This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft File: jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json) Hash identifier: UFhAOM2v4MZqAClHKGr+zVWeHX5TKhcr9iPpYwJa4ws= Subject key identifier: 81:7F:36:3F:AE:08:1A:D3:D4:E1:F1:94:C5:20:AB:63:94:39:E0:59 Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE Certificate issuer: /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Certificate serial: 019B5ABF8EF1C85BC71BB0E6EF05A2866E76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft Manifest number: 1429 Signing time: Fri 26 Dec 2025 13:01:01 +0000 Manifest this update: Fri 26 Dec 2025 13:01:01 +0000 Manifest next update: Sat 27 Dec 2025 13:01:01 +0000 Files and hashes: 1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: p1DFa7JiFUmx8P1PPsWye5/wut0w267wD1AEK3FgdLI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:8e:f1:c8:5b:c7:1b:b0:e6:ef:05:a2:86:6e:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Validity Not Before: Dec 26 13:01:01 2025 GMT Not After : Dec 27 13:01:01 2025 GMT Subject: CN=817f363fae081ad3d4e1f194c520ab639439e059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:75:25:a5:97:17:90:31:71:ee:34:88:fa:bd: f3:5a:20:d3:08:fc:33:f3:93:07:a4:fc:0e:48:1b: df:23:30:7c:b3:89:7f:8e:22:bd:e0:d2:a4:f6:f9: 67:09:28:0c:9e:41:f0:6a:69:56:ba:fd:33:2b:d8: 4e:6b:d0:01:35:c3:54:b4:c1:0f:05:ad:5e:35:4b: 2c:77:d1:2f:6e:27:fa:05:bc:9b:11:97:d4:ba:13: 62:0b:78:64:71:3c:57:95:f7:34:62:e0:72:1a:59: 99:9d:6f:06:ce:36:fd:91:70:a8:3a:e9:a3:97:ae: e7:f2:01:2a:55:23:7a:b7:4a:67:eb:0e:e3:95:ec: 55:74:d5:7e:28:9b:b9:90:30:bd:30:b3:cc:70:22: 50:d0:20:dd:3b:d3:47:d3:61:56:d4:1f:cb:e1:08: af:ae:6d:d9:bb:de:ef:23:7f:d5:b9:41:2a:56:21: 2b:0e:c8:0e:3b:af:18:3c:3a:41:14:95:08:0d:7b: a1:ee:41:a8:d9:81:c2:e6:8b:be:dd:22:3a:c2:ed: 0e:e8:a4:6b:06:62:85:66:8d:07:c8:ee:f1:e5:8d: ee:dc:1c:4d:6d:82:9d:ae:52:ce:ce:dd:6c:65:36: 3a:fe:f3:97:85:4c:98:0c:bb:fe:49:0a:1d:e0:b7: f5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:7F:36:3F:AE:08:1A:D3:D4:E1:F1:94:C5:20:AB:63:94:39:E0:59 X509v3 Authority Key Identifier: keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:5a:eb:1c:7a:aa:ca:c7:98:3f:33:55:3b:23:8d:14:16:fc: e8:12:58:70:4b:85:9b:3a:ec:d7:53:22:05:e0:cf:ca:c1:67: 52:d6:26:96:6a:df:e3:7e:88:b1:b5:4f:fc:36:e4:01:08:77: 33:2a:8c:db:dc:dd:f1:3e:e4:25:cd:ac:ad:f7:54:bd:75:5b: 62:56:e9:c5:ff:cc:1b:5e:d1:49:f5:97:07:cd:c1:4f:46:b6: 48:02:2a:c8:fc:37:6b:bb:51:88:50:46:a8:12:86:a5:23:a3: f6:bd:43:97:b2:93:bd:3a:e7:74:32:37:7f:82:1e:05:17:00: f5:37:28:d0:a7:1f:f2:86:f8:de:7e:e1:2b:53:02:ec:74:87: ab:33:9d:c4:aa:2f:a0:60:50:ac:09:52:ca:d5:bd:0b:5e:29: 93:34:ac:ae:16:b8:d0:3e:5b:37:a5:94:84:19:8d:22:f6:17: 52:39:52:a9:87:e3:fe:99:85:b6:6a:09:16:78:8a:95:39:e3: 98:f7:0b:11:6e:89:5e:43:ad:bc:a8:e7:ca:27:d9:90:7e:5a: 6d:26:50:ad:8d:55:3b:76:fa:db:84:8b:6b:70:21:45:d3:2b: 68:b2:de:1f:97:16:6f:29:8c:be:4e:f9:8e:75:d3:76:b1:c3: ea:c0:6d:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav47xyFvHG7Dm7wWihm52MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl MDBiY2UwHhcNMjUxMjI2MTMwMTAxWhcNMjUxMjI3MTMwMTAxWjAzMTEwLwYDVQQD Eyg4MTdmMzYzZmFlMDgxYWQzZDRlMWYxOTRjNTIwYWI2Mzk0MzllMDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HUlpZcXkDFx7jSI+r3zWiDTCPwz 85MHpPwOSBvfIzB8s4l/jiK94NKk9vlnCSgMnkHwamlWuv0zK9hOa9ABNcNUtMEP Ba1eNUssd9Evbif6BbybEZfUuhNiC3hkcTxXlfc0YuByGlmZnW8Gzjb9kXCoOumj l67n8gEqVSN6t0pn6w7jlexVdNV+KJu5kDC9MLPMcCJQ0CDdO9NH02FW1B/L4Qiv rm3Zu97vI3/VuUEqViErDsgOO68YPDpBFJUIDXuh7kGo2YHC5ou+3SI6wu0O6KRr BmKFZo0HyO7x5Y3u3BxNbYKdrlLOzt1sZTY6/vOXhUyYDLv+SQod4Lf1fQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIF/Nj+uCBrT1OHxlMUgq2OUOeBZMB8GA1UdIwQY MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3 LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlVrrHHqq yseYPzNVOyONFBb86BJYcEuFmzrs11MiBeDPysFnUtYmlmrf436IsbVP/DbkAQh3 MyqM29zd8T7kJc2srfdUvXVbYlbpxf/MG17RSfWXB83BT0a2SAIqyPw3a7tRiFBG qBKGpSOj9r1Dl7KTvTrndDI3f4IeBRcA9Tco0Kcf8ob43n7hK1MC7HSHqzOdxKov oGBQrAlSytW9C14pkzSsrha40D5bN6WUhBmNIvYXUjlSqYfj/pmFtmoJFniKlTnj mPcLEW6JXkOtvKjnyifZkH5abSZQrY1VO3b624SLa3AhRdMraLLeH5cWbymMvk75 jnXTdrHD6sBtQQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:09:07 2025 by rpki-client