This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft File: nSAoCNH5FFVeG9WcFncof_mztZA.mft (raw, json) Hash identifier: Ie4CCSK3VodU9mxujcqsH12HTA9TrNpL+toj7MPEiWo= Subject key identifier: C3:3E:16:F4:AE:6F:DA:28:6A:5E:B7:B9:0B:E5:0C:23:43:21:15:8A Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 Certificate issuer: /CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Certificate serial: 019B3CB4A344C1B7189C8AB90B26CFC41700 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft Manifest number: 1192 Signing time: Sat 20 Dec 2025 17:00:29 +0000 Manifest this update: Sat 20 Dec 2025 17:00:29 +0000 Manifest next update: Sun 21 Dec 2025 17:00:29 +0000 Files and hashes: 1: nSAoCNH5FFVeG9WcFncof_mztZA.crl (hash: PfPWNGjQINsWedQMtSo8Dd3tcuF7k5p24RepUU+J7SQ=) 2: qztp8oOkrsOnZQZ-AVesJkd8gBA.roa (hash: w8j5kLnBBDJA6YAxwk7yr2iHlxdseJ2t5FGwhKWuj0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:a3:44:c1:b7:18:9c:8a:b9:0b:26:cf:c4:17:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Validity Not Before: Dec 20 17:00:29 2025 GMT Not After : Dec 21 17:00:29 2025 GMT Subject: CN=c33e16f4ae6fda286a5eb7b90be50c234321158a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:65:6b:d3:4a:5c:ab:32:e0:be:54:07:68:7c: c7:b5:b7:63:5e:95:cf:01:cc:bf:1d:2e:a0:24:75: 39:ed:0f:95:3c:6a:26:c7:92:66:ab:54:c4:6c:ea: c7:6a:d3:64:5e:14:67:22:d8:ff:a1:7b:65:09:51: 33:65:e8:7b:01:b1:17:50:30:87:e1:b2:1c:2b:08: d5:43:09:2f:04:02:fe:b7:6a:59:27:20:bb:c2:2a: ac:64:aa:c8:3d:ce:c1:a8:01:39:d7:9e:2f:8b:6a: 8f:7e:1a:dc:28:af:62:e6:98:9c:27:8e:0d:60:46: 1d:ab:0c:c9:3e:9d:f4:c4:d4:c0:35:7b:e7:b1:61: 8d:90:42:4b:a6:5f:05:b8:66:25:6b:97:d1:f0:7d: 98:91:e5:8b:eb:df:ae:24:ae:b9:98:39:bd:8d:96: e0:32:35:a5:23:b5:ce:18:21:8a:41:ac:28:52:4e: 4b:49:97:d5:76:09:74:9f:d0:ba:d6:f8:fe:f6:78: 13:83:a2:e5:0d:f0:2e:5e:8e:c9:79:34:ff:df:c8: 70:43:f3:e6:8f:75:ba:33:8e:0a:b4:c7:81:c7:03: 11:1f:9a:17:a3:8a:fd:ab:3e:35:44:5c:3d:14:ce: 64:5e:7f:02:67:6a:5c:fe:d8:0f:2e:8e:e5:58:c4: d1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:3E:16:F4:AE:6F:DA:28:6A:5E:B7:B9:0B:E5:0C:23:43:21:15:8A X509v3 Authority Key Identifier: keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption be:f2:21:e9:b3:96:7a:59:85:4c:99:08:0c:1f:0a:15:97:59: 32:f8:72:b0:59:5a:fd:23:84:0f:a7:9a:df:85:a7:af:7f:87: 36:76:1b:ec:34:e9:7d:7e:15:dd:88:10:5e:01:30:c4:2c:d9: 69:13:e5:37:80:2b:17:42:85:fa:f4:3f:60:42:dc:cd:1f:1d: 3e:f3:89:12:19:59:67:6a:0e:88:d0:c3:b3:05:1e:7c:39:4a: f6:9c:fc:a8:b0:11:ae:19:91:e1:a1:de:93:b2:3e:08:aa:fb: 4c:bd:bc:b2:84:fb:b1:58:3d:e6:5e:75:30:36:0b:40:7b:9a: 3a:46:d6:83:6e:83:3b:d2:1b:48:0b:e5:c8:0b:66:c1:66:75: f0:c0:fb:92:d9:77:e4:95:a7:7c:05:ae:70:42:9c:45:e4:18: c0:4c:f3:ef:d7:b6:91:be:7e:c1:2d:15:24:82:47:57:e0:8b: 47:ab:33:13:85:b2:61:b2:99:6f:6f:20:6f:f5:89:53:d8:2b: 88:36:fb:37:0e:9e:50:e1:88:a8:57:2d:7f:f3:13:b5:7f:1f: 58:60:53:d4:bd:ec:d1:28:a3:d1:37:de:36:8e:25:74:e1:b0: a7:b6:f7:2f:1b:32:31:7e:0f:5f:6f:c9:2d:07:4b:09:80:8e: a8:77:69:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tKNEwbcYnIq5CybPxBcAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli M2I1OTAwHhcNMjUxMjIwMTcwMDI5WhcNMjUxMjIxMTcwMDI5WjAzMTEwLwYDVQQD EyhjMzNlMTZmNGFlNmZkYTI4NmE1ZWI3YjkwYmU1MGMyMzQzMjExNThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02Vr00pcqzLgvlQHaHzHtbdjXpXP Acy/HS6gJHU57Q+VPGomx5Jmq1TEbOrHatNkXhRnItj/oXtlCVEzZeh7AbEXUDCH 4bIcKwjVQwkvBAL+t2pZJyC7wiqsZKrIPc7BqAE5154vi2qPfhrcKK9i5picJ44N YEYdqwzJPp30xNTANXvnsWGNkEJLpl8FuGYla5fR8H2YkeWL69+uJK65mDm9jZbg MjWlI7XOGCGKQawoUk5LSZfVdgl0n9C61vj+9ngTg6LlDfAuXo7JeTT/38hwQ/Pm j3W6M44KtMeBxwMRH5oXo4r9qz41RFw9FM5kXn8CZ2pc/tgPLo7lWMTRpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMM+FvSub9ooal63uQvlDCNDIRWKMB8GA1UdIwQY MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt ODgwYjJkZjU3ZjI1LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1 LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvvIh6bOW elmFTJkIDB8KFZdZMvhysFla/SOED6ea34Wnr3+HNnYb7DTpfX4V3YgQXgEwxCzZ aRPlN4ArF0KF+vQ/YELczR8dPvOJEhlZZ2oOiNDDswUefDlK9pz8qLARrhmR4aHe k7I+CKr7TL28soT7sVg95l51MDYLQHuaOkbWg26DO9IbSAvlyAtmwWZ18MD7ktl3 5JWnfAWucEKcReQYwEzz79e2kb5+wS0VJIJHV+CLR6szE4WyYbKZb28gb/WJU9gr iDb7Nw6eUOGIqFctf/MTtX8fWGBT1L3s0Sij0TfeNo4ldOGwp7b3LxsyMX4PX2/J LQdLCYCOqHdpZQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:59:48 2025 by rpki-client