This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft File: NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json) Hash identifier: bYQi0y9eS/7LDnv7MvrmHP+t+CyoNO006TdhbPT1N0U= Subject key identifier: B1:39:CE:59:67:1A:05:16:EA:D4:AB:F9:83:79:2D:C9:14:8B:69:5F Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B Certificate issuer: /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b Certificate serial: 019B8015AC19541D9E7291ECB4DF0DFFF7A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft Manifest number: 0FB9 Signing time: Fri 02 Jan 2026 19:01:02 +0000 Manifest this update: Fri 02 Jan 2026 19:01:02 +0000 Manifest next update: Sat 03 Jan 2026 19:01:02 +0000 Files and hashes: 1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: ais8QphvQxT+igjqTCw1/5IhcA3IblrXEYOs6XxFeNQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:80:15:ac:19:54:1d:9e:72:91:ec:b4:df:0d:ff:f7:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b Validity Not Before: Jan 2 19:01:02 2026 GMT Not After : Jan 3 19:01:02 2026 GMT Subject: CN=b139ce59671a0516ead4abf983792dc9148b695f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:7c:ac:e5:29:c2:d9:41:96:fd:16:72:a7:a4: 69:0a:77:a9:24:61:a2:ac:c9:5a:60:17:89:b9:17: 85:82:10:26:ca:19:86:a6:e3:3e:c7:8e:04:04:bf: 2b:8b:2d:25:71:7d:e6:0c:47:5e:ce:b2:cd:d8:b4: 04:39:57:2e:ab:93:72:78:04:1e:43:7a:87:f1:93: da:fb:08:59:47:24:82:d2:1c:27:ec:ac:48:07:19: ba:6e:1a:fd:22:07:84:9a:39:34:c1:22:49:56:a2: b1:c9:e6:37:aa:49:93:db:37:da:d2:98:3e:52:53: 70:c2:00:66:8e:f1:a8:1e:83:b1:01:f9:b2:31:b6: b7:c6:f5:60:fe:a3:be:a6:6b:0b:fb:b1:04:69:70: 26:e3:83:12:ae:cd:b4:12:a2:5f:8f:3a:28:e7:af: e8:5a:28:71:a6:89:ca:36:a5:a1:a8:e1:58:3d:65: 5f:98:a1:56:7f:82:55:22:67:ca:09:fd:1e:15:98: 5c:4d:6f:07:2b:16:5b:bf:a7:a2:d3:3b:a9:94:cc: 7c:6a:62:b4:a3:34:43:89:fe:ef:da:fb:a4:71:05: 79:34:e2:93:c6:d3:4d:a1:74:ec:19:d3:98:c1:cc: 12:34:6f:90:76:ff:6d:75:6c:64:df:66:20:01:0c: c1:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:39:CE:59:67:1A:05:16:EA:D4:AB:F9:83:79:2D:C9:14:8B:69:5F X509v3 Authority Key Identifier: keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:b7:4d:da:78:24:db:77:91:b9:2b:7c:e1:2d:b4:28:2c:e4: 71:bb:cc:7b:96:b0:f0:3a:7c:c0:4c:fd:4c:44:e6:ef:bc:5b: ca:bc:ca:22:1a:23:f7:a0:ee:c0:34:0d:16:d0:a1:69:66:df: 7e:b1:a4:0a:26:7c:b1:f5:ae:ab:70:55:d5:44:20:6d:79:d6: d1:95:f7:29:03:ee:93:4f:23:ca:3b:93:76:a4:ab:96:67:2d: 41:05:64:94:8a:62:97:21:1f:b8:de:4f:01:d9:e1:ae:7a:b0: a0:66:0c:a6:6e:0c:dc:d0:2e:e9:36:bf:a8:44:41:84:16:c0: 17:df:6c:d3:2e:e6:54:e2:bb:b1:b7:42:85:28:af:53:6a:fc: 9f:db:f4:c7:c5:3c:11:68:4d:2b:59:24:97:3d:4f:ef:c0:15: 19:11:a2:ef:87:a0:d5:df:ac:9b:43:52:fa:cd:96:f7:74:61: b9:8e:75:f2:86:3d:d9:ae:dd:f5:4f:eb:a1:fa:0b:be:05:b0: 11:1c:04:1a:21:2c:e7:6a:89:92:a5:ad:18:67:69:a5:27:04: ff:d9:ba:e3:a6:3d:26:d5:81:ff:25:52:98:c9:3b:58:0f:4f: 54:9a:8e:02:1d:be:c3:26:72:f6:20:32:06:05:dd:c6:3e:d4: 12:5c:1c:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuAFawZVB2ecpHstN8N//epMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl NTY0NmIwHhcNMjYwMTAyMTkwMTAyWhcNMjYwMTAzMTkwMTAyWjAzMTEwLwYDVQQD EyhiMTM5Y2U1OTY3MWEwNTE2ZWFkNGFiZjk4Mzc5MmRjOTE0OGI2OTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Hys5SnC2UGW/RZyp6RpCnepJGGi rMlaYBeJuReFghAmyhmGpuM+x44EBL8riy0lcX3mDEdezrLN2LQEOVcuq5NyeAQe Q3qH8ZPa+whZRySC0hwn7KxIBxm6bhr9IgeEmjk0wSJJVqKxyeY3qkmT2zfa0pg+ UlNwwgBmjvGoHoOxAfmyMba3xvVg/qO+pmsL+7EEaXAm44MSrs20EqJfjzoo56/o WihxponKNqWhqOFYPWVfmKFWf4JVImfKCf0eFZhcTW8HKxZbv6ei0zuplMx8amK0 ozRDif7v2vukcQV5NOKTxtNNoXTsGdOYwcwSNG+Qdv9tdWxk32YgAQzBeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLE5zllnGgUW6tSr+YN5LckUi2lfMB8GA1UdIwQY MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbdN2ngk 23eRuSt84S20KCzkcbvMe5aw8Dp8wEz9TETm77xbyrzKIhoj96DuwDQNFtChaWbf frGkCiZ8sfWuq3BV1UQgbXnW0ZX3KQPuk08jyjuTdqSrlmctQQVklIpilyEfuN5P AdnhrnqwoGYMpm4M3NAu6Ta/qERBhBbAF99s0y7mVOK7sbdChSivU2r8n9v0x8U8 EWhNK1kklz1P78AVGRGi74eg1d+sm0NS+s2W93RhuY518oY92a7d9U/rofoLvgWw ERwEGiEs52qJkqWtGGdppScE/9m646Y9JtWB/yVSmMk7WA9PVJqOAh2+wyZy9iAy BgXdxj7UElwcAA== -----END CERTIFICATE-----Generated at Sat Jan 3 04:18:25 2026 by rpki-client