This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft File: NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json) Hash identifier: bFY5OBqPdvGclAezAwE/EcM4a+UsCfVvAQRpiYvXqvQ= Subject key identifier: 83:26:45:85:1D:D7:D4:28:84:FA:C3:D0:BC:63:38:71:44:AE:03:52 Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46 Certificate issuer: /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446 Certificate serial: 019B24761A2E01AE387FEDD7FCD56B22AB54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft Manifest number: 0492 Signing time: Tue 16 Dec 2025 00:01:18 +0000 Manifest this update: Tue 16 Dec 2025 00:01:18 +0000 Manifest next update: Wed 17 Dec 2025 00:01:18 +0000 Files and hashes: 1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: O1+WzFsGkyvb1ZHvel0AlE2Pyd4g8F9oQyl804C745U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:76:1a:2e:01:ae:38:7f:ed:d7:fc:d5:6b:22:ab:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446 Validity Not Before: Dec 16 00:01:18 2025 GMT Not After : Dec 17 00:01:18 2025 GMT Subject: CN=832645851dd7d42884fac3d0bc63387144ae0352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:04:3c:f8:d8:14:5a:1d:c2:9f:57:cf:1a:6b: ac:1e:07:96:d5:24:79:f7:a1:68:44:33:73:6d:97: e8:27:a0:94:43:d3:04:24:db:db:06:22:bc:ad:14: 2b:c7:16:d8:08:06:f6:66:64:90:71:1f:1e:97:9a: 7c:72:a5:01:29:a9:ce:e3:a0:8c:19:d3:b5:ae:f8: ba:e9:63:dd:01:20:e0:3b:95:79:54:bf:68:4d:53: cf:32:20:87:1f:a5:dc:bc:76:69:9d:3a:f1:b6:83: d4:67:8a:29:97:98:64:fb:84:41:6c:3e:94:59:de: bb:7a:dd:4f:30:61:9d:f7:5e:a6:b1:5d:5a:57:34: b6:e3:5a:db:fa:6c:46:60:f1:d4:6c:8d:35:f7:6f: b2:6a:13:2a:6a:d5:f0:89:76:a2:7b:dd:95:e7:e4: 6b:d5:09:47:cb:26:f4:dc:1b:cf:db:2d:5d:3c:df: 60:a8:c1:de:4f:68:4e:94:52:2b:4f:b8:0c:04:94: a0:5c:33:10:35:e3:88:f0:b3:42:ae:bc:4b:8f:43: d5:43:90:e4:2e:82:6c:23:4d:e5:f6:84:cc:f5:dc: 8e:6e:ec:bd:8c:d7:72:c5:75:1f:dd:b7:8b:e5:4d: f1:b2:83:de:4e:34:52:5e:06:df:2f:ae:fd:cf:be: 34:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:26:45:85:1D:D7:D4:28:84:FA:C3:D0:BC:63:38:71:44:AE:03:52 X509v3 Authority Key Identifier: keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:f9:1b:5d:66:98:54:32:93:f7:0e:23:60:7a:75:5d:d9:41: 1e:24:97:74:8f:21:71:40:ce:40:32:29:f4:f7:9a:2d:db:75: 5f:1a:85:d8:f7:20:f1:f7:f3:57:78:69:b1:01:9c:9e:d3:1f: 4b:26:53:84:72:5d:91:b0:05:49:89:c0:84:22:a4:63:95:33: 05:2f:01:94:79:60:6f:51:88:ad:18:09:80:0c:78:3f:e8:f1: fe:94:11:38:43:56:9a:86:c2:07:80:5f:09:eb:a2:cb:7a:44: 36:52:d0:25:2c:36:74:d8:94:31:85:85:2b:a3:54:40:ec:7f: 0d:05:10:12:0e:a4:c4:f1:9a:dc:c6:4b:c0:a0:00:17:88:9e: 94:46:51:83:bf:92:7f:e2:b3:f5:5f:ca:e6:cd:d0:aa:79:12: bb:8e:f4:a3:0d:64:a3:76:9a:48:77:9b:3a:c8:a6:8b:d8:9c: c2:e4:0a:9d:44:8b:4f:58:16:f1:de:1f:89:b6:fe:c7:6a:c3: d3:13:e7:6e:cc:76:90:cd:de:f6:ea:59:e6:33:61:03:01:be: a6:ff:40:c1:44:bb:2c:77:0b:5c:4d:69:79:3e:84:53:17:df: b3:8b:53:81:77:24:10:62:bc:fd:ae:a5:34:29:29:bb:b9:2f: 91:56:b7:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskdhouAa44f+3X/NVrIqtUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0 MWY0NDYwHhcNMjUxMjE2MDAwMTE4WhcNMjUxMjE3MDAwMTE4WjAzMTEwLwYDVQQD Eyg4MzI2NDU4NTFkZDdkNDI4ODRmYWMzZDBiYzYzMzg3MTQ0YWUwMzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQQ8+NgUWh3Cn1fPGmusHgeW1SR5 96FoRDNzbZfoJ6CUQ9MEJNvbBiK8rRQrxxbYCAb2ZmSQcR8el5p8cqUBKanO46CM GdO1rvi66WPdASDgO5V5VL9oTVPPMiCHH6XcvHZpnTrxtoPUZ4opl5hk+4RBbD6U Wd67et1PMGGd916msV1aVzS241rb+mxGYPHUbI0192+yahMqatXwiXaie92V5+Rr 1QlHyyb03BvP2y1dPN9gqMHeT2hOlFIrT7gMBJSgXDMQNeOI8LNCrrxLj0PVQ5Dk LoJsI03l9oTM9dyObuy9jNdyxXUf3beL5U3xsoPeTjRSXgbfL679z740pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIMmRYUd19QohPrD0LxjOHFErgNSMB8GA1UdIwQY MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/kbXWaY VDKT9w4jYHp1XdlBHiSXdI8hcUDOQDIp9PeaLdt1XxqF2Pcg8ffzV3hpsQGcntMf SyZThHJdkbAFSYnAhCKkY5UzBS8BlHlgb1GIrRgJgAx4P+jx/pQROENWmobCB4Bf Ceuiy3pENlLQJSw2dNiUMYWFK6NUQOx/DQUQEg6kxPGa3MZLwKAAF4ielEZRg7+S f+Kz9V/K5s3QqnkSu470ow1ko3aaSHebOsimi9icwuQKnUSLT1gW8d4fibb+x2rD 0xPnbsx2kM3e9upZ5jNhAwG+pv9AwUS7LHcLXE1peT6EUxffs4tTgXckEGK8/a6l NCkpu7kvkVa35A== -----END CERTIFICATE-----Generated at Tue Dec 16 04:38:19 2025 by rpki-client