial: 019B3E6DE9015A282D961F581A2BBCF7476D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft Manifest number: 134F Signing time: Sun 21 Dec 2025 01:02:28 +0000 Manifest this update: Sun 21 Dec 2025 01:02:28 +0000 Manifest next update: Mon 22 Dec 2025 01:02:28 +0000 Files and hashes: 1: 7G7G7tpVmWd60uNlZ2vEN1k8ScQ.roa (hash: 2r8MgNw8qHVAZHcXcB+fjTECDN+jibhAZMIq0CBmNHM=) 2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: LB/mfgg0GKB4N9CVrpTK/KNcyeU56WDHPV8VV8xM53A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:e9:01:5a:28:2d:96:1f:58:1a:2b:bc:f7:47:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Validity Not Before: Dec 21 01:02:28 2025 GMT Not After : Dec 22 01:02:28 2025 GMT Subject: CN=caeb22d187838c3cab6ecfcaa3e403eed3fb5f7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e2:c4:cf:2b:a2:59:a7:8b:6d:4a:2b:78:e9: fa:f2:b5:78:c8:34:14:99:19:f2:6d:10:bd:fb:32: 4f:72:69:72:8b:05:29:97:c8:c2:60:06:a9:20:27: c5:70:17:1d:e0:91:98:67:dd:f5:ce:c6:f7:81:54: a0:aa:17:95:b8:1c:ce:60:80:74:3c:8c:ce:a9:fc: aa:85:e3:9e:98:11:b4:f4:84:ad:ca:3c:38:7d:81: c1:7b:74:01:f9:c8:bf:1b:e4:71:d9:c4:5b:a3:25: 12:3e:69:a8:8b:ee:d2:f6:55:5f:8c:ae:da:9f:23: 40:2c:ec:5a:8a:11:bc:4f:21:2b:a1:8b:b4:b9:5b: d8:bd:f9:b4:4f:06:86:6e:f2:5c:c7:17:6d:ef:9a: e1:46:4d:09:57:a7:8c:24:b3:39:6a:18:36:ee:bb: 8d:df:cf:0a:f8:9e:6f:6d:cb:5e:b7:db:84:60:b1: 06:dc:d5:43:fa:e5:b0:b7:0e:c3:12:55:7e:09:00: a6:8c:87:69:a7:42:ff:52:39:b1:f8:96:a9:44:f1: 7e:0e:70:68:76:18:c8:0d:95:e4:ed:d2:1a:80:01: 67:79:f0:de:97:bf:55:90:5c:21:a2:ab:b1:a9:0e: 08:34:06:cf:ca:20:5e:5e:25:cb:84:15:8b:f4:e8: bd:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:EB:22:D1:87:83:8C:3C:AB:6E:CF:CA:A3:E4:03:EE:D3:FB:5F:7B X509v3 Authority Key Identifier: keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:f8:73:ac:61:16:06:1b:37:51:28:76:74:b9:89:2e:2d:ba: 87:9d:6a:1a:3b:4b:fe:b0:b0:75:91:38:29:fd:2d:d4:60:76: ad:1f:ca:ef:f0:55:37:dd:d0:96:a2:c2:d1:f1:07:d4:e0:50: 6e:1c:06:a5:ef:65:47:51:2c:c1:75:cc:ce:b2:3b:ce:4d:85: c6:2b:61:6f:1a:15:43:c5:d2:17:f2:60:ce:3f:75:5b:3c:42: f8:43:a6:78:0f:10:7b:1b:ad:d0:02:bd:c7:50:4a:4b:89:e4: ed:63:df:60:af:5f:13:d6:89:a4:28:f9:09:44:8a:ad:f3:68: 22:8a:3c:72:b8:c5:dd:13:fd:73:b8:08:90:7f:82:97:ee:d7: 99:19:93:e2:59:d9:1e:87:6b:5d:b8:98:fa:61:02:1f:e2:d5: 41:e5:e3:6f:52:31:9e:70:85:5c:fb:76:28:5d:82:36:f7:f7: 51:a8:c9:bf:85:7f:8b:94:6b:fa:8f:78:81:ab:b2:4d:f3:e7: 1d:b8:1c:83:2e:45:a8:bf:40:e5:8a:6f:5f:f8:0a:ed:a8:0a: ed:b1:c9:8e:b9:b4:15:9b:0d:58:1a:98:10:cf:e1:c2:ce:79: f7:7c:8f:74:b0:92:fa:fa:ed:35:8c:d1:55:5c:3b:f6:12:be: 0c:5a:28:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bekBWigtlh9YGiu890dtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj M2Q1ZGEwHhcNMjUxMjIxMDEwMjI4WhcNMjUxMjIyMDEwMjI4WjAzMTEwLwYDVQQD EyhjYWViMjJkMTg3ODM4YzNjYWI2ZWNmY2FhM2U0MDNlZWQzZmI1ZjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOLEzyuiWaeLbUoreOn68rV4yDQU mRnybRC9+zJPcmlyiwUpl8jCYAapICfFcBcd4JGYZ931zsb3gVSgqheVuBzOYIB0 PIzOqfyqheOemBG09IStyjw4fYHBe3QB+ci/G+Rx2cRboyUSPmmoi+7S9lVfjK7a nyNALOxaihG8TyEroYu0uVvYvfm0TwaGbvJcxxdt75rhRk0JV6eMJLM5ahg27ruN 388K+J5vbctet9uEYLEG3NVD+uWwtw7DElV+CQCmjIdpp0L/Ujmx+JapRPF+DnBo dhjIDZXk7dIagAFnefDel79VkFwhoquxqQ4INAbPyiBeXiXLhBWL9Oi9wQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMrrItGHg4w8q27PyqPkA+7T+197MB8GA1UdIwQY MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaPhzrGEW Bhs3USh2dLmJLi26h51qGjtL/rCwdZE4Kf0t1GB2rR/K7/BVN93QlqLC0fEH1OBQ bhwGpe9lR1EswXXMzrI7zk2FxithbxoVQ8XSF/Jgzj91WzxC+EOmeA8Qexut0AK9 x1BKS4nk7WPfYK9fE9aJpCj5CUSKrfNoIoo8crjF3RP9c7gIkH+Cl+7XmRmT4lnZ HodrXbiY+mECH+LVQeXjb1IxnnCFXPt2KF2CNvf3UajJv4V/i5Rr+o94gauyTfPn Hbgcgy5FqL9A5YpvX/gK7agK7bHJjrm0FZsNWBqYEM/hws5593yPdLCS+vrtNYzR VVw79hK+DFoo8Q== -----END CERTIFICATE-----Generated at Sun Dec 21 05:50:39 2025 by rpki-client