This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json) Hash identifier: nuiu1iDH5fIWwSboUiWtKlEhevyYT9ueS6luOcS+RP0= Subject key identifier: EC:BC:20:23:4B:2A:60:D0:28:64:14:3D:8A:AB:D2:5F:CE:4F:47:BE Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67 Certificate serial: 019B38A199F51DDFD5230123E8EB60468702 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft Manifest number: 0E66 Signing time: Fri 19 Dec 2025 22:01:13 +0000 Manifest this update: Fri 19 Dec 2025 22:01:13 +0000 Manifest next update: Sat 20 Dec 2025 22:01:13 +0000 Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=) 2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: 6cSnS0FPGUy7/HMxU3Sk0eGd3oBgJYCLmvdUFhLVYck=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:99:f5:1d:df:d5:23:01:23:e8:eb:60:46:87:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67 Validity Not Before: Dec 19 22:01:13 2025 GMT Not After : Dec 20 22:01:13 2025 GMT Subject: CN=ecbc20234b2a60d02864143d8aabd25fce4f47be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:3b:2b:64:78:4d:3a:5e:e7:4e:bc:1a:37:d1: fe:65:bb:52:38:58:ad:50:0a:ab:e0:2b:6d:2d:43: 88:24:87:84:c0:77:f6:2d:d0:42:0b:d8:7b:aa:c1: 1d:84:12:21:ce:f4:a6:30:99:93:a3:9a:d9:3b:2b: 76:a4:2d:fc:53:bc:65:be:20:1c:78:a2:21:55:37: fa:18:2a:2d:f7:17:51:e5:cd:e4:46:dd:ab:b1:b5: e6:64:08:13:11:e3:e3:72:bc:60:34:26:c5:d5:0a: d9:22:49:ec:48:f9:f7:4b:7c:ff:b5:20:be:d3:16: f1:91:81:76:0e:98:40:f2:6a:0d:45:eb:01:cd:da: bb:7f:91:0e:7b:6e:03:82:89:2e:ad:9a:1b:d3:e8: 4d:90:6f:42:9d:b8:46:c5:e7:f4:40:37:cb:a3:f2: f2:e8:91:6f:6a:43:28:10:a8:b6:59:82:50:42:87: 9c:8d:7f:4d:75:14:52:f1:18:9d:d5:f3:01:54:b3: 00:fa:4b:74:89:89:ac:2e:20:b2:98:59:46:63:52: a3:58:5a:4c:44:78:f3:f6:c0:bc:1f:8e:0d:42:71: dc:12:fd:ed:d6:79:83:fd:4a:f9:f9:91:5a:64:b2: 2f:1f:a8:34:d7:6d:1a:af:0b:46:df:4f:6b:00:bb: c2:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:BC:20:23:4B:2A:60:D0:28:64:14:3D:8A:AB:D2:5F:CE:4F:47:BE X509v3 Authority Key Identifier: keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:3a:bf:11:87:6a:16:8f:5f:94:7d:31:a7:ff:e1:b5:ca:7a: 52:c5:59:8c:a0:8d:6b:ae:45:52:a3:79:86:8c:37:69:72:8f: 83:d3:f9:f4:fd:0e:25:f7:9c:14:72:d6:49:83:43:fe:06:ad: de:3f:5d:a3:08:82:ac:cc:4d:0d:e6:53:e2:12:1e:5e:a5:be: 5e:3d:fa:6e:80:ca:f0:e5:a5:bc:75:aa:9d:0c:e8:1a:6c:7d: ae:4d:b9:d8:55:63:fd:15:cb:07:d0:24:bd:05:02:3f:d6:73: b9:ad:ef:0d:e6:41:25:bd:a0:e9:49:52:13:95:f6:d0:03:ae: f2:ff:a4:e7:ea:48:dc:74:02:cf:50:63:38:5b:6b:b6:b6:d7: b7:d2:c0:33:62:6f:b9:64:5b:b1:19:e5:07:0d:5d:68:35:dd: d0:87:94:c0:5d:74:aa:95:60:f9:42:4b:4b:bf:d5:7a:fb:17: ec:54:f1:a9:af:65:2b:7f:8b:52:c5:e8:b0:cc:64:48:69:ee: ae:42:92:f1:3e:54:e0:93:fd:c5:99:e4:3b:02:b5:58:d9:83: 3e:27:f2:01:2b:37:ea:76:52:43:8f:4f:73:19:40:98:e9:0e: 6e:85:79:90:46:13:71:75:5f:84:f5:c9:16:4f:d9:c3:e5:3d: 7f:c9:13:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oZn1Hd/VIwEj6OtgRocCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2 OTJlNjcwHhcNMjUxMjE5MjIwMTEzWhcNMjUxMjIwMjIwMTEzWjAzMTEwLwYDVQQD EyhlY2JjMjAyMzRiMmE2MGQwMjg2NDE0M2Q4YWFiZDI1ZmNlNGY0N2JlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jsrZHhNOl7nTrwaN9H+ZbtSOFit UAqr4CttLUOIJIeEwHf2LdBCC9h7qsEdhBIhzvSmMJmTo5rZOyt2pC38U7xlviAc eKIhVTf6GCot9xdR5c3kRt2rsbXmZAgTEePjcrxgNCbF1QrZIknsSPn3S3z/tSC+ 0xbxkYF2DphA8moNResBzdq7f5EOe24DgokurZob0+hNkG9CnbhGxef0QDfLo/Ly 6JFvakMoEKi2WYJQQoecjX9NdRRS8Rid1fMBVLMA+kt0iYmsLiCymFlGY1KjWFpM RHjz9sC8H44NQnHcEv3t1nmD/Ur5+ZFaZLIvH6g0120arwtG309rALvCpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOy8ICNLKmDQKGQUPYqr0l/OT0e+MB8GA1UdIwQY MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHTq/EYdq Fo9flH0xp//htcp6UsVZjKCNa65FUqN5how3aXKPg9P59P0OJfecFHLWSYND/gat 3j9dowiCrMxNDeZT4hIeXqW+Xj36boDK8OWlvHWqnQzoGmx9rk252FVj/RXLB9Ak vQUCP9Zzua3vDeZBJb2g6UlSE5X20AOu8v+k5+pI3HQCz1BjOFtrtrbXt9LAM2Jv uWRbsRnlBw1daDXd0IeUwF10qpVg+UJLS7/VevsX7FTxqa9lK3+LUsXosMxkSGnu rkKS8T5U4JP9xZnkOwK1WNmDPifyASs36nZSQ49PcxlAmOkOboV5kEYTcXVfhPXJ Fk/Zw+U9f8kTKQ== -----END CERTIFICATE-----Generated at Sat Dec 20 06:39:05 2025 by rpki-client