This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft File: JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft (raw, json) Hash identifier: VYSAGEMy3KShz6+3sDJzIdbxWQg3YvriLt+rE06SFfw= Subject key identifier: 64:2F:A4:0C:86:14:E9:AE:CC:66:1A:40:55:C2:00:DA:38:0E:77:9F Authority key identifier: 25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04 Certificate issuer: /CN=255876412d20fbb6cab823481782ac47703b4404 Certificate serial: 019B077E0E3A558E94E75204B1C69A3026BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft Manifest number: 0442 Signing time: Wed 10 Dec 2025 09:01:00 +0000 Manifest this update: Wed 10 Dec 2025 09:01:00 +0000 Manifest next update: Thu 11 Dec 2025 09:01:00 +0000 Files and hashes: 1: 8g-49_qQ3fcAAr8ogKNyJYRIsqM.roa (hash: YUM8nQydrUaGiZYWfH9e5CkG/0ZnMAVKiwEv7wrrmyU=) 2: HL_391YyhybjwJ74kNKee4Xme30.roa (hash: SKqvmhnXy6lVHKlIjthvO2Ffcm5YC3y5BAN0frkvak8=) 3: JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl (hash: PO7aj722B1hLohfpJrDc5lJRh6KiD8O+eeX+vRvHHkw=) 4: UFzq6HTzLsKXQDiIwbMVwsSvCKE.roa (hash: SkcdE34ZRnlvciguMZx89azOscHKjWKi4kmUM6ce2ek=) 5: Vf3C3nEL83KU-t7pLCkbgpiASsA.roa (hash: 6SosAmZB67F6Q5qUy5fWvfEJcjGr5qv93jKtlhRr2es=) 6: b37yA0vBw9z9NXOjP3ngOC-nsdQ.roa (hash: xnMkc8ma8YV2ulWTsjtILbYV33NvcPwQMYE2M0mdniE=) 7: evsBxqfpyH3zHvt0KdEDbPjJt40.roa (hash: vsA8eWY0hm6KpE4+4Kq5HkaUgEZIYMzjLRq48DP4yG4=) 8: hp0pLX_QGiWhiOhgc-g-g3McIzI.roa (hash: iRmxgVLqjy7bOiMWp10+U3a2wekQwe0YpGsmUpp/wOw=) 9: lwlNrqm3r8NOZc8muUo80fFlOeY.roa (hash: FfJzjpvXZQfdbT9Lc8mjBM1Q8TX5WkjUXsorwJal9Zo=) 10: pu4GRTEZI-DDS8alCpZhtqjD728.roa (hash: 4gymL9RPKKRX/UazcJNoKfCcQGjN640R8KkZ8YDasZ0=) 11: r6VOlpU6VgL1WVlEQKIIOdFJ6jc.roa (hash: qZ5211k3RJOzvqXcolh5rN4QAkWpCPQgoaSC1kNOR9w=) 12: zB7jZpVQ6_QohXb9Ts1uTCDa9vc.roa (hash: G92uGtD4p7P9jynyu17jJLaD0YzUsjPpS9i4T5WM4LU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 09:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:07:7e:0e:3a:55:8e:94:e7:52:04:b1:c6:9a:30:26:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=255876412d20fbb6cab823481782ac47703b4404 Validity Not Before: Dec 10 09:01:00 2025 GMT Not After : Dec 11 09:01:00 2025 GMT Subject: CN=642fa40c8614e9aecc661a4055c200da380e779f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:76:c5:e8:21:ba:06:3c:58:39:d1:51:a3:68: 55:07:e5:4b:cc:ba:0a:d6:35:d3:bd:84:b2:c8:7b: bf:ba:41:d4:df:b0:7b:41:68:8f:a7:cf:d6:12:14: 01:6f:08:9b:54:99:f8:f8:1b:bb:23:c8:f0:fc:07: 1d:90:4d:db:37:c6:ff:9b:b5:08:bd:62:e0:16:3b: 4f:65:65:20:ba:dd:ee:29:9c:20:cd:b1:b8:b3:d7: 8c:94:50:c0:fa:c5:76:dc:83:57:ce:4f:e4:9f:b0: 64:f0:f7:ba:79:5f:0e:a8:5d:0b:b9:71:de:52:d4: 74:aa:d2:ee:54:a5:81:06:01:30:30:20:14:a0:d9: 5b:c0:11:ce:87:6c:63:08:f9:a5:6a:6f:06:a0:81: 6c:25:29:43:22:d4:5e:96:c9:f9:cc:70:68:43:06: