This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft File: nB7k05z6obOseZwX94grjOTigSA.mft (raw, json) Hash identifier: NgUJf9A/ihYPuqeyWPf0Yb7g+y/BsFRf1tr3Lsy2WBY= Subject key identifier: 15:EC:4F:83:F0:D6:4F:AA:E9:84:85:01:93:FE:A0:76:8A:02:27:04 Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20 Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120 Certificate serial: 019B3EDAA8F95AF4E7F9E11479B8E49B38E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft Manifest number: 0A3C Signing time: Sun 21 Dec 2025 03:01:16 +0000 Manifest this update: Sun 21 Dec 2025 03:01:16 +0000 Manifest next update: Mon 22 Dec 2025 03:01:16 +0000 Files and hashes: 1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=) 2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: xw/p7qbgGO4vxyWZa3Zrx959u68wiHwYQBJQqEC1G6k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:a8:f9:5a:f4:e7:f9:e1:14:79:b8:e4:9b:38:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120 Validity Not Before: Dec 21 03:01:16 2025 GMT Not After : Dec 22 03:01:16 2025 GMT Subject: CN=15ec4f83f0d64faae984850193fea0768a022704 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:76:fd:fe:bf:22:51:e5:30:97:f3:39:64:42: 7d:c5:c0:83:d2:8c:57:d7:7d:e1:1a:c2:82:bd:60: 80:2e:3e:90:ab:df:61:56:a5:43:04:0a:8e:e8:af: d1:96:ce:ec:d3:a4:6d:7f:03:a5:b6:e7:77:ac:7b: 50:d9:84:1a:2e:01:e5:c8:56:f5:2e:13:4f:ee:e6: df:05:33:b2:c4:55:77:a5:bc:14:c6:41:f5:bd:e0: f3:4f:b3:78:a0:2a:3a:4c:6e:20:d8:ac:bd:09:64: 20:44:9f:df:49:33:f1:da:0d:6c:94:d2:68:43:8a: c5:db:78:a5:b7:44:be:4c:70:f2:cf:09:86:27:1d: 21:36:1e:0e:e9:97:c6:8e:05:68:24:a7:ff:49:04: c7:3c:5e:0d:89:b4:26:e9:e0:52:62:8c:63:39:76: 90:8b:df:6a:93:1a:04:83:7b:c4:d6:98:30:09:fd: 52:66:fe:77:cd:c1:cf:c0:6a:26:e8:b0:34:66:60: 2a:b4:49:4c:0e:74:17:4b:85:3d:e6:08:e6:69:02: 1d:6d:e9:b8:b9:22:cc:fb:17:bb:67:13:1b:78:d1: e8:7e:63:e3:5a:4b:21:a6:5e:98:df:b5:ab:a2:b7: 72:7a:87:e7:e0:b6:25:26:3f:f1:a3:4a:92:9f:a4: e5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:EC:4F:83:F0:D6:4F:AA:E9:84:85:01:93:FE:A0:76:8A:02:27:04 X509v3 Authority Key Identifier: keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:8f:74:be:15:01:bf:0e:cf:de:b7:97:a1:ec:80:a1:2e:7e: 08:97:2c:42:5c:40:e2:24:7e:76:a5:09:4c:d3:66:0c:4b:52: 7b:0f:1b:7e:98:fb:96:ae:c8:95:8f:0e:fc:89:e8:cb:8e:f2: 68:dc:5b:32:04:2c:92:4c:73:48:87:78:fb:88:59:33:7d:7f: 82:b5:a1:dc:84:bf:19:f7:9e:0a:f9:1d:ca:5b:6a:76:9c:8a: ae:73:2e:59:1b:fa:d2:b4:81:f0:fc:4c:ac:4f:7e:5e:26:04: 3d:36:fb:da:9e:fb:9a:5b:ed:46:d6:55:f4:ff:82:ed:80:e4: 27:79:b0:cc:74:58:67:e3:21:82:9e:4d:fe:8e:c8:c5:50:23: 07:77:00:c8:05:6e:6d:1e:65:e7:67:bf:41:ea:d9:1d:f7:34: d2:c0:39:8c:ca:05:e2:3e:63:1d:ce:29:25:ef:21:13:36:08: 34:71:47:8c:66:c7:29:36:2e:c5:70:3c:e7:ff:8a:62:f3:4e: 60:f2:c0:8a:af:eb:de:9b:ca:1f:6a:26:ce:59:97:43:0a:43: e9:75:b9:36:2b:08:c8:72:ca:de:b5:e6:55:14:39:46:82:87: 0b:82:13:7f:31:ca:59:b4:7f:20:a7:98:9d:d1:23:25:66:78: 60:52:8d:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2qj5WvTn+eEUebjkmzjnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl MjgxMjAwHhcNMjUxMjIxMDMwMTE2WhcNMjUxMjIyMDMwMTE2WjAzMTEwLwYDVQQD EygxNWVjNGY4M2YwZDY0ZmFhZTk4NDg1MDE5M2ZlYTA3NjhhMDIyNzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nb9/r8iUeUwl/M5ZEJ9xcCD0oxX 133hGsKCvWCALj6Qq99hVqVDBAqO6K/Rls7s06RtfwOltud3rHtQ2YQaLgHlyFb1 LhNP7ubfBTOyxFV3pbwUxkH1veDzT7N4oCo6TG4g2Ky9CWQgRJ/fSTPx2g1slNJo Q4rF23ilt0S+THDyzwmGJx0hNh4O6ZfGjgVoJKf/SQTHPF4NibQm6eBSYoxjOXaQ i99qkxoEg3vE1pgwCf1SZv53zcHPwGom6LA0ZmAqtElMDnQXS4U95gjmaQIdbem4 uSLM+xe7ZxMbeNHofmPjWkshpl6Y37Wrordyeofn4LYlJj/xo0qSn6TlnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBXsT4Pw1k+q6YSFAZP+oHaKAicEMB8GA1UdIwQY MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA490vhUB vw7P3reXoeyAoS5+CJcsQlxA4iR+dqUJTNNmDEtSew8bfpj7lq7IlY8O/Inoy47y aNxbMgQskkxzSId4+4hZM31/grWh3IS/GfeeCvkdyltqdpyKrnMuWRv60rSB8PxM rE9+XiYEPTb72p77mlvtRtZV9P+C7YDkJ3mwzHRYZ+Mhgp5N/o7IxVAjB3cAyAVu bR5l52e/QerZHfc00sA5jMoF4j5jHc4pJe8hEzYINHFHjGbHKTYuxXA85/+KYvNO YPLAiq/r3pvKH2omzlmXQwpD6XW5NisIyHLK3rXmVRQ5RoKHC4ITfzHKWbR/IKeY ndEjJWZ4YFKNoA== -----END CERTIFICATE-----Generated at Sun Dec 21 07:58:35 2025 by rpki-client