This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft File: 0jtkd-HIT1KQfNYMY-qD715Kx4I.mft (raw, json) Hash identifier: 2ma6mJkgH7LrhbZEctJPs9U2kSAjf/vYGbichAMWkyA= Subject key identifier: F9:3E:E7:C2:D2:4A:B1:21:12:63:BD:10:CF:BA:22:7B:56:21:BD:29 Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 Certificate issuer: /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Certificate serial: 019B47A6AB5A4433BA55F24C11CDB5805F2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft Manifest number: 0ADA Signing time: Mon 22 Dec 2025 20:01:03 +0000 Manifest this update: Mon 22 Dec 2025 20:01:03 +0000 Manifest next update: Tue 23 Dec 2025 20:01:03 +0000 Files and hashes: 1: 0jtkd-HIT1KQfNYMY-qD715Kx4I.crl (hash: tkUefy9WBYWgedm+jYKWxB83bNSOjepCfNRsXKgdFCY=) 2: 99RaY9xH4qOYuC0KdiJQrFMbC5E.roa (hash: TZUHN/mcHmz7AzTn504QkH94CMbEPlnfBvzJqjhXWtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 20:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:a6:ab:5a:44:33:ba:55:f2:4c:11:cd:b5:80:5f:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Validity Not Before: Dec 22 20:01:03 2025 GMT Not After : Dec 23 20:01:03 2025 GMT Subject: CN=f93ee7c2d24ab1211263bd10cfba227b5621bd29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f2:5c:55:51:89:30:91:54:24:64:55:c2:bd: d0:b9:1b:57:dd:20:64:2a:b6:f9:fb:ea:98:de:14: a8:3d:6f:f4:3c:a1:32:46:12:92:a0:09:aa:04:3b: eb:fd:5c:55:c1:5d:62:4d:21:ef:ab:e5:f1:e4:90: ae:cb:1a:ba:f0:e4:fb:da:70:0e:a5:d3:f7:33:df: 6d:21:3b:cb:d6:e6:2c:10:89:b3:f8:d1:55:86:99: 77:3c:ac:d1:73:72:f4:1c:05:8c:41:e4:ac:a1:cb: 50:79:18:32:60:6a:a0:39:d4:9e:01:6b:0c:1c:03: e9:73:05:fb:da:fd:2d:33:cf:51:f3:c0:28:a6:7f: 1d:c4:b7:a3:a0:6f:89:c8:9f:77:46:f1:b3:5f:e1: 33:5b:5f:d9:1d:22:49:ff:da:7e:d9:44:19:d7:10: d1:c7:a2:de:2f:68:78:fa:ac:cf:52:5c:4b:2c:89: 1c:d8:9d:4d:5d:a2:c5:5b:d7:a0:ff:c4:47:f7:ed: 78:df:dc:2a:13:14:ed:6f:6f:c2:92:d4:1e:6c:1c: 0b:00:0e:4f:1b:10:df:d1:31:a2:64:3b:df:c9:70: ef:02:ed:46:d4:80:f8:39:48:31:0e:f7:44:19:55: 17:59:dc:06:a8:6c:1f:fe:99:62:6c:99:b5:76:66: 66:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:3E:E7:C2:D2:4A:B1:21:12:63:BD:10:CF:BA:22:7B:56:21:BD:29 X509v3 Authority Key Identifier: keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:cf:83:9b:66:5c:96:42:02:8b:54:30:1b:36:6d:26:e4:9f: e0:81:a3:2e:28:29:8b:17:13:64:77:c5:ae:dc:80:0b:dc:dc: 77:9b:b8:8a:96:fa:ec:0c:41:e5:ce:6f:fc:35:30:d8:7f:71: a6:f6:fa:9b:96:25:b9:35:a9:cb:38:b6:d4:ad:83:51:7b:3a: 93:17:a0:a0:4f:53:57:ef:ec:88:f8:74:1f:04:69:ed:b1:33: ea:ba:3e:a5:7c:5e:26:e4:8d:22:2e:60:1c:be:e1:c2:f8:62: 4c:89:74:ee:4a:c9:86:e3:68:fd:00:cd:48:59:fe:a8:3c:d0: b7:bb:4a:c5:11:04:a9:6c:51:49:1a:bc:51:c0:b0:fe:4d:11: 56:ce:13:09:4a:01:ae:7f:91:e5:28:8f:9a:1d:1e:5b:cd:5d: 03:80:b2:f3:e6:93:da:e8:9e:ad:98:8b:ef:a8:c7:cc:62:0e: a4:b3:ed:19:8e:d4:c6:48:ff:a4:56:4a:12:6e:5d:32:3e:03: 6e:4d:3d:2b:4f:cb:90:41:2a:c6:96:67:c9:10:de:a5:63:2a: fb:e8:48:c8:d6:4d:bf:1a:2f:0c:80:77:e8:81:0b:fb:d4:83: 43:7b:f7:3f:4d:e3:0d:be:56:b5:55:eb:80:d4:ee:da:e4:26: c2:7c:c9:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHpqtaRDO6VfJMEc21gF8sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0 YWM3ODIwHhcNMjUxMjIyMjAwMTAzWhcNMjUxMjIzMjAwMTAzWjAzMTEwLwYDVQQD EyhmOTNlZTdjMmQyNGFiMTIxMTI2M2JkMTBjZmJhMjI3YjU2MjFiZDI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPJcVVGJMJFUJGRVwr3QuRtX3SBk Krb5++qY3hSoPW/0PKEyRhKSoAmqBDvr/VxVwV1iTSHvq+Xx5JCuyxq68OT72nAO pdP3M99tITvL1uYsEImz+NFVhpl3PKzRc3L0HAWMQeSsoctQeRgyYGqgOdSeAWsM HAPpcwX72v0tM89R88Aopn8dxLejoG+JyJ93RvGzX+EzW1/ZHSJJ/9p+2UQZ1xDR x6LeL2h4+qzPUlxLLIkc2J1NXaLFW9eg/8RH9+1439wqExTtb2/CktQebBwLAA5P GxDf0TGiZDvfyXDvAu1G1ID4OUgxDvdEGVUXWdwGqGwf/plibJm1dmZmVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPk+58LSSrEhEmO9EM+6IntWIb0pMB8GA1UdIwQY MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt MjI1NTU4NWRkZWNiLzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEM+Dm2Zc lkICi1QwGzZtJuSf4IGjLigpixcTZHfFrtyAC9zcd5u4ipb67AxB5c5v/DUw2H9x pvb6m5YluTWpyzi21K2DUXs6kxegoE9TV+/siPh0HwRp7bEz6ro+pXxeJuSNIi5g HL7hwvhiTIl07krJhuNo/QDNSFn+qDzQt7tKxREEqWxRSRq8UcCw/k0RVs4TCUoB rn+R5SiPmh0eW81dA4Cy8+aT2uierZiL76jHzGIOpLPtGY7Uxkj/pFZKEm5dMj4D bk09K0/LkEEqxpZnyRDepWMq++hIyNZNvxovDIB36IEL+9SDQ3v3P03jDb5WtVXr gNTu2uQmwnzJ8w== -----END CERTIFICATE-----Generated at Tue Dec 23 01:56:58 2025 by rpki-client