This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json) Hash identifier: 75+jDx+sMIZU6zh7kYAz/MmTI4jndmwHVuW206iZv0E= Subject key identifier: BA:31:F1:56:1F:C7:5A:61:B5:F2:ED:1D:8D:5C:37:CD:59:AB:30:0B Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Certificate serial: 019B405ACE312C070D6B2D326F52C7F30B33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft Manifest number: 0DC4 Signing time: Sun 21 Dec 2025 10:00:51 +0000 Manifest this update: Sun 21 Dec 2025 10:00:51 +0000 Manifest next update: Mon 22 Dec 2025 10:00:51 +0000 Files and hashes: 1: 68-2o2gnqeFje-83JI2NL7vcFCs.roa (hash: 5XT1BGaZiWzYIBY9EJMQdD9z2CvFYvirF/G5S8/gceM=) 2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: lCCJiaV+7ubdaa9B6P6wzdfBBLfn5tDrWddJzQ72Amo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:ce:31:2c:07:0d:6b:2d:32:6f:52:c7:f3:0b:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Validity Not Before: Dec 21 10:00:51 2025 GMT Not After : Dec 22 10:00:51 2025 GMT Subject: CN=ba31f1561fc75a61b5f2ed1d8d5c37cd59ab300b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5a:42:d2:c0:cf:72:76:a0:71:75:08:a7:73: e5:8d:6f:7e:bb:bc:66:8b:44:c0:c9:1d:1f:b3:c5: e8:db:70:2e:d7:7a:3a:4c:75:7d:35:27:ee:1a:0b: 69:88:45:5f:13:79:0d:05:8a:71:6e:d0:ac:b9:91: f6:7c:d9:b9:8b:f4:0c:8a:30:e6:b8:14:35:15:9a: 09:78:1b:70:de:14:42:e0:61:10:22:f6:48:6d:dc: bd:b2:f7:58:9c:85:28:d8:b7:1f:94:86:91:62:2b: 35:a5:46:a0:d6:fa:9a:e8:63:42:a5:e4:37:a4:19: 43:13:42:6c:2b:e6:f9:7b:7b:15:3b:ed:50:96:16: ec:5d:65:fe:1a:c0:63:b9:e9:fe:cf:1d:57:f9:1a: 9e:bd:74:26:5c:c7:4f:07:30:89:d2:31:38:b6:49: fa:e5:d4:ba:8a:59:bf:a0:b8:6a:58:62:15:96:47: 3a:a2:a0:4f:52:cb:42:f3:85:33:d2:d9:88:bf:6f: 8e:01:b1:3e:72:11:70:48:12:13:ae:06:7f:84:b5: 09:07:66:27:74:9c:ba:02:dd:08:4b:40:39:6a:d4: 2d:89:65:9d:53:e1:34:53:ef:ea:6f:ad:bf:8b:9c: 72:f4:78:b9:16:74:a9:ce:de:61:95:cb:50:2c:d5: 6b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:31:F1:56:1F:C7:5A:61:B5:F2:ED:1D:8D:5C:37:CD:59:AB:30:0B X509v3 Authority Key Identifier: keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:35:b3:26:76:20:08:72:89:d8:79:07:06:c9:8a:28:7c:a1: 24:36:ae:fd:b4:bc:34:a0:52:a4:05:56:6b:57:a4:ea:ef:cc: 80:dd:82:dd:f7:19:30:fd:d2:a5:01:41:cc:49:bb:7b:6a:ab: 8d:02:94:6b:f7:ef:56:c7:57:73:8c:f7:42:b3:8b:c7:bd:06: bd:64:6c:4f:98:ef:d2:1c:1e:10:88:55:18:c2:d5:ef:23:0c: 19:71:7d:c2:f7:ee:50:47:5d:ee:e3:f7:87:70:e8:64:e5:26: d5:3d:ba:c4:1d:03:47:75:4a:27:97:ff:48:37:6b:f8:15:15: 23:99:0f:94:96:dc:07:4c:ad:29:45:aa:96:bf:99:92:04:db: d0:2d:bb:b7:ee:ba:d3:ef:fa:93:37:57:46:b5:ed:f0:3a:0d: 52:f0:0a:b1:05:02:1e:9e:f2:24:58:f0:be:3c:98:b5:63:10: 13:73:b4:6c:27:77:c8:72:db:91:7f:45:52:32:4b:23:72:02: 55:24:cf:97:70:73:59:f2:98:62:37:4d:9a:73:e8:91:21:14: 06:3d:15:71:59:77:7e:e3:4f:0a:8e:89:7d:1f:32:d0:40:e7: ff:d7:39:87:5f:ee:97:0d:ae:da:86:dd:d0:46:e2:f0:68:e8: 4b:b3:8f:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWs4xLAcNay0yb1LH8wszMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy MDQyNDIwHhcNMjUxMjIxMTAwMDUxWhcNMjUxMjIyMTAwMDUxWjAzMTEwLwYDVQQD EyhiYTMxZjE1NjFmYzc1YTYxYjVmMmVkMWQ4ZDVjMzdjZDU5YWIzMDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFpC0sDPcnagcXUIp3PljW9+u7xm i0TAyR0fs8Xo23Au13o6THV9NSfuGgtpiEVfE3kNBYpxbtCsuZH2fNm5i/QMijDm uBQ1FZoJeBtw3hRC4GEQIvZIbdy9svdYnIUo2LcflIaRYis1pUag1vqa6GNCpeQ3 pBlDE0JsK+b5e3sVO+1QlhbsXWX+GsBjuen+zx1X+RqevXQmXMdPBzCJ0jE4tkn6 5dS6ilm/oLhqWGIVlkc6oqBPUstC84Uz0tmIv2+OAbE+chFwSBITrgZ/hLUJB2Yn dJy6At0IS0A5atQtiWWdU+E0U+/qb62/i5xy9Hi5FnSpzt5hlctQLNVr/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLox8VYfx1phtfLtHY1cN81ZqzALMB8GA1UdIwQY MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjWzJnYg CHKJ2HkHBsmKKHyhJDau/bS8NKBSpAVWa1ek6u/MgN2C3fcZMP3SpQFBzEm7e2qr jQKUa/fvVsdXc4z3QrOLx70GvWRsT5jv0hweEIhVGMLV7yMMGXF9wvfuUEdd7uP3 h3DoZOUm1T26xB0DR3VKJ5f/SDdr+BUVI5kPlJbcB0ytKUWqlr+ZkgTb0C27t+66 0+/6kzdXRrXt8DoNUvAKsQUCHp7yJFjwvjyYtWMQE3O0bCd3yHLbkX9FUjJLI3IC VSTPl3BzWfKYYjdNmnPokSEUBj0VcVl3fuNPCo6JfR8y0EDn/9c5h1/ulw2u2obd 0Ebi8GjoS7OPyQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:29:52 2025 by rpki-client