This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft File: NkYULOMpCrZ4bT0w8mteQf1oTd4.mft (raw, json) Hash identifier: FR+jpWuPWlI7J4ClAozFFKupC42unD1iuA6AczmlksY= Subject key identifier: 1B:8D:A9:C0:01:31:E5:CB:46:81:C8:0E:C6:D8:73:98:DA:B5:38:FD Authority key identifier: 36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE Certificate issuer: /CN=3646142ce3290ab6786d3d30f26b5e41fd684dde Certificate serial: 019B69C507A467C8BABB806C770EB184829E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft Manifest number: 0B7D Signing time: Mon 29 Dec 2025 11:01:18 +0000 Manifest this update: Mon 29 Dec 2025 11:01:18 +0000 Manifest next update: Tue 30 Dec 2025 11:01:18 +0000 Files and hashes: 1: NkYULOMpCrZ4bT0w8mteQf1oTd4.crl (hash: yay9rkyGuVSDu8Fqq0EP0D3NxVok8V3MQUBlpp81aLQ=) 2: _1qhZEmD1ZR0wevnSQ5eeTD9plU.roa (hash: ZVkFLKtKLY5Jyd68UAmKFP29SRBsL9mEyi4TVzPBvdA=) 3: yrfnq6Apo3g6hYK2SXicNIxd3BQ.roa (hash: mz8tGW+kk5vYLIpkvgBjBz5ynzM4w4t5pl379UMfAPc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 11:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:c5:07:a4:67:c8:ba:bb:80:6c:77:0e:b1:84:82:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3646142ce3290ab6786d3d30f26b5e41fd684dde Validity Not Before: Dec 29 11:01:18 2025 GMT Not After : Dec 30 11:01:18 2025 GMT Subject: CN=1b8da9c00131e5cb4681c80ec6d87398dab538fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:6c:f8:1c:d2:72:03:2b:26:ab:fe:16:15:a9: 0a:ff:e9:38:35:39:37:6b:70:9e:14:c9:eb:43:1e: 1b:cd:65:76:fb:27:62:d3:42:83:ee:e0:7f:b6:79: 6d:14:27:0f:29:75:70:81:87:61:91:99:41:ee:0a: 5a:30:43:76:03:9f:4d:0e:d1:90:57:8e:4e:35:c4: 14:a0:87:77:45:8d:fe:ad:17:cb:39:3e:a5:e8:27: c9:a7:41:ed:20:a3:8e:f4:7f:f9:b5:9c:69:35:fe: 33:55:f5:d2:a5:36:d8:6e:12:ad:23:44:8f:01:dd: 33:a4:7d:e1:7e:47:93:07:f5:c9:dd:0b:2b:8f:f6: 53:7e:10:eb:fd:f2:eb:07:69:a3:dd:f7:f3:f1:06: 18:68:37:dc:05:5f:de:46:41:c9:e3:73:61:7f:dc: 2e:e8:99:67:f7:8b:04:92:1a:db:73:d9:ec:ba:14: e4:25:61:56:58:fe:fc:fc:99:26:fd:cf:ea:35:55: 73:61:ef:f6:1b:4e:42:52:54:4e:0f:83:5d:a9:9b: 0f:61:62:0e:7b:d8:fb:45:9c:94:55:f2:95:dd:78: 50:51:84:02:05:e1:de:69:ad:fe:32:02:ef:9c:82: b2:f0:7e:5a:2b:c6:ff:87:60:9e:4d:72:8d:b6:fd: b5:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:8D:A9:C0:01:31:E5:CB:46:81:C8:0E:C6:D8:73:98:DA:B5:38:FD X509v3 Authority Key Identifier: