This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft File: JTncEcLyIukQROG-eygeV23u5Fs.mft (raw, json) Hash identifier: sKtBlkC+9pfpzER8TfbDaWhtyLwV+yxRw6k1eqnXOS0= Subject key identifier: 4B:5C:85:DA:58:C5:03:8C:9F:8B:D7:A5:57:23:24:D5:66:51:FE:54 Authority key identifier: 25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B Certificate issuer: /CN=2539dc11c2f222e91044e1be7b281e576deee45b Certificate serial: 019B59AC8D5A294A4E08C5E0DE6704FA2D79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft Manifest number: 026D Signing time: Fri 26 Dec 2025 08:00:39 +0000 Manifest this update: Fri 26 Dec 2025 08:00:39 +0000 Manifest next update: Sat 27 Dec 2025 08:00:39 +0000 Files and hashes: 1: JTncEcLyIukQROG-eygeV23u5Fs.crl (hash: NV9W7wjDl2EzH4NSkRujXK0eJoFWp8ZtNSsdPmmfUfI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:8d:5a:29:4a:4e:08:c5:e0:de:67:04:fa:2d:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2539dc11c2f222e91044e1be7b281e576deee45b Validity Not Before: Dec 26 08:00:39 2025 GMT Not After : Dec 27 08:00:39 2025 GMT Subject: CN=4b5c85da58c5038c9f8bd7a5572324d56651fe54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ec:2d:1c:97:82:ac:24:19:84:23:4e:84:e6: 9c:4a:64:4d:eb:e3:c0:6d:ce:73:86:d6:7f:3c:4c: 84:1a:d8:e7:b5:48:ba:b5:63:f5:43:bf:d0:6c:d2: 66:9a:8a:68:b6:5f:4f:15:b0:e5:4d:9f:b9:8f:c1: 4a:18:2f:a5:b0:8a:4e:cb:2c:11:80:b0:9c:04:1e: d0:da:f5:3b:a8:34:77:11:44:b5:da:9b:cc:1b:97: 00:0c:ec:22:90:0e:de:62:4e:9c:60:78:3a:50:2a: e7:4d:de:0f:32:10:59:11:ae:7d:2e:a1:ec:ae:3a: 5a:88:9a:0b:ff:67:f8:2c:42:a5:7e:41:77:36:9d: 9a:bb:7d:eb:fe:3b:08:76:bb:f9:80:5d:2c:f5:4f: 53:fa:06:f1:4c:b9:19:dd:f6:d9:2e:0c:5a:e7:bf: 35:b1:47:02:9f:c6:61:6c:64:74:e6:25:3f:92:8b: 27:2d:57:b9:66:79:19:8b:26:b6:79:36:70:81:1e: af:43:c1:fa:9b:4f:d8:03:bb:12:f9:1b:49:2c:e6: b9:9c:3e:e4:6e:5f:ce:52:1b:3f:12:52:9f:4b:d1: 28:fb:a2:de:18:86:24:85:da:7d:27:65:94:1d:47: 02:34:db:95:dc:36:bc:a5:6a:f5:fc:c8:8c:7d:f6: b2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:5C:85:DA:58:C5:03:8C:9F:8B:D7:A5:57:23:24:D5:66:51:FE:54 X509v3 Authority Key Identifier: keyid:25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:a3:ed:7a:6c:08:db:2a:02:9f:c9:cf:0d:4c:11:5c:f0:f7: 75:f0:8e:c9:60:8c:9c:61:16:ab:0c:b1:59:ba:7f:7d:c8:1e: 6a:b2:ca:9f:bd:12:98:66:83:61:e8:ca:b1:03:4c:5f:ae:83: ce:a1:2d:96:41:6d:d3:aa:df:27:ec:3a:6a:98:6a:a4:86:b5: ee:7a:9d:c4:16:f2:0c:ea:88:43:71:c6:21:a6:3f:49:8b:35: 81:16:4f:0f:9b:8d:dd:96:34:1e:3f:15:d8:06:16:65:d7:3c: 75:96:f6:5e:54:3d:6f:b7:64:4d:06:98:f1:56:c8:65:bb:bc: 54:fb:6b:57:97:2e:e9:54:a7:4d:14:4c:0d:8f:be:fc:22:c6: 2d:d5:eb:38:b3:f4:6d:e0:c0:f2:16:64:51:b8:fc:ff:ed:ba: ba:a0:89:2a:05:1d:f5:fa:93:93:ec:8d:58:86:83:d6:cf:4b: d9:2e:e5:9b:3b:37:f9:08:a1:3f:ff:d3:59:71:f6:ba:ae:10: 6a:d6:24:fb:69:03:c4:25:27:66:c1:44:c8:ae:2e:e3:f9:53: f6:ef:0f:ee:0f:f0:07:27:80:a6:5e:41:a3:86:f5:13:4a:39: 42:28:4a:17:7e:44:ab:c9:50:6b:65:4a:57:13:0a:2f:99:88: 3c:e0:b5:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrI1aKUpOCMXg3mcE+i15MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MzlkYzExYzJmMjIyZTkxMDQ0ZTFiZTdiMjgxZTU3NmRl ZWU0NWIwHhcNMjUxMjI2MDgwMDM5WhcNMjUxMjI3MDgwMDM5WjAzMTEwLwYDVQQD Eyg0YjVjODVkYTU4YzUwMzhjOWY4YmQ3YTU1NzIzMjRkNTY2NTFmZTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+wtHJeCrCQZhCNOhOacSmRN6+PