This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft File: NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft (raw, json) Hash identifier: MSt3sHy8I//rRcxvsxVNV0YPlqiyNu+FY+HqkwK+foE= Subject key identifier: 5A:DB:29:EA:83:63:81:8F:26:39:83:E1:E4:CD:0A:66:73:76:9B:3B Authority key identifier: 34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46 Certificate issuer: /CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046 Certificate serial: 019B4F6055A5C0F8A5688883DD874362A89B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft Manifest number: 1795 Signing time: Wed 24 Dec 2025 08:01:11 +0000 Manifest this update: Wed 24 Dec 2025 08:01:11 +0000 Manifest next update: Thu 25 Dec 2025 08:01:11 +0000 Files and hashes: 1: NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl (hash: Iimwl1yO2vnCMiV1rdgXYG9K0C70NfWsjsM4Am//e5A=) 2: aDRwFZp3Ye9nOga6oqU2-HxOi5Q.roa (hash: 55fN/khKAT7BHMTfK9zjOz/iWjkXrLDgvWhFUwURpbU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 08:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:60:55:a5:c0:f8:a5:68:88:83:dd:87:43:62:a8:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3432ba1c6d0b02befe68cc94ae9d2de3107a6046 Validity Not Before: Dec 24 08:01:11 2025 GMT Not After : Dec 25 08:01:11 2025 GMT Subject: CN=5adb29ea8363818f263983e1e4cd0a6673769b3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8a:17:9b:cb:a8:04:4e:cd:52:e7:77:25:2e: 1f:d1:a2:d3:2f:ce:79:e5:40:bd:4d:91:96:3f:ac: 43:07:02:2c:9b:ae:37:a9:b3:f6:af:7d:ad:75:dc: b0:93:ed:7c:3a:64:f7:6c:2f:b1:82:e3:31:c4:7f: ad:b9:ab:53:ec:0c:df:90:f3:b3:ec:1e:1c:6c:af: a9:7a:92:dd:a1:5a:4b:99:d4:67:a1:7c:ee:53:a0: 64:e8:ce:75:8a:6a:21:9a:08:41:6e:cc:9d:a3:a8: 27:9a:a4:f1:5d:0c:76:eb:38:2b:d5:be:23:8b:fb: 3c:d5:67:70:24:d2:06:b0:45:3a:8f:8a:7a:92:fb: 1a:fd:c0:84:3d:3f:5f:6d:76:50:4a:76:1a:7f:e7: 58:9b:4a:6c:11:6d:90:0e:08:ab:b6:2c:da:c9:46: 68:b4:b9:00:84:4f:1d:de:2c:75:fc:d4:54:77:1f: e2:98:cb:36:a8:5b:fe:b7:1c:c2:ae:50:b4:0e:5c: 82:d4:af:e4:22:cf:37:97:f6:7f:96:81:7c:d9:25: df:10:9d:c5:4f:10:5e:e0:7c:6b:66:8b:a6:1c:d0: f3:5f:e3:ba:e9:f3:2e:cf:28:52:12:02:bd:09:f9: 66:73:9e:d0:23:96:39:68:94:76:2a:66:82:5c:14: 8e:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:DB:29:EA:83:63:81:8F:26:39:83:E1:E4:CD:0A:66:73:76:9B:3B X509v3 Authority Key Identifier: keyid:34:32:BA:1C:6D:0B:02:BE:FE:68:CC:94:AE:9D:2D:E3:10:7A:60:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDK6HG0LAr7-aMyUrp0t4xB6YEY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/25e17b-824e-4e7d-b3e8-27b87bfbee7b/1/NDK6HG0LAr7-aMyUrp0t4xB6YEY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:24:58:52:a8:26:96:14:6d:fb:e3:59:d7:de:75:b9:ef:aa: f6:3d:35:a4:cd:41:b0:2b:20:4e:4e:74:74:62:24:4e:cd:cf: 93:91:64:b1:27:bc:15:43:e7:1b:2c:b1:d1:bd:dc:0e:8f:c6: 84:56:0b:ca:4b:8c:25:cf:b6:7f:34:90:be:a4:bf:00:49:a1: d5:cd:24:9c:e2:56:98:f3:e5:58:0d:af:79:49:9c:ba:de:40: f8:cf:f9:49:bf:86:eb:fb:23:24:99:0f:3a:cc:f3:78:4c:11: 6d:27:c8:63:3e:35:e3:76:5a:c5:86:f1:82:9e:63:67:59:2f: 90:30:b7:ce:a4:e7:6f:2b:e8:3e:fd:b9:9a:17:57:9e:2a:85: 40:14:39:f8:db:e2:2c:f5:b0:54:81:05:70:22:a2:93:1d:24: 68:69:b2:f1:66:f5:ed:b0:a3:73:46:7f:d6:6c:ed:7f:98:bc: df:9e:db:13:3a:62:31:16:14:ad:41:d8:56:2f:73:2e:ad:c8: eb:12:4d:78:65:41:9e:9f:f7:2f:9a:8a:92:21:4d:5c:80:67: fe:0b:23:d8:24:f7:ad:1c:c2:26:6a:ac:7f:3e:d3:34:5a:41: 04:a4:d9:09:4f:b1:71:5b:2e:10:61:d6:02:6c:df:64:a4:3c: 6e:03:d8:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPYFWlwPilaIiD3YdDYqibMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzJiYTFjNmQwYjAyYmVmZTY4Y2M5NGFlOWQyZGUzMTA3 YTYwNDYwHhcNMjUxMjI0MDgwMTExWhcNMjUxMjI1MDgwMTExWjAzMTEwLwYDVQQD Eyg1YWRiMjllYTgzNjM4MThmMjYzOTgzZTFlNGNkMGE2NjczNzY5YjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYoXm8uoBE7NUud3JS4f0aLTL855 5UC9TZGWP6xDBwIsm643qbP2r32tddywk+18OmT3bC+xguMxxH+tuatT7AzfkPOz 7B4cbK+pepLdoVpLmdRnoXzuU6Bk6M51imohmghBbsydo6gnmqTxXQx26zgr1b4j i/s81WdwJNIGsEU6j4p6kvsa/cCEPT9fbXZQSnYaf+dYm0psEW2QDgirtizayUZo tLkAhE8d3ix1/NRUdx/imMs2qFv+txzCrlC0DlyC1K/kIs83l/Z/loF82SXfEJ3F TxBe4HxrZoumHNDzX+O66fMuzyhSEgK9Cflmc57QI5Y5aJR2KmaCXBSOFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFrbKeqDY4GPJjmD4eTNCmZzdps7MB8GA1UdIwQY MBaAFDQyuhxtCwK+/mjMlK6dLeMQemBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgt MjdiODdiZmJlZTdiLzEvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8yNWUxN2ItODI0ZS00ZTdkLWIzZTgtMjdiODdiZmJlZTdi LzEvTkRLNkhHMExBcjctYU15VXJwMHQ0eEI2WUVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCRYUqgm lhRt++NZ1951ue+q9j01pM1BsCsgTk50dGIkTs3Pk5FksSe8FUPnGyyx0b3cDo/G hFYLykuMJc+2fzSQvqS/AEmh1c0knOJWmPPlWA2veUmcut5A+M/5Sb+G6/sjJJkP OszzeEwRbSfIYz4143ZaxYbxgp5jZ1kvkDC3zqTnbyvoPv25mhdXniqFQBQ5+Nvi LPWwVIEFcCKikx0kaGmy8Wb17bCjc0Z/1mztf5i8357bEzpiMRYUrUHYVi9zLq3I 6xJNeGVBnp/3L5qKkiFNXIBn/gsj2CT3rRzCJmqsfz7TNFpBBKTZCU+xcVsuEGHW AmzfZKQ8bgPYew== -----END CERTIFICATE-----Generated at Wed Dec 24 12:25:54 2025 by rpki-client