This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft File: NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json) Hash identifier: Qqu9kk3Tr+dUaFXDRHBkKVjJGKCL7y8RUfHKI6iHt1Q= Subject key identifier: EA:BB:21:19:23:B7:87:91:5E:78:2B:1A:38:39:53:68:0D:AA:46:DF Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 Certificate issuer: /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Certificate serial: 019B405C8611CBC7D6BE420514CD94B61733 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft Manifest number: 1785 Signing time: Sun 21 Dec 2025 10:02:43 +0000 Manifest this update: Sun 21 Dec 2025 10:02:43 +0000 Manifest next update: Mon 22 Dec 2025 10:02:43 +0000 Files and hashes: 1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: M8etsJHv5aS0h6Pr1rF++u5tr4aqXHi4JRbvmt62crM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:86:11:cb:c7:d6:be:42:05:14:cd:94:b6:17:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72 Validity Not Before: Dec 21 10:02:43 2025 GMT Not After : Dec 22 10:02:43 2025 GMT Subject: CN=eabb211923b787915e782b1a383953680daa46df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:06:47:24:fb:cb:25:1d:75:59:e6:16:0a:0c: 0b:d0:7a:75:ed:58:e3:f7:28:2b:b9:0d:3a:67:9c: 1e:cf:ac:09:5b:ef:53:1f:58:81:17:38:55:f4:2f: 09:b4:ae:66:af:d7:e7:1f:3d:5c:24:c8:3b:84:a9: dc:b0:cc:0e:6c:a7:41:7f:84:bb:74:34:54:28:9b: a7:54:4b:fc:8a:b6:d3:67:b1:48:3a:4f:2e:ae:1c: 0a:32:71:c2:84:f7:62:7e:1a:ff:06:ab:08:ee:dc: 3d:a1:90:b8:11:ac:6e:0f:a5:b5:b6:59:50:90:ab: 68:37:ad:fa:95:35:56:cd:04:76:ca:0f:ef:10:68: 68:22:fd:c2:e5:c4:5a:d6:58:5b:1f:53:f7:5e:f5: 8d:a6:a1:f6:f6:52:fe:54:f2:23:b8:3c:5b:20:2b: f9:89:68:f6:02:84:77:a1:ae:05:99:1f:f9:2d:16: 41:12:0e:0c:8f:5b:d3:72:75:76:70:32:e4:8e:da: f0:87:ae:c8:67:50:99:af:a8:8b:12:97:1a:08:00: 8c:75:fb:a2:e6:e9:15:d9:31:d5:ba:49:0f:12:c5: ae:fe:c4:20:4a:d5:a3:63:ca:cf:ed:47:8f:4f:f0: e6:e8:d9:91:83:90:70:3b:0e:c5:c4:fc:58:24:d6: 0c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:BB:21:19:23:B7:87:91:5E:78:2B:1A:38:39:53:68:0D:AA:46:DF X509v3 Authority Key Identifier: keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:31:a9:c5:25:e8:5f:6b:15:74:58:52:f0:1e:54:ab:0f:0a: d8:2c:00:d3:a0:c3:90:b2:d9:12:8b:99:71:f1:c6:bb:5e:ea: cc:9c:e5:ab:d6:63:d5:b8:4f:97:83:e5:23:3c:9c:ed:9a:8e: 54:77:aa:ac:ec:eb:e8:69:b3:2b:0e:26:d2:ea:20:45:6c:5c: bd:29:d8:06:b3:06:fa:7a:e2:4d:44:bf:b8:f9:f3:5a:93:70: 95:bf:84:46:73:c3:6e:cd:1c:4c:1a:15:2c:f9:0c:5d:64:ff: 9c:27:1c:44:2a:dd:a9:ad:56:ca:2c:81:5f:c1:0c:42:bc:63: 95:09:9a:5d:ae:03:2d:09:23:d6:84:03:b2:e6:99:08:f2:5f: 01:46:7c:43:99:1f:bc:b6:32:d9:26:67:cb:68:89:e4:a4:f5: ef:d5:61:a2:b9:86:6f:bd:09:d8:de:d0:06:34:e8:67:9f:e2: ff:f6:b7:3e:22:13:17:45:8c:55:e6:ff:f0:be:7e:07:9f:8c: 4f:24:23:5b:c8:46:ca:3e:94:b4:4c:20:e6:c7:d6:30:19:99: 1b:c9:32:7a:c5:af:3e:e0:ed:aa:fb:ac:ea:50:e5:a8:b5:c9: 12:59:d7:03:3f:e0:ba:35:5a:d3:31:a3:0f:c2:71:ff:61:bd: a4:42:89:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXIYRy8fWvkIFFM2UthczMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh ZDlkNzIwHhcNMjUxMjIxMTAwMjQzWhcNMjUxMjIyMTAwMjQzWjAzMTEwLwYDVQQD EyhlYWJiMjExOTIzYjc4NzkxNWU3ODJiMWEzODM5NTM2ODBkYWE0NmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwZHJPvLJR11WeYWCgwL0Hp17Vjj 9ygruQ06Z5wez6wJW+9TH1iBFzhV9C8JtK5mr9fnHz1cJMg7hKncsMwObKdBf4S7 dDRUKJunVEv8irbTZ7FIOk8urhwKMnHChPdifhr/BqsI7tw9oZC4EaxuD6W1tllQ kKtoN636lTVWzQR2yg/vEGhoIv3C5cRa1lhbH1P3XvWNpqH29lL+VPIjuDxbICv5 iWj2AoR3oa4FmR/5LRZBEg4Mj1vTcnV2cDLkjtrwh67IZ1CZr6iLEpcaCACMdfui 5ukV2THVukkPEsWu/sQgStWjY8rP7UePT/Dm6NmRg5BwOw7FxPxYJNYMRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOq7IRkjt4eRXngrGjg5U2gNqkbfMB8GA1UdIwQY MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzGpxSXo X2sVdFhS8B5Uqw8K2CwA06DDkLLZEouZcfHGu17qzJzlq9Zj1bhPl4PlIzyc7ZqO VHeqrOzr6GmzKw4m0uogRWxcvSnYBrMG+nriTUS/uPnzWpNwlb+ERnPDbs0cTBoV LPkMXWT/nCccRCrdqa1WyiyBX8EMQrxjlQmaXa4DLQkj1oQDsuaZCPJfAUZ8Q5kf vLYy2SZny2iJ5KT179VhormGb70J2N7QBjToZ5/i//a3PiITF0WMVeb/8L5+B5+M TyQjW8hGyj6UtEwg5sfWMBmZG8kyesWvPuDtqvus6lDlqLXJElnXAz/gujVa0zGj D8Jx/2G9pEKJsA== -----END CERTIFICATE-----Generated at Sun Dec 21 13:54:21 2025 by rpki-client