This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json) Hash identifier: Za/DD80YVmg4PEQjZfkMg3zfr5zzCG5KS6S89/b9xAo= Subject key identifier: 38:9F:65:7A:62:3B:B5:E9:44:EE:75:C3:04:03:9F:21:0B:BA:79:EE Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2 Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2 Certificate serial: 019B2B1C8E83BCC7F0DF4F964FBAA7E26600 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft Manifest number: 1782 Signing time: Wed 17 Dec 2025 07:00:50 +0000 Manifest this update: Wed 17 Dec 2025 07:00:50 +0000 Manifest next update: Thu 18 Dec 2025 07:00:50 +0000 Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=) 2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: P7cyKpVmRgksoU6eWbzcZBmBOqIZJYHX37Qp6kbb3WE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1c:8e:83:bc:c7:f0:df:4f:96:4f:ba:a7:e2:66:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2 Validity Not Before: Dec 17 07:00:50 2025 GMT Not After : Dec 18 07:00:50 2025 GMT Subject: CN=389f657a623bb5e944ee75c304039f210bba79ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e1:16:9e:35:88:ce:d2:a4:b8:75:90:4c:be: c2:ef:3b:8c:b3:b7:e3:18:d5:97:e6:d5:85:3e:13: 5f:52:38:80:aa:35:18:94:fe:b7:f6:f1:5c:fb:26: 01:27:3f:3a:3c:ee:14:83:8b:e4:33:96:12:48:08: 19:5e:ed:5a:ed:cb:10:9a:af:f7:c6:ad:20:f6:bb: f5:e8:c1:61:9c:15:7f:4d:f6:63:06:1e:f0:ca:39: 03:a6:49:16:47:eb:da:1a:59:07:60:b7:56:05:91: 0c:d9:e0:1a:07:e9:8c:a5:96:e9:f1:5f:3b:73:f7: ba:74:c5:f0:0f:c2:bc:24:90:9e:04:05:6c:b8:96: 5f:8e:91:8a:a4:a3:57:9f:21:14:ab:d4:ee:01:2b: 36:78:f6:75:26:00:d2:db:bb:10:d0:c6:2e:f3:d2: 56:98:b2:0e:14:04:4b:b7:bf:b3:34:6d:05:ca:06: 93:a3:75:83:73:22:7a:09:10:df:2e:33:80:cd:94: 9d:75:83:66:a6:05:e1:28:bf:b0:e0:1d:61:e3:06: 7f:34:ed:68:d1:14:2c:7e:d0:cd:67:4b:ac:59:e4: 02:cc:61:50:7e:e6:85:7b:33:9b:aa:ca:71:b6:27: b5:8f:e8:c6:51:44:7e:13:0c:d5:21:ad:d5:f2:69: 37:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:9F:65:7A:62:3B:B5:E9:44:EE:75:C3:04:03:9F:21:0B:BA:79:EE X509v3 Authority Key Identifier: keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:71:b0:39:63:0f:44:8d:6b:05:68:af:0f:3d:4c:26:fc:d4: 0a:cd:36:20:ac:f3:de:0a:7f:0b:e8:27:41:b3:6c:6b:db:fc: 58:b2:a5:22:5d:c2:17:24:42:ea:ee:e0:26:ed:a3:63:28:f5: df:50:9f:11:23:4d:31:eb:f6:12:2a:d3:73:24:68:79:fd:f7: 9b:d4:98:5b:d8:a3:e4:5f:41:d4:f5:9b:59:0f:29:16:09:33: e4:7a:be:fc:b2:90:cf:19:d3:db:c9:98:df:dd:4b:f3:3c:f5: 5d:66:4f:91:5c:0f:db:46:de:08:78:c4:77:4a:93:0a:1b:4e: 5b:3b:e8:e1:1e:3a:14:f6:90:5f:bc:a8:20:ca:1d:eb:29:15: 96:88:48:d5:89:c0:fc:58:30:40:e5:31:10:69:31:9e:0e:57: 47:9c:7c:87:73:14:b8:4f:ac:d1:f5:8d:53:e0:f6:c5:5b:32: c0:23:5c:a5:1b:fc:9a:18:38:a2:08:7b:e6:82:7d:ae:f3:a0: 9a:74:ef:ec:ec:c8:8c:8b:da:e5:e8:9e:57:55:cd:89:ac:cd: d1:f7:84:c3:0c:22:34:61:73:a9:a9:42:b9:ab:54:64:81:da: cc:e0:05:2b:fe:05:a2:6f:27:7e:d5:44:54:99:1d:f6:0d:f7: 01:bc:d2:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHI6DvMfw30+WT7qn4mYAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm MmJhYjIwHhcNMjUxMjE3MDcwMDUwWhcNMjUxMjE4MDcwMDUwWjAzMTEwLwYDVQQD EygzODlmNjU3YTYyM2JiNWU5NDRlZTc1YzMwNDAzOWYyMTBiYmE3OWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOEWnjWIztKkuHWQTL7C7zuMs7fj GNWX5tWFPhNfUjiAqjUYlP639vFc+yYBJz86PO4Ug4vkM5YSSAgZXu1a7csQmq/3 xq0g9rv16MFhnBV/TfZjBh7wyjkDpkkWR+vaGlkHYLdWBZEM2eAaB+mMpZbp8V87 c/e6dMXwD8K8JJCeBAVsuJZfjpGKpKNXnyEUq9TuASs2ePZ1JgDS27sQ0MYu89JW mLIOFARLt7+zNG0FygaTo3WDcyJ6CRDfLjOAzZSddYNmpgXhKL+w4B1h4wZ/NO1o 0RQsftDNZ0usWeQCzGFQfuaFezObqspxtie1j+jGUUR+EwzVIa3V8mk3IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDifZXpiO7XpRO51wwQDnyELunnuMB8GA1UdIwQY MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPHGwOWMP RI1rBWivDz1MJvzUCs02IKzz3gp/C+gnQbNsa9v8WLKlIl3CFyRC6u7gJu2jYyj1 31CfESNNMev2EirTcyRoef33m9SYW9ij5F9B1PWbWQ8pFgkz5Hq+/LKQzxnT28mY 391L8zz1XWZPkVwP20beCHjEd0qTChtOWzvo4R46FPaQX7yoIMod6ykVlohI1YnA /FgwQOUxEGkxng5XR5x8h3MUuE+s0fWNU+D2xVsywCNcpRv8mhg4ogh75oJ9rvOg mnTv7OzIjIva5eieV1XNiazN0feEwwwiNGFzqalCuatUZIHazOAFK/4Fom8nftVE VJkd9g33AbzS3g== -----END CERTIFICATE-----Generated at Wed Dec 17 11:20:46 2025 by rpki-client