This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft File: nxFouFcXoUZmABtbL2yQgBmX3gY.mft (raw, json) Hash identifier: GxnLqvrFdnQs0sCOFzphsb9F2URF9zJnt0GOUGVf66M= Subject key identifier: B8:16:02:0F:5B:06:E2:55:EF:99:59:F1:12:2D:13:09:E1:7E:E4:48 Authority key identifier: 9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06 Certificate issuer: /CN=9f1168b85717a14666001b5b2f6c90801997de06 Certificate serial: 019B4A7130580056557FD2F5471458A71316 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft Manifest number: 0541 Signing time: Tue 23 Dec 2025 09:01:30 +0000 Manifest this update: Tue 23 Dec 2025 09:01:30 +0000 Manifest next update: Wed 24 Dec 2025 09:01:30 +0000 Files and hashes: 1: 3aRtdaLoPOZF10CX_CZEh4-VCqI.roa (hash: OscvtFvqL/u9a9yzvKDIzZQyXS+BuqyG+0F0KwScDL8=) 2: nxFouFcXoUZmABtbL2yQgBmX3gY.crl (hash: mUNu2uVdnfC1kp1unyrikRkgGsHkWHzmYSU5qFFUE+M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:71:30:58:00:56:55:7f:d2:f5:47:14:58:a7:13:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f1168b85717a14666001b5b2f6c90801997de06 Validity Not Before: Dec 23 09:01:30 2025 GMT Not After : Dec 24 09:01:30 2025 GMT Subject: CN=b816020f5b06e255ef9959f1122d1309e17ee448 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a1:94:ca:9e:30:36:4a:66:4b:0e:2e:4e:52: 35:53:5e:84:ce:7d:f1:65:75:95:36:06:1a:f8:b5: fd:d4:56:d6:2d:89:a8:97:dd:5e:70:7e:86:ab:70: e1:fb:7e:dc:e4:46:77:93:31:98:2d:c1:98:ce:8c: ad:48:a4:75:7a:8b:70:97:4c:81:dc:3e:47:0b:1c: a7:0c:05:b2:d6:ab:f2:e0:e2:b8:ba:74:73:9f:b0: 54:e6:2f:30:4e:96:fe:24:7f:b4:c7:36:08:d8:e4: ec:ba:27:8b:cf:79:d8:b0:de:30:97:3f:0f:be:23: 1f:92:0f:7e:d9:a3:2e:51:4f:5a:94:8b:ce:79:92: 79:59:23:a9:0e:35:16:ec:7f:a2:00:7e:04:f5:4c: ca:68:f6:77:d1:6b:1d:a4:ee:bc:10:1c:54:fd:19: 16:05:7d:66:b2:29:b1:7b:e7:e6:4e:a4:f9:db:1f: d6:e3:3a:6c:6c:3c:f5:99:b2:60:b7:52:6c:d4:91: b2:f9:f6:4e:9b:3f:18:e5:6b:fb:6a:ea:3f:c7:06: 08:2a:64:ad:c8:48:72:bc:f0:87:b7:8d:89:f7:b5: b7:55:c5:d4:6c:cf:09:34:60:16:34:f2:c4:39:e1: a4:b7:20:47:15:41:00:a3:08:b4:27:17:90:e4:96: a1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:16:02:0F:5B:06:E2:55:EF:99:59:F1:12:2D:13:09:E1:7E:E4:48 X509v3 Authority Key Identifier: keyid:9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:92:ba:07:0a:2e:a5:62:d4:72:bc:8b:b4:01:d5:ce:1d:fe: 28:7d:3d:53:38:6b:7b:7c:7f:9c:8c:09:e2:59:52:d5:e1:91: f5:65:d9:35:57:95:7e:bb:2f:f0:be:25:4c:13:31:36:8d:3c: f8:be:2d:c9:22:cb:2d:8d:1c:86:cd:60:09:62:84:4e:cf:22: 2a:4c:a6:f2:ad:bf:04:ce:a0:f8:94:2f:22:92:93:dd:f8:81: 2c:3a:9a:a9:08:e4:ac:03:c7:d4:28:61:9f:3b:89:ad:ba:ab: 35:db:6b:01:8a:06:ea:90:70:6f:d8:99:ae:bb:d1:7b:2d:cb: ce:ad:ac:fd:f9:b3:45:cc:60:b3:f9:47:52:27:7e:9c:36:99: 8a:a9:e1:d8:6a:12:e0:99:f0:8a:06:70:a3:e6:7a:2c:b5:f9: 9b:64:a5:01:50:4c:af:fa:ae:f5:f9:3e:67:a3:d0:80:f6:06: 74:a6:8d:53:48:c1:05:fa:3b:28:42:38:ed:66:9e:09:28:d4: 72:3c:0a:e5:86:23:65:31:52:41:93:30:70:cf:03:fe:9d:85: 02:09:c2:b3:07:3b:42:3e:6d:cf:d6:67:ef:ce:bc:c1:66:4a: f7:7e:2b:54:39:81:11:b4:cf:c1:9c:29:90:79:f6:f5:13:14: 0c:22:e6:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKcTBYAFZVf9L1RxRYpxMWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMTE2OGI4NTcxN2ExNDY2NjAwMWI1YjJmNmM5MDgwMTk5 N2RlMDYwHhcNMjUxMjIzMDkwMTMwWhcNMjUxMjI0MDkwMTMwWjAzMTEwLwYDVQQD EyhiODE2MDIwZjViMDZlMjU1ZWY5OTU5ZjExMjJkMTMwOWUxN2VlNDQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqGUyp4wNkpmSw4uTlI1U16Ezn3x ZXWVNgYa+LX91FbWLYmol91ecH6Gq3Dh+37c5EZ3kzGYLcGYzoytSKR1eotwl0yB 3D5HCxynDAWy1qvy4OK4unRzn7BU5i8wTpb+JH+0xzYI2OTsuieLz3nYsN4wlz8P viMfkg9+2aMuUU9alIvOeZJ5WSOpDjUW7H+iAH4E9UzKaPZ30WsdpO68EBxU/RkW BX1msimxe+fmTqT52x/W4zpsbDz1mbJgt1Js1JGy+fZOmz8Y5Wv7auo/xwYIKmSt yEhyvPCHt42J97W3VcXUbM8JNGAWNPLEOeGktyBHFUEAowi0JxeQ5JahwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLgWAg9bBuJV75lZ8RItEwnhfuRIMB8GA1UdIwQY MBaAFJ8RaLhXF6FGZgAbWy9skIAZl94GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUt ZjQyMTliZWRkYjM3LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUtZjQyMTliZWRkYjM3 LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZK6Bwou pWLUcryLtAHVzh3+KH09Uzhre3x/nIwJ4llS1eGR9WXZNVeVfrsv8L4lTBMxNo08 +L4tySLLLY0chs1gCWKETs8iKkym8q2/BM6g+JQvIpKT3fiBLDqaqQjkrAPH1Chh nzuJrbqrNdtrAYoG6pBwb9iZrrvRey3Lzq2s/fmzRcxgs/lHUid+nDaZiqnh2GoS 4JnwigZwo+Z6LLX5m2SlAVBMr/qu9fk+Z6PQgPYGdKaNU0jBBfo7KEI47WaeCSjU cjwK5YYjZTFSQZMwcM8D/p2FAgnCswc7Qj5tz9Zn7868wWZK934rVDmBEbTPwZwp kHn29RMUDCLmPA== -----END CERTIFICATE-----Generated at Tue Dec 23 18:31:21 2025 by rpki-client