This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft File: NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json) Hash identifier: cMEqjN4v+4TrEyQxB2/ENkMKBIN5ktsh/d57Bi+MuvI= Subject key identifier: 30:4C:63:55:07:BF:68:58:77:24:83:5B:3C:8E:E6:04:7A:21:C4:7C Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85 Certificate issuer: /CN=3466e497e8ba92830847b4d8b6710325d23bda85 Certificate serial: 019B6D6A588A7351B50F8D5FE981647324CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft Manifest number: 0800 Signing time: Tue 30 Dec 2025 04:00:44 +0000 Manifest this update: Tue 30 Dec 2025 04:00:44 +0000 Manifest next update: Wed 31 Dec 2025 04:00:44 +0000 Files and hashes: 1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: TrpN5RkW9TscuFSfx7aeTTRyq8axgvWhSp5OfBUuscw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:6a:58:8a:73:51:b5:0f:8d:5f:e9:81:64:73:24:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85 Validity Not Before: Dec 30 04:00:44 2025 GMT Not After : Dec 31 04:00:44 2025 GMT Subject: CN=304c635507bf68587724835b3c8ee6047a21c47c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:58:fa:48:e9:e1:7c:a4:eb:dd:d7:8e:76:e5: cf:0c:80:5e:5e:50:09:7f:00:83:d1:b2:61:c1:19: 76:38:86:8c:ab:9b:8b:8a:9f:3d:19:2a:26:de:74: be:f5:35:dc:64:ef:43:6b:d7:5c:f2:34:c1:d4:e4: 49:91:42:ed:1f:9f:8c:5d:fc:8e:90:60:df:2a:cb: 3a:6c:40:80:71:db:5f:6f:d3:dd:04:48:4d:ea:9d: 3d:5b:eb:53:b5:98:05:67:77:70:91:12:1d:1c:3b: c7:c5:3e:05:85:03:9d:98:77:27:ea:96:31:55:0d: 80:08:1a:f9:6c:24:c6:d6:fc:5b:87:7d:a8:77:3f: db:fa:e9:25:84:71:d1:89:ed:05:36:c9:45:35:4c: 3b:81:58:81:f9:06:4a:4e:39:d2:0e:e1:f9:af:b8: f7:7d:d0:99:d5:5d:92:dc:2b:92:c8:cd:11:62:ef: 6a:5e:5a:b9:1b:ed:36:47:b9:02:e4:02:6e:64:cf: 86:1d:aa:7d:e0:a8:9b:51:85:dd:07:b0:87:03:30: d9:ac:d5:02:98:69:c4:6b:7b:e2:f7:e5:0c:fb:77: 9c:f6:21:3c:4b:e3:17:15:ef:95:65:81:b5:c9:ba: 7c:65:70:67:86:69:cd:8d:4d:f9:fa:3c:71:da:4b: 84:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:4C:63:55:07:BF:68:58:77:24:83:5B:3C:8E:E6:04:7A:21:C4:7C X509v3 Authority Key Identifier: keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:58:e4:bf:60:7e:08:9b:4b:87:62:6b:5e:6d:6c:76:25:b2: 76:9b:64:74:46:fb:7f:c8:eb:b7:da:8e:65:76:8b:99:d6:1c: 68:39:1d:21:41:29:87:1c:90:3f:61:22:39:f3:ef:ad:d5:c4: e9:48:1f:6b:2a:d6:42:32:1d:18:97:50:12:8d:73:7a:75:88: 0b:3e:ae:7c:2a:85:9d:5e:69:2f:2a:d3:ef:5e:06:47:ad:4b: ad:18:b2:ff:1e:7a:6d:ee:46:b9:58:a8:2d:92:25:70:e2:0f: 75:02:fe:70:4c:26:3f:16:18:f7:43:35:28:24:03:01:36:de: d2:bb:a7:4e:e1:26:72:dd:83:5c:17:b4:de:4c:a7:bc:87:2a: 82:06:b0:13:7f:e4:b0:f4:b8:2e:24:88:e3:15:fe:07:90:c6: d0:ab:1f:df:9c:8e:36:3f:13:31:12:de:a3:f1:7b:5f:c2:00: 00:36:3f:a5:f1:ed:f0:03:c8:33:aa:52:23:0d:e4:6b:ff:07: e2:be:26:dd:b0:2d:d2:2d:d5:92:bd:7c:7a:31:fe:6c:70:9e: 0d:f9:63:40:e2:de:28:04:8b:f3:81:b8:ed:33:db:dd:f9:02: c5:85:f7:86:b7:a2:56:da:68:3e:f7:fe:1d:23:63:84:5a:3a: 11:24:b1:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttaliKc1G1D41f6YFkcyTOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz YmRhODUwHhcNMjUxMjMwMDQwMDQ0WhcNMjUxMjMxMDQwMDQ0WjAzMTEwLwYDVQQD EygzMDRjNjM1NTA3YmY2ODU4NzcyNDgzNWIzYzhlZTYwNDdhMjFjNDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1j6SOnhfKTr3deOduXPDIBeXlAJ fwCD0bJhwRl2OIaMq5uLip89GSom3nS+9TXcZO9Da9dc8jTB1ORJkULtH5+MXfyO kGDfKss6bECAcdtfb9PdBEhN6p09W+tTtZgFZ3dwkRIdHDvHxT4FhQOdmHcn6pYx VQ2ACBr5bCTG1vxbh32odz/b+uklhHHRie0FNslFNUw7gViB+QZKTjnSDuH5r7j3 fdCZ1V2S3CuSyM0RYu9qXlq5G+02R7kC5AJuZM+GHap94KibUYXdB7CHAzDZrNUC mGnEa3vi9+UM+3ec9iE8S+MXFe+VZYG1ybp8ZXBnhmnNjU35+jxx2kuE1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDBMY1UHv2hYdySDWzyO5gR6IcR8MB8GA1UdIwQY MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVjkv2B+ CJtLh2JrXm1sdiWydptkdEb7f8jrt9qOZXaLmdYcaDkdIUEphxyQP2EiOfPvrdXE 6UgfayrWQjIdGJdQEo1zenWICz6ufCqFnV5pLyrT714GR61LrRiy/x56be5GuVio LZIlcOIPdQL+cEwmPxYY90M1KCQDATbe0runTuEmct2DXBe03kynvIcqggawE3/k sPS4LiSI4xX+B5DG0Ksf35yONj8TMRLeo/F7X8IAADY/pfHt8APIM6pSIw3ka/8H 4r4m3bAt0i3Vkr18ejH+bHCeDfljQOLeKASL84G47TPb3fkCxYX3hreiVtpoPvf+ HSNjhFo6ESSxUA== -----END CERTIFICATE-----Generated at Tue Dec 30 06:20:56 2025 by rpki-client