keyid:36:46:14:2C:E3:29:0A:B6:78:6D:3D:30:F2:6B:5E:41:FD:68:4D:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYULOMpCrZ4bT0w8mteQf1oTd4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cd8206-764e-4a31-ace7-d308542a1d86/1/NkYULOMpCrZ4bT0w8mteQf1oTd4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:2f:29:29:59:d0:02:ed:fe:cb:7f:95:1e:7a:e7:f5:34:b4: 0b:37:9c:b0:61:f0:13:69:c9:88:70:08:d6:4c:88:42:76:69: a6:22:77:7d:8a:9d:c6:8c:23:4e:41:6e:51:d9:35:06:a9:ed: 88:5e:83:06:fa:e2:cb:c0:24:96:2f:b1:bb:91:7f:06:00:35: 88:a4:57:75:d3:be:0f:1b:ed:fc:ba:b7:d5:98:08:cb:27:82: b6:4b:44:5b:f7:86:cc:46:43:6f:d7:61:0d:a0:39:56:c4:79: 00:c8:5d:51:b4:0f:25:bf:70:71:15:e7:9a:26:f5:c5:95:a1: 73:3c:4c:8c:c8:84:57:b7:d5:19:2f:7f:f7:b6:16:58:80:35: f7:f9:3e:ff:48:0e:3c:ca:62:7f:3c:92:f3:6b:be:43:c4:3d: 32:cd:2e:c4:d3:a0:4e:b7:c9:f4:0c:5e:28:13:7a:ed:a9:e9: e0:0d:ce:9a:f2:22:6b:5f:98:3e:e0:68:40:4c:f4:7d:ad:f7: 3b:00:df:88:cd:a4:1f:2e:67:53:d0:3a:27:1f:3e:58:9d:69: 8a:61:f2:a1:ed:a2:2c:34:2c:12:37:e0:96:55:32:4f:e2:71: 7e:6b:e8:ed:66:e5:44:bd:2e:16:c0:59:ed:4b:e2:e1:b7:a4: 02:c7:85:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtpxQekZ8i6u4Bsdw6xhIKeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2NDYxNDJjZTMyOTBhYjY3ODZkM2QzMGYyNmI1ZTQxZmQ2 ODRkZGUwHhcNMjUxMjI5MTEwMTE4WhcNMjUxMjMwMTEwMTE4WjAzMTEwLwYDVQQD EygxYjhkYTljMDAxMzFlNWNiNDY4MWM4MGVjNmQ4NzM5OGRhYjUzOGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmz4HNJyAysmq/4WFakK/+k4NTk3 a3CeFMnrQx4bzWV2+ydi00KD7uB/tnltFCcPKXVwgYdhkZlB7gpaMEN2A59NDtGQ V45ONcQUoId3RY3+rRfLOT6l6CfJp0HtIKOO9H/5tZxpNf4zVfXSpTbYbhKtI0SP Ad0zpH3hfkeTB/XJ3Qsrj/ZTfhDr/fLrB2mj3ffz8QYYaDfcBV/eRkHJ43Nhf9wu 6Jln94sEkhrbc9nsuhTkJWFWWP78/Jkm/c/qNVVzYe/2G05CUlROD4NdqZsPYWIO e9j7RZyUVfKV3XhQUYQCBeHeaa3+MgLvnIKy8H5aK8b/h2CeTXKNtv21ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBuNqcABMeXLRoHIDsbYc5jatTj9MB8GA1UdIwQY MBaAFDZGFCzjKQq2eG09MPJrXkH9aE3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTct ZDMwODU0MmExZDg2LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9jZDgyMDYtNzY0ZS00YTMxLWFjZTctZDMwODU0MmExZDg2 LzEvTmtZVUxPTXBDclo0YlQwdzhtdGVRZjFvVGQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbC8pKVnQ Au3+y3+VHnrn9TS0CzecsGHwE2nJiHAI1kyIQnZppiJ3fYqdxowjTkFuUdk1Bqnt iF6DBvriy8Akli+xu5F/BgA1iKRXddO+Dxvt/Lq31ZgIyyeCtktEW/eGzEZDb9dh DaA5VsR5AMhdUbQPJb9wcRXnmib1xZWhczxMjMiEV7fVGS9/97YWWIA19/k+/0gO PMpifzyS82u+Q8Q9Ms0uxNOgTrfJ9AxeKBN67anp4A3OmvIia1+YPuBoQEz0fa33 OwDfiM2kHy5nU9A6Jx8+WJ1pimHyoe2iLDQsEjfgllUyT+Jxfmvo7WblRL0uFsBZ 7Uvi4bekAseF+w== -----END CERTIFICATE-----Generated at Mon Dec 29 16:18:48 2025 by rpki-client