This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: DG89sIqVuQiJe3h06jg0YLh3mty+ZUapijNbGeVJzQ0= Subject key identifier: 45:90:18:BB:6D:EA:A2:CA:E4:6A:CD:A8:E0:DD:DF:E0:97:5D:3C:A1 Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 5D977257BE3997208CA1C5CBF3ED4FA118C6B43E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: C4 Signing time: Mon 22 Dec 2025 08:02:06 +0000 Manifest this update: Mon 22 Dec 2025 07:57:06 +0000 Manifest next update: Tue 23 Dec 2025 11:03:06 +0000 Files and hashes: 1: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 2: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 3: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 4: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 5: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: SS4oXS+LB0j2hfFxvenXbtmHgPBiaqziBvz2jQeVzv8=) 6: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 7: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 8: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 9: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 10: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 11: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 12: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 13: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 14: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 15: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:97:72:57:be:39:97:20:8c:a1:c5:cb:f3:ed:4f:a1:18:c6:b4:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Dec 22 07:57:06 2025 GMT Not After : Dec 23 11:03:06 2025 GMT Subject: CN=459018BB6DEAA2CAE46ACDA8E0DDDFE0975D3CA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f6:a6:45:51:36:85:36:9c:92:c7:a4:8c:3e: d7:04:c0:4e:81:98:e8:f7:de:52:97:07:8e:53:03: 7e:e9:58:da:61:15:78:15:f0:b8:68:4c:aa:ff:07: 9d:69:b0:ad:62:c3:59:63:10:12:55:ae:e0:ee:32: 52:35:38:de:e3:5f:2f:07:0f:a9:47:24:39:5c:1f: 8d:ce:33:88:ea:66:23:b0:3a:c4:9c:b0:33:53:e0: c6:e4:7c:f8:bb:c7:f0:62:2b:1f:69:69:43:fe:01: 41:04:67:49:eb:d1:b5:0d:61:ce:44:d3:94:02:51: 20:ad:95:21:c6:3a:81:d0:9b:fb:38:16:30:9f:27: 6e:25:61:9f:c2:3f:13:8f:02:ca:14:9d:36:a5:4a: 28:4c:8b:69:4a:03:90:4b:18:ed:7c:62:93:1a:6b: 55:f0:00:1d:72:2d:a4:1f:8f:38:11:f4:f1:c2:41: 46:f2:8a:c9:99:eb:2a:8c:78:92:78:fb:e6:05:4c: 2e:44:79:35:3e:62:89:0f:4e:51:49:3b:dd:ea:aa: e6:49:0f:dc:9e:2f:42:99:0f:e2:f2:5b:d1:2f:9e: a9:40:91:96:9b:7f:29:36:3d:62:f1:78:4a:4b:91: c1:57:d1:d8:60:f6:9d:44:d6:08:b6:d0:4f:a8:20: 3c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:90:18:BB:6D:EA:A2:CA:E4:6A:CD:A8:E0:DD:DF:E0:97:5D:3C:A1 X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:c4:ca:cd:14:bf:84:4c:e8:94:04:18:27:4c:9e:46:2f:da: bc:f3:fc:cb:25:3b:73:4c:8a:0f:08:d6:2c:d8:0f:6c:8f:d0: fa:9b:46:f5:58:62:22:f3:51:d0:1b:60:d5:46:c7:7d:b2:cb: 38:46:35:34:90:65:3e:3a:43:f3:e5:eb:02:f5:aa:fb:60:26: 56:b2:f4:28:08:a4:8c:3e:04:79:a9:56:4f:92:02:ec:99:b5: a1:a9:d0:30:67:86:7f:a0:2f:3a:f6:78:81:ca:f6:32:98:55: f9:5f:ca:14:e7:c0:4c:84:6e:48:85:ae:a8:38:46:0b:8b:e6: 25:d8:ff:0a:d7:19:ca:8f:b9:04:ea:39:26:db:e8:15:05:d9: a0:5c:df:cc:34:06:14:5e:a3:0c:c2:b2:84:95:31:d0:b9:d3: c3:dc:55:bd:ae:31:bf:65:2b:5d:32:76:b0:cf:5c:6a:e2:db: 2d:27:44:a2:88:90:57:fb:c5:ff:ae:4b:1f:29:3f:1b:fd:82: f1:c4:21:7b:e3:7e:0a:0b:b8:d0:e8:e8:e1:b5:cc:7d:27:d5: 27:66:85:ae:8f:a2:40:65:65:74:e5:a2:4a:2b:14:35:50:6d: 49:5f:7c:8e:18:7c:70:5c:85:11:c9:74:6a:6a:db:2b:e6:67: 40:a6:41:bb -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUXZdyV745lyCMocXL8+1PoRjGtD4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNTEyMjIwNzU3MDZaFw0yNTEyMjMxMTAzMDZaMDMxMTAvBgNV BAMTKDQ1OTAxOEJCNkRFQUEyQ0FFNDZBQ0RBOEUwRERERkUwOTc1RDNDQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt9qZFUTaFNpySx6SMPtcEwE6B mOj33lKXB45TA37pWNphFXgV8LhoTKr/B51psK1iw1ljEBJVruDuMlI1ON7jXy8H D6lHJDlcH43OM4jqZiOwOsScsDNT4MbkfPi7x/BiKx9paUP+AUEEZ0nr0bUNYc5E 05QCUSCtlSHGOoHQm/s4FjCfJ24lYZ/CPxOPAsoUnTalSihMi2lKA5BLGO18YpMa a1XwAB1yLaQfjzgR9PHCQUbyismZ6yqMeJJ4++YFTC5EeTU+YokPTlFJO93qquZJ D9yeL0KZD+LyW9EvnqlAkZabfyk2PWLxeEpLkcFX0dhg9p1E1gi20E+oIDwjAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQURZAYu23qosrkas2o4N3f4JddPKEwHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQC0xMrNFL+ETOiUBBgnTJ5GL9q88/zLJTtzTIoPCNYs2A9sj9D6m0b1WGIi 81HQG2DVRsd9sss4RjU0kGU+OkPz5esC9ar7YCZWsvQoCKSMPgR5qVZPkgLsmbWh qdAwZ4Z/oC869niByvYymFX5X8oU58BMhG5Iha6oOEYLi+Yl2P8K1xnKj7kE6jkm 2+gVBdmgXN/MNAYUXqMMwrKElTHQudPD3FW9rjG/ZStdMnawz1xq4tstJ0SiiJBX +8X/rksfKT8b/YLxxCF7434KC7jQ6Ojhtcx9J9UnZoWuj6JAZWV05aJKKxQ1UG1J X3yOGHxwXIURyXRqatsr5mdApkG7 -----END CERTIFICATE-----Generated at Mon Dec 22 15:59:54 2025 by rpki-client