This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft File: JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json) Hash identifier: G1iIUQqDOw1QSGf80Vg93AQvjy7G2LluCNF2p+9rOcI= Subject key identifier: DF:DE:03:86:11:8C:C0:DB:DF:D8:53:C1:C7:1A:93:66:62:6F:29:4B Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9 Certificate issuer: /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9 Certificate serial: 019B59758EA96CF3314AD92F0899C2EA212B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft Manifest number: 1795 Signing time: Fri 26 Dec 2025 07:00:35 +0000 Manifest this update: Fri 26 Dec 2025 07:00:35 +0000 Manifest next update: Sat 27 Dec 2025 07:00:35 +0000 Files and hashes: 1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: RsE5cicrR1BhGhb25kfIiFhJU3W8gVA+2d84Ssr2/aQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:8e:a9:6c:f3:31:4a:d9:2f:08:99:c2:ea:21:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9 Validity Not Before: Dec 26 07:00:35 2025 GMT Not After : Dec 27 07:00:35 2025 GMT Subject: CN=dfde0386118cc0dbdfd853c1c71a9366626f294b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:4c:4f:59:9a:5e:2d:9a:ed:2b:81:e5:77:1a: ef:a5:99:5f:fa:76:31:b8:46:8f:5a:85:2b:c5:cb: ac:61:38:89:da:b0:aa:83:a3:53:89:6c:98:46:33: 77:fc:3f:a7:fe:ef:fd:b7:88:88:a8:a4:f1:7f:a4: 19:8e:c9:1b:13:53:36:83:47:f2:18:2b:cb:22:19: 53:33:fe:1e:22:b5:4f:5c:d0:96:2a:d3:c2:8f:c8: 55:ae:1b:62:32:3f:bc:b4:0d:51:93:ac:f3:ff:e2: c9:7b:9b:1b:1a:9f:cb:88:51:d1:09:68:d9:75:10: 71:19:a1:f5:30:bb:92:43:e3:72:70:cc:56:db:1e: 8d:3d:3b:9e:c6:a0:61:12:68:4a:ec:a3:28:f7:15: 49:a9:7a:9c:4d:b0:d9:13:66:b0:8f:fc:b4:36:68: 7e:40:71:0c:50:c8:23:7b:34:4b:61:e8:57:4d:89: 7a:1a:ed:ee:4a:61:55:02:de:f0:ed:8a:cb:ef:fd: ff:b7:6c:15:36:5c:e8:1b:e5:8a:9d:73:1b:74:df: 0a:f2:1a:66:89:5c:53:b1:76:a3:21:15:59:b2:9f: 1d:c4:dd:77:75:63:ed:74:89:00:15:97:dc:ab:15: 1b:ae:00:a0:03:f9:87:75:c7:d1:76:2c:75:66:87: 63:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:DE:03:86:11:8C:C0:DB:DF:D8:53:C1:C7:1A:93:66:62:6F:29:4B X509v3 Authority Key Identifier: keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:61:d7:c9:0f:66:43:4a:c3:3f:59:d5:df:80:9b:85:ed:9e: 3f:7e:98:05:79:b6:c3:3c:99:e1:02:51:0d:5d:98:89:91:ee: 63:70:7e:db:1a:02:55:e0:0b:32:3a:d8:82:20:68:e2:0b:fe: 33:6f:9b:a7:d0:7f:a6:4d:ac:af:1e:f5:c7:74:83:c8:ee:73: bd:02:59:95:a6:85:c4:0e:a0:dd:12:e1:e6:24:7b:4f:2d:05: 06:ef:a2:47:5d:92:4e:63:12:ca:d2:01:dc:89:99:d3:c3:d1: c2:78:23:be:d4:5b:33:70:c4:34:9d:a5:d3:fd:c0:5d:4a:e3: f1:3d:12:b9:cc:eb:c5:ab:96:e5:86:e5:ac:a9:b3:92:02:de: 48:1e:72:81:65:b1:81:5f:e1:2f:ae:cf:6d:e4:d0:18:0e:30: 02:9d:2a:ca:2b:ef:5c:b7:e8:2e:73:fa:c6:f1:7e:60:fa:7d: 6e:89:43:89:09:0d:31:6e:c8:08:bb:1b:63:21:d7:31:ec:45: e5:14:d9:e6:7d:bd:0e:f2:37:9e:66:85:a4:eb:fa:4e:e1:47: fd:bf:b8:12:da:9f:a6:45:31:10:aa:58:f9:22:20:13:4c:c2: 8f:c9:26:cc:c7:8f:1a:89:98:cd:2d:e7:78:ee:a3:21:14:38: a7:3b:df:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdY6pbPMxStkvCJnC6iErMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4 MmFmYjkwHhcNMjUxMjI2MDcwMDM1WhcNMjUxMjI3MDcwMDM1WjAzMTEwLwYDVQQD EyhkZmRlMDM4NjExOGNjMGRiZGZkODUzYzFjNzFhOTM2NjYyNmYyOTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0xPWZpeLZrtK4HldxrvpZlf+nYx uEaPWoUrxcusYTiJ2rCqg6NTiWyYRjN3/D+n/u/9t4iIqKTxf6QZjskbE1M2g0fy GCvLIhlTM/4eIrVPXNCWKtPCj8hVrhtiMj+8tA1Rk6zz/+LJe5sbGp/LiFHRCWjZ dRBxGaH1MLuSQ+NycMxW2x6NPTuexqBhEmhK7KMo9xVJqXqcTbDZE2awj/y0Nmh+ QHEMUMgjezRLYehXTYl6Gu3uSmFVAt7w7YrL7/3/t2wVNlzoG+WKnXMbdN8K8hpm iVxTsXajIRVZsp8dxN13dWPtdIkAFZfcqxUbrgCgA/mHdcfRdix1ZodjiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/eA4YRjMDb39hTwccak2ZibylLMB8GA1UdIwQY MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmHXyQ9m Q0rDP1nV34Cbhe2eP36YBXm2wzyZ4QJRDV2YiZHuY3B+2xoCVeALMjrYgiBo4gv+ M2+bp9B/pk2srx71x3SDyO5zvQJZlaaFxA6g3RLh5iR7Ty0FBu+iR12STmMSytIB 3ImZ08PRwngjvtRbM3DENJ2l0/3AXUrj8T0SuczrxauW5YblrKmzkgLeSB5ygWWx gV/hL67PbeTQGA4wAp0qyivvXLfoLnP6xvF+YPp9bolDiQkNMW7ICLsbYyHXMexF 5RTZ5n29DvI3nmaFpOv6TuFH/b+4EtqfpkUxEKpY+SIgE0zCj8kmzMePGomYzS3n eO6jIRQ4pzvfDg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:29 2025 by rpki-client