This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft File: NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft (raw, json) Hash identifier: Z3I+FyRESSNmwN/jv6yK1FR5ZCpsh6EtDZ8hj5EeGGI= Subject key identifier: A1:79:C9:A1:22:A3:10:59:DC:52:62:39:7E:6D:72:DD:79:29:DA:A7 Authority key identifier: 35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F Certificate issuer: /CN=35e6764594e00d9ab8017893c71092cf516b101f Certificate serial: 019B37581AE7FD3E191061D9A425B58942D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft Manifest number: 1713 Signing time: Fri 19 Dec 2025 16:01:19 +0000 Manifest this update: Fri 19 Dec 2025 16:01:19 +0000 Manifest next update: Sat 20 Dec 2025 16:01:19 +0000 Files and hashes: 1: NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl (hash: Fx/IBzzVz5Osu0ERshi15b5xiFZextKFTtwpOoObkvU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:58:1a:e7:fd:3e:19:10:61:d9:a4:25:b5:89:42:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35e6764594e00d9ab8017893c71092cf516b101f Validity Not Before: Dec 19 16:01:19 2025 GMT Not After : Dec 20 16:01:19 2025 GMT Subject: CN=a179c9a122a31059dc5262397e6d72dd7929daa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a8:9f:e1:2a:66:69:39:83:94:c5:6e:60:60: 42:45:74:76:bc:fc:9d:80:33:57:a3:7b:83:94:a4: cf:1f:0e:17:91:98:da:5f:45:d5:2f:97:0a:cc:c8: d7:94:d3:e0:94:47:17:84:c0:17:cd:76:49:db:78: 47:60:3a:88:95:9b:c0:c8:fe:a2:ad:ed:55:a5:95: 8e:fa:9f:dd:22:32:8e:b5:0b:e3:67:d0:a8:00:93: f5:da:5c:e4:04:2e:0a:06:01:ed:e4:67:c4:2d:04: d8:2f:8f:b4:2b:dc:ec:4c:77:d8:e8:b1:b5:16:0d: c1:c9:9e:7b:6a:51:cd:a3:dd:a6:d1:f7:ec:95:f6: 45:ac:ce:6f:fd:bc:a9:61:c5:0e:63:a1:52:62:4e: 30:ba:07:50:72:d6:89:cb:1b:1c:c8:38:cb:6c:ce: 94:28:81:05:19:a2:a1:c1:f0:15:42:b8:2d:58:ba: e8:75:6a:29:66:2f:9c:9f:c5:d6:78:83:14:2a:cf: 75:70:7b:0d:a0:18:1a:41:26:d4:f0:8a:55:99:35: e1:fd:45:34:c7:24:f0:45:37:37:16:da:20:34:9c: 62:43:64:c5:54:65:f9:03:bd:a9:01:25:9c:7e:25: 96:02:b2:67:12:2b:05:38:ef:50:20:f5:d1:ed:57: a1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:79:C9:A1:22:A3:10:59:DC:52:62:39:7E:6D:72:DD:79:29:DA:A7 X509v3 Authority Key Identifier: keyid:35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:7f:73:c0:4a:ec:7c:da:64:93:95:8d:fd:ae:ae:cc:e6:05: a6:0c:f2:c7:47:64:7f:e2:88:b6:46:56:0b:7e:6d:23:a4:39: fc:ec:28:e1:4c:8a:e0:35:90:7e:8c:5e:9d:e1:d5:29:ee:7c: a1:fa:65:8c:a8:29:76:68:1b:9f:ab:d9:91:bb:77:42:61:7a: 59:7b:51:f5:d8:2f:df:58:2a:25:8b:80:d0:93:fa:b3:2a:b1: ba:80:c9:8c:0e:94:a7:6f:f8:cc:15:f7:da:85:e4:61:f0:04: bf:17:5e:7e:ba:86:04:37:4a:02:ac:85:02:9a:89:a0:3d:a8: 72:a8:48:5b:4e:35:7c:84:7d:14:6d:c9:76:3c:83:72:20:7f: 36:17:6a:4f:cd:ec:3f:a7:1c:93:79:c2:1d:76:52:42:c9:0d: aa:2c:98:6b:91:05:29:24:05:1c:83:7b:f3:98:e3:89:6c:9c: 5d:34:14:98:1f:0d:36:ef:75:c0:5d:93:48:13:a2:23:4c:1e: 91:8e:f2:25:9b:34:1a:c3:48:5d:a8:85:46:96:35:61:42:1e: b9:82:d3:4a:47:5b:58:11:f0:d5:c2:5f:14:28:bd:aa:f3:0c: e6:f7:83:d5:89:b3:64:e5:01:f9:fe:bc:36:22:6b:04:72:5a: d2:5c:70:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3WBrn/T4ZEGHZpCW1iULQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZTY3NjQ1OTRlMDBkOWFiODAxNzg5M2M3MTA5MmNmNTE2 YjEwMWYwHhcNMjUxMjE5MTYwMTE5WhcNMjUxMjIwMTYwMTE5WjAzMTEwLwYDVQQD EyhhMTc5YzlhMTIyYTMxMDU5ZGM1MjYyMzk3ZTZkNzJkZDc5MjlkYWE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6if4SpmaTmDlMVuYGBCRXR2vPyd gDNXo3uDlKTPHw4XkZjaX0XVL5cKzMjXlNPglEcXhMAXzXZJ23hHYDqIlZvAyP6i re1VpZWO+p/dIjKOtQvjZ9CoAJP12lzkBC4KBgHt5GfELQTYL4+0K9zsTHfY6LG1 Fg3ByZ57alHNo92m0ffslfZFrM5v/bypYcUOY6FSYk4wugdQctaJyxscyDjLbM6U KIEFGaKhwfAVQrgtWLrodWopZi+cn8XWeIMUKs91cHsNoBgaQSbU8IpVmTXh/UU0 xyTwRTc3FtogNJxiQ2TFVGX5A72pASWcfiWWArJnEisFOO9QIPXR7VehlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKF5yaEioxBZ3FJiOX5tct15KdqnMB8GA1UdIwQY MBaAFDXmdkWU4A2auAF4k8cQks9RaxAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQt YjJmMGIxYmNhZTVjLzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQtYjJmMGIxYmNhZTVj LzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtX9zwErs fNpkk5WN/a6uzOYFpgzyx0dkf+KItkZWC35tI6Q5/Owo4UyK4DWQfoxeneHVKe58 ofpljKgpdmgbn6vZkbt3QmF6WXtR9dgv31gqJYuA0JP6syqxuoDJjA6Up2/4zBX3 2oXkYfAEvxdefrqGBDdKAqyFApqJoD2ocqhIW041fIR9FG3JdjyDciB/NhdqT83s P6cck3nCHXZSQskNqiyYa5EFKSQFHIN785jjiWycXTQUmB8NNu91wF2TSBOiI0we kY7yJZs0GsNIXaiFRpY1YUIeuYLTSkdbWBHw1cJfFCi9qvMM5veD1YmzZOUB+f68 NiJrBHJa0lxwVg== -----END CERTIFICATE-----Generated at Fri Dec 19 17:21:25 2025 by rpki-client