This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json) Hash identifier: 8AJA47rYBvZLnj0524ziId7AupL8H6sVqpaGAp7gaFk= Subject key identifier: 33:A9:10:6A:5A:70:E7:70:75:3B:A1:8B:E7:90:0F:3A:02:DA:D5:C3 Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e Certificate serial: 019B5D5279207183C9418455577ECDB49F06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft Manifest number: 069D Signing time: Sat 27 Dec 2025 01:00:44 +0000 Manifest this update: Sat 27 Dec 2025 01:00:44 +0000 Manifest next update: Sun 28 Dec 2025 01:00:44 +0000 Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: 7iSa97sc6C13AkdaHwNIA49dIs39nyxB75gEFJDYTgo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:52:79:20:71:83:c9:41:84:55:57:7e:cd:b4:9f:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e Validity Not Before: Dec 27 01:00:44 2025 GMT Not After : Dec 28 01:00:44 2025 GMT Subject: CN=33a9106a5a70e770753ba18be7900f3a02dad5c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:be:1f:ee:dc:ff:cd:de:a3:9f:18:32:49:f5: 5e:dc:61:15:95:4b:3d:2b:1d:52:9c:ee:f8:38:cf: 91:96:22:d4:3f:ea:a6:e5:5c:c4:9c:b4:d8:5e:b8: 3b:95:ce:64:c1:07:fa:75:1a:85:43:01:a3:08:04: 26:db:60:ba:7b:15:9c:d4:ef:3e:21:ff:82:48:16: 76:31:25:86:a1:c8:10:24:ad:24:99:56:c9:e2:53: db:1c:d4:ad:e5:a7:13:22:95:f8:44:3e:16:8f:0a: 7b:63:f9:6a:f4:20:14:3e:14:36:a5:86:c1:cc:80: e9:91:7a:48:39:20:63:0f:84:22:99:cc:21:c4:ae: ad:07:f4:44:0e:82:d3:a3:4d:3a:af:67:4e:3d:d3: fd:62:18:b7:80:40:90:26:b4:c2:76:3b:a7:a2:3a: f8:27:32:a3:c2:a7:98:6e:74:09:72:ab:56:8a:d8: b2:6b:42:7c:17:cb:b1:b0:70:e3:d4:36:35:32:1c: bc:3c:e7:bb:cc:44:70:74:40:f5:e1:e2:1a:9d:36: 78:ae:3b:a5:b2:25:56:65:50:97:a7:e4:99:d1:21: 16:d3:ed:e5:50:f7:14:80:3b:d4:f3:36:58:98:ff: aa:c3:d7:fc:f9:c7:61:c3:e8:58:5b:15:fd:47:d2: 67:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:A9:10:6A:5A:70:E7:70:75:3B:A1:8B:E7:90:0F:3A:02:DA:D5:C3 X509v3 Authority Key Identifier: keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:fc:ca:f3:ba:ae:6a:f3:a8:53:c9:e5:e7:94:9a:de:bf:5c: 60:9f:3b:e2:1b:57:0f:ba:fd:d1:dc:b3:83:62:13:82:31:5e: 1c:4d:43:f1:e7:e3:b9:ec:a0:56:c9:13:cf:0e:1a:b9:c2:77: e2:73:96:ee:73:3c:dc:94:47:db:5a:18:8a:09:fe:ae:4c:cf: e1:b4:ac:21:d0:6c:0a:2f:8d:72:14:4d:4d:92:0e:ee:d4:e4: 10:01:53:d9:72:ca:39:f7:8e:98:be:e3:67:46:6f:df:60:1b: 6a:38:64:20:21:fe:8c:c6:04:93:7a:91:3c:47:33:96:a3:1e: 21:73:66:6c:25:08:dc:71:db:be:41:20:f4:a6:dc:17:a7:9f: 87:ee:83:9f:74:38:fe:a6:3d:d9:e8:06:2b:4c:cc:ea:03:3d: 12:f4:56:5a:b1:8d:de:71:55:13:dd:21:4f:74:f8:47:16:cc: 8c:3d:67:84:a3:7c:17:ce:20:af:c4:36:2f:f7:32:6e:6b:49: 03:07:11:05:cc:76:a3:7d:4c:a3:5e:32:22:15:b8:10:84:9a: a8:8c:ea:fb:0a:cc:24:a2:90:c7:17:0d:36:bb:6b:1b:51:48: 0a:48:25:d0:bf:50:28:82:80:09:f3:2a:c4:5d:2e:5f:3a:9c: 3d:4e:8e:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUnkgcYPJQYRVV37NtJ8GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj M2YyOWUwHhcNMjUxMjI3MDEwMDQ0WhcNMjUxMjI4MDEwMDQ0WjAzMTEwLwYDVQQD EygzM2E5MTA2YTVhNzBlNzcwNzUzYmExOGJlNzkwMGYzYTAyZGFkNWMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt74f7tz/zd6jnxgySfVe3GEVlUs9 Kx1SnO74OM+RliLUP+qm5VzEnLTYXrg7lc5kwQf6dRqFQwGjCAQm22C6exWc1O8+ If+CSBZ2MSWGocgQJK0kmVbJ4lPbHNSt5acTIpX4RD4Wjwp7Y/lq9CAUPhQ2pYbB zIDpkXpIOSBjD4QimcwhxK6tB/REDoLTo006r2dOPdP9Yhi3gECQJrTCdjunojr4 JzKjwqeYbnQJcqtWitiya0J8F8uxsHDj1DY1Mhy8POe7zERwdED14eIanTZ4rjul siVWZVCXp+SZ0SEW0+3lUPcUgDvU8zZYmP+qw9f8+cdhw+hYWxX9R9JnywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDOpEGpacOdwdTuhi+eQDzoC2tXDMB8GA1UdIwQY MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/zK87qu avOoU8nl55Sa3r9cYJ874htXD7r90dyzg2ITgjFeHE1D8efjueygVskTzw4aucJ3 4nOW7nM83JRH21oYign+rkzP4bSsIdBsCi+NchRNTZIO7tTkEAFT2XLKOfeOmL7j Z0Zv32AbajhkICH+jMYEk3qRPEczlqMeIXNmbCUI3HHbvkEg9KbcF6efh+6Dn3Q4 /qY92egGK0zM6gM9EvRWWrGN3nFVE90hT3T4RxbMjD1nhKN8F84gr8Q2L/cybmtJ AwcRBcx2o31Mo14yIhW4EISaqIzq+wrMJKKQxxcNNrtrG1FICkgl0L9QKIKACfMq xF0uXzqcPU6O8g== -----END CERTIFICATE-----Generated at Sat Dec 27 05:39:28 2025 by rpki-client