This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft File: Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json) Hash identifier: IwR0zl1+2ObVWoOViUj3oN6S2kKjxXiw5ddqEtveHMg= Subject key identifier: 05:D0:2B:4A:8C:E2:E3:57:EC:B5:24:14:78:FB:97:D5:FC:EE:32:32 Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90 Certificate issuer: /CN=362af487954c9b96a6e75c258d0437a38449ba90 Certificate serial: 019B3343E5F08D07CE43CB26CDF34E445B24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft Manifest number: 162F Signing time: Thu 18 Dec 2025 21:00:46 +0000 Manifest this update: Thu 18 Dec 2025 21:00:46 +0000 Manifest next update: Fri 19 Dec 2025 21:00:46 +0000 Files and hashes: 1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: 3QT6NBZNHwShc2Y27f404TfGTZ0ke4zqG5jiWVlu0UA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:43:e5:f0:8d:07:ce:43:cb:26:cd:f3:4e:44:5b:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90 Validity Not Before: Dec 18 21:00:46 2025 GMT Not After : Dec 19 21:00:46 2025 GMT Subject: CN=05d02b4a8ce2e357ecb5241478fb97d5fcee3232 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:39:62:fa:e7:77:9b:29:71:3f:2c:54:92:93: b4:69:e1:e9:a8:63:e4:de:56:41:c0:a6:db:55:fb: 61:9f:54:d3:30:92:b8:13:66:9b:14:95:f0:ca:37: 3f:70:77:aa:f7:52:7a:f1:b5:0f:87:98:80:44:10: 96:c3:45:50:52:da:d9:a4:9d:d7:72:a5:f0:bd:84: 7f:1d:57:b6:aa:47:0b:a3:f4:19:a9:06:eb:c0:d6: b0:b7:35:42:5c:5b:13:08:77:f6:c5:75:d7:4e:df: a9:bf:7e:a7:c0:d5:77:ed:d0:45:10:40:24:3a:4c: 01:b0:22:9e:99:75:89:dd:6a:53:3c:33:a1:c4:78: 58:8b:95:d8:4e:4b:8f:42:1a:45:c1:7f:9b:53:34: 2d:cd:79:74:68:5c:36:a7:94:13:45:84:4a:7c:54: 44:aa:00:7d:8c:8c:53:a0:42:2a:33:fe:06:3f:ab: 5d:78:15:22:a2:29:ff:48:0d:14:90:a4:f2:70:0a: d2:83:de:40:26:01:5b:dd:86:75:b8:22:0a:58:7b: 2e:60:b6:ae:53:dc:ef:15:9c:40:fb:64:55:03:d1: cb:d4:2c:9e:8a:0f:69:d9:92:1f:8d:c5:7d:c8:d9: 7a:c7:1e:aa:af:8f:b6:7f:85:8d:63:3f:4f:2c:51: 30:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:D0:2B:4A:8C:E2:E3:57:EC:B5:24:14:78:FB:97:D5:FC:EE:32:32 X509v3 Authority Key Identifier: keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:77:00:8e:c2:ce:82:ea:74:64:7a:ff:91:45:df:3b:83:36: b8:1f:8c:88:9c:e1:f1:8c:08:3e:99:8d:21:30:d3:34:71:91: 00:26:db:ec:44:45:91:f8:3b:f8:6b:f6:53:1e:20:68:bc:d9: 17:d3:d9:9e:3a:09:e7:28:b8:2e:92:29:eb:a0:f3:6b:9f:d1: 01:b3:93:74:45:26:3e:04:cc:fb:6d:57:30:e8:0a:4d:ee:2c: 5e:ad:4a:d9:73:ff:c4:e6:61:1b:91:02:2a:19:7e:b5:77:f5: 6f:94:64:d5:45:7c:df:34:a8:36:78:e1:91:18:b5:6e:c7:4f: 8a:b6:dc:54:52:05:eb:aa:58:1e:52:3a:eb:af:35:fc:b6:12: 0e:ed:e6:49:71:cd:cd:89:c4:b7:16:ae:86:8b:56:30:61:e6: 7e:9c:c1:7c:26:05:46:97:41:69:db:61:33:b4:96:20:bd:3e: 10:33:5c:ea:fa:16:03:db:a8:4f:4c:91:40:25:1e:a8:8f:0e: 47:74:6e:c1:d1:a1:2c:67:a2:98:6d:26:41:5a:00:d7:81:ed: 75:52:6d:ff:40:e0:9f:39:cd:0a:e7:cb:cd:90:6f:e7:6b:46: 63:a7:83:bb:29:70:b3:98:ba:4a:05:e8:c6:be:a4:d1:d6:19: 06:1b:fb:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszQ+XwjQfOQ8smzfNORFskMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0 OWJhOTAwHhcNMjUxMjE4MjEwMDQ2WhcNMjUxMjE5MjEwMDQ2WjAzMTEwLwYDVQQD EygwNWQwMmI0YThjZTJlMzU3ZWNiNTI0MTQ3OGZiOTdkNWZjZWUzMjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tli+ud3mylxPyxUkpO0aeHpqGPk 3lZBwKbbVfthn1TTMJK4E2abFJXwyjc/cHeq91J68bUPh5iARBCWw0VQUtrZpJ3X cqXwvYR/HVe2qkcLo/QZqQbrwNawtzVCXFsTCHf2xXXXTt+pv36nwNV37dBFEEAk OkwBsCKemXWJ3WpTPDOhxHhYi5XYTkuPQhpFwX+bUzQtzXl0aFw2p5QTRYRKfFRE qgB9jIxToEIqM/4GP6tdeBUioin/SA0UkKTycArSg95AJgFb3YZ1uCIKWHsuYLau U9zvFZxA+2RVA9HL1Cyeig9p2ZIfjcV9yNl6xx6qr4+2f4WNYz9PLFEw6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXQK0qM4uNX7LUkFHj7l9X87jIyMB8GA1UdIwQY MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2 LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlncAjsLO gup0ZHr/kUXfO4M2uB+MiJzh8YwIPpmNITDTNHGRACbb7ERFkfg7+Gv2Ux4gaLzZ F9PZnjoJ5yi4LpIp66Dza5/RAbOTdEUmPgTM+21XMOgKTe4sXq1K2XP/xOZhG5EC Khl+tXf1b5Rk1UV83zSoNnjhkRi1bsdPirbcVFIF66pYHlI66681/LYSDu3mSXHN zYnEtxauhotWMGHmfpzBfCYFRpdBadthM7SWIL0+EDNc6voWA9uoT0yRQCUeqI8O R3RuwdGhLGeimG0mQVoA14HtdVJt/0DgnznNCufLzZBv52tGY6eDuylws5i6SgXo xr6k0dYZBhv7IQ== -----END CERTIFICATE-----Generated at Fri Dec 19 02:25:04 2025 by rpki-client