af:b4:0b:14:24:34:7c:2e:05:55:81:bd:12:cd:0e: c6:b0:d8:20:48:98:16:ba:e3:87:e2:21:85:59:d9: b1:01:51:f4:2b:58:29:31:59:b9:ea:4d:ad:7a:40: 76:28:81:a8:0c:98:f5:54:ab:11:a2:a3:00:9c:5b: 64:3e:94:ce:ca:c0:46:88:55:ad:44:8a:01:0e:bd: 01:52:de:bc:2e:8b:a4:90:28:38:30:10:52:49:de: b4:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:2F:A4:0C:86:14:E9:AE:CC:66:1A:40:55:C2:00:DA:38:0E:77:9F X509v3 Authority Key Identifier: keyid:25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:65:a4:61:87:79:3b:d5:f0:09:f7:98:cf:f1:c4:90:6e:06: ec:20:67:6c:b0:b9:ad:b3:96:3e:a1:3d:5a:f9:3e:0b:76:ff: 61:04:12:f2:36:0b:a2:3a:e1:e0:56:7c:49:19:5c:9d:ca:cb: 4a:5a:fb:3b:b9:3a:9e:92:b9:16:cc:db:82:5f:93:c1:6e:80: ac:bb:3d:c7:5a:62:a7:de:1a:84:78:18:10:37:95:2d:1b:ff: 4a:51:5f:2c:e1:4c:ce:99:ae:65:c0:0e:cd:a8:c4:12:81:e4: d1:2f:54:65:d0:d6:38:d2:63:c8:0b:a3:33:bb:7c:5a:c7:46: ab:01:5b:d4:34:98:8f:68:f2:93:49:36:e9:7e:70:7c:71:bf: 9e:4b:65:2d:e6:f9:0a:c6:55:dd:a1:da:4b:d0:d8:35:bf:c0: 70:50:21:2a:6e:2e:44:89:e1:5a:ef:4b:3b:d3:b1:72:3a:58: 41:e4:e5:97:ee:1a:02:5e:59:ff:9b:d8:0c:2b:71:a7:bf:c8: d8:59:64:d0:e1:b0:f0:95:88:bc:af:0b:b9:e4:c5:41:d0:67: e5:c5:e1:f4:42:ee:d8:8b:c7:24:bc:ea:27:84:07:c9:fc:bb: 3d:52:95:05:c3:f8:7d:95:cf:0e:37:1f:cf:3b:89:3c:a7:37: 8e:26:b0:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsHfg46VY6U51IEscaaMCa8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1NTg3NjQxMmQyMGZiYjZjYWI4MjM0ODE3ODJhYzQ3NzAz YjQ0MDQwHhcNMjUxMjEwMDkwMTAwWhcNMjUxMjExMDkwMTAwWjAzMTEwLwYDVQQD Eyg2NDJmYTQwYzg2MTRlOWFlY2M2NjFhNDA1NWMyMDBkYTM4MGU3NzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXbF6CG6BjxYOdFRo2hVB+VLzLoK 1jXTvYSyyHu/ukHU37B7QWiPp8/WEhQBbwibVJn4+Bu7I8jw/AcdkE3bN8b/m7UI vWLgFjtPZWUgut3uKZwgzbG4s9eMlFDA+sV23INXzk/kn7Bk8Pe6eV8OqF0LuXHe UtR0qtLuVKWBBgEwMCAUoNlbwBHOh2xjCPmlam8GoIFsJSlDItRelsn5zHBoQwav tAsUJDR8LgVVgb0SzQ7GsNggSJgWuuOH4iGFWdmxAVH0K1gpMVm56k2tekB2KIGo DJj1VKsRoqMAnFtkPpTOysBGiFWtRIoBDr0BUt68LoukkCg4MBBSSd60UQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGQvpAyGFOmuzGYaQFXCANo4DnefMB8GA1UdIwQY MBaAFCVYdkEtIPu2yrgjSBeCrEdwO0QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEt ODc2YzdmY2E0YjM0LzEvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEtODc2YzdmY2E0YjM0 LzEvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvGWkYYd5 O9XwCfeYz/HEkG4G7CBnbLC5rbOWPqE9Wvk+C3b/YQQS8jYLojrh4FZ8SRlcncrL Slr7O7k6npK5Fszbgl+TwW6ArLs9x1pip94ahHgYEDeVLRv/SlFfLOFMzpmuZcAO zajEEoHk0S9UZdDWONJjyAujM7t8WsdGqwFb1DSYj2jyk0k26X5wfHG/nktlLeb5 CsZV3aHaS9DYNb/AcFAhKm4uRInhWu9LO9OxcjpYQeTll+4aAl5Z/5vYDCtxp7/I 2Flk0OGw8JWIvK8LueTFQdBn5cXh9ELu2IvHJLzqJ4QHyfy7PVKVBcP4fZXPDjcf zzuJPKc3jiawrw== -----END CERTIFICATE-----Generated at Wed Dec 10 16:31:47 2025 by rpki-client