This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.mft File: NIA6LPKQsL3Gmt3AA9VkojSqT3Y.mft (raw, json) Hash identifier: +2cDL9+zQUqWx3R4ZgsHHW/KEdnQeaKcAGsXF8Xj9So= Subject key identifier: DA:7C:7C:47:B6:C9:12:F0:E7:5F:95:FD:9A:94:19:06:A7:E8:6D:70 Authority key identifier: 34:80:3A:2C:F2:90:B0:BD:C6:9A:DD:C0:03:D5:64:A2:34:AA:4F:76 Certificate issuer: /CN=34803a2cf290b0bdc69addc003d564a234aa4f76 Certificate serial: 019B514E56692CAF987EEB3F938C5E2087D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.mft Manifest number: 1228 Signing time: Wed 24 Dec 2025 17:00:46 +0000 Manifest this update: Wed 24 Dec 2025 17:00:46 +0000 Manifest next update: Thu 25 Dec 2025 17:00:46 +0000 Files and hashes: 1: JscmxGl_L2E7JnV0mfv32RHUpNw.roa (hash: 8j6EFW05T3ckFd0k6CAkZlDvS05KieVcVNbYKlWGlos=) 2: NIA6LPKQsL3Gmt3AA9VkojSqT3Y.crl (hash: bj5StrvXJR0Wu3r8qJUZXfpaWrfmPd0oXEybjwgK2Dw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.mft rsync://rpki.ripe.net/repository/DEFAULT/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:4e:56:69:2c:af:98:7e:eb:3f:93:8c:5e:20:87:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34803a2cf290b0bdc69addc003d564a234aa4f76 Validity Not Before: Dec 24 17:00:46 2025 GMT Not After : Dec 25 17:00:46 2025 GMT Subject: CN=da7c7c47b6c912f0e75f95fd9a941906a7e86d70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b1:34:7d:1d:ec:a2:32:7d:db:4a:69:11:fe: 57:e7:f4:a5:8c:06:7e:3f:90:a6:1b:d7:0b:8c:df: a7:07:da:a5:2a:bb:04:d2:38:5e:d1:ef:ec:c3:af: e6:ef:47:74:cd:76:66:d3:6d:2d:af:73:a3:9c:c3: fa:6b:f1:b7:44:c2:06:97:e5:61:6c:86:80:40:73: 6b:81:1b:ce:d3:2c:fc:e2:47:4a:e0:20:b4:f0:84: 7d:ac:b4:b3:8e:a8:cb:8c:3a:49:63:56:65:66:f5: 4d:22:2e:6f:17:f6:a0:c5:cf:96:1a:1c:3b:ea:e3: 66:3d:1d:25:fc:e8:30:1c:db:93:c3:24:7d:f2:12: e5:82:81:54:2d:e1:c9:92:4c:a3:b2:25:63:77:fb: 1a:07:30:ee:d8:b0:24:0f:f0:24:ca:7d:dd:49:b9: 62:52:cc:ef:97:cc:0f:3c:69:88:c1:d4:08:3e:4a: 0e:16:ad:7d:97:2b:3e:d5:ce:50:fb:ae:1d:94:fd: 1f:32:29:2b:cd:bf:33:cd:47:88:af:07:c2:38:80: 97:77:99:de:1f:1a:c6:a1:7c:6b:2f:49:1c:28:10: d0:76:74:74:cc:40:2a:9d:39:f2:75:81:78:11:14: 0e:de:4b:d6:7e:9f:fb:a7:ff:35:37:47:9c:57:7d: a7:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:7C:7C:47:B6:C9:12:F0:E7:5F:95:FD:9A:94:19:06:A7:E8:6D:70 X509v3 Authority Key Identifier: keyid:34:80:3A:2C:F2:90:B0:BD:C6:9A:DD:C0:03:D5:64:A2:34:AA:4F:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/fe6234-6437-4967-ba63-85c3fa79ebc1/1/NIA6LPKQsL3Gmt3AA9VkojSqT3Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:e1:aa:4d:78:d8:19:f7:b2:7d:d2:bb:91:0c:20:79:12:26: e5:46:56:b8:7e:fd:bf:0d:e5:f5:8c:09:86:70:c2:8f:c6:b7: c0:e0:e3:da:ab:d1:d4:90:39:7e:cc:60:af:97:04:37:ea:2e: d5:52:9f:20:9b:0a:4b:c2:35:ba:1d:8f:4e:09:72:0f:ef:41: fd:6e:73:f7:e1:92:9e:1d:d2:e0:38:0f:b0:9b:bc:8b:3d:7a: 2b:98:5c:45:da:34:10:b9:47:d5:e0:27:cb:43:d7:af:8b:6d: b4:84:5c:0b:ae:1e:12:50:f3:2f:ac:9d:a3:7b:26:33:1b:34: 4a:80:1f:1a:d9:74:56:46:6d:3f:7f:21:54:48:bd:e3:14:66: 8b:cc:9e:3e:a3:d3:b6:66:55:4f:63:ab:82:27:a6:e5:39:4d: 48:87:f4:57:ff:2b:e1:3b:36:19:97:d8:72:a5:c1:71:f7:42: 8a:62:29:51:c9:b9:1a:7e:d9:a3:ae:06:97:29:13:ae:5d:08: 4d:37:70:eb:22:fd:2f:d3:6e:7c:8e:c2:65:4a:0f:11:45:9b: 5b:4a:0e:be:77:48:d4:16:58:a6:55:6c:b8:bc:dc:09:74:47: 1a:db:1f:19:58:0e:3d:43:c8:8a:2b:8c:65:df:ee:85:c4:f9: c7:42:13:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRTlZpLK+Yfus/k4xeIIfZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0ODAzYTJjZjI5MGIwYmRjNjlhZGRjMDAzZDU2NGEyMzRh YTRmNzYwHhcNMjUxMjI0MTcwMDQ2WhcNMjUxMjI1MTcwMDQ2WjAzMTEwLwYDVQQD EyhkYTdjN2M0N2I2YzkxMmYwZTc1Zjk1ZmQ5YTk0MTkwNmE3ZTg2ZDcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbE0fR3sojJ920ppEf5X5/SljAZ+ P5CmG9cLjN+nB9qlKrsE0jhe0e/sw6/m70d0zXZm020tr3OjnMP6a/G3RMIGl+Vh bIaAQHNrgRvO0yz84kdK4CC08IR9rLSzjqjLjDpJY1ZlZvVNIi5vF/agxc+WGhw7 6uNmPR0l/OgwHNuTwyR98hLlgoFULeHJkkyjsiVjd/saBzDu2LAkD/Akyn3dSbli Uszvl8wPPGmIwdQIPkoOFq19lys+1c5Q+64dlP0fMikrzb8zzUeIrwfCOICXd5ne HxrGoXxrL0kcKBDQdnR0zEAqnTnydYF4ERQO3kvWfp/7p/81N0ecV32nTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNp8fEe2yRLw51+V/ZqUGQan6G1wMB8GA1UdIwQY MBaAFDSAOizykLC9xprdwAPVZKI0qk92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTklBNkxQS1FzTDNHbXQzQUE5VmtvalNxVDNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mZTYyMzQtNjQzNy00OTY3LWJhNjMt ODVjM2ZhNzllYmMxLzEvTklBNkxQS1FzTDNHbXQzQUE5VmtvalNxVDNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9mZTYyMzQtNjQzNy00OTY3LWJhNjMtODVjM2ZhNzllYmMx LzEvTklBNkxQS1FzTDNHbXQzQUE5VmtvalNxVDNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlOGqTXjY GfeyfdK7kQwgeRIm5UZWuH79vw3l9YwJhnDCj8a3wODj2qvR1JA5fsxgr5cEN+ou 1VKfIJsKS8I1uh2PTglyD+9B/W5z9+GSnh3S4DgPsJu8iz16K5hcRdo0ELlH1eAn y0PXr4tttIRcC64eElDzL6ydo3smMxs0SoAfGtl0VkZtP38hVEi94xRmi8yePqPT tmZVT2Orgiem5TlNSIf0V/8r4Ts2GZfYcqXBcfdCimIpUcm5Gn7Zo64GlykTrl0I TTdw6yL9L9NufI7CZUoPEUWbW0oOvndI1BZYplVsuLzcCXRHGtsfGVgOPUPIiiuM Zd/uhcT5x0IT4Q== -----END CERTIFICATE-----Generated at Wed Dec 24 23:19:22 2025 by rpki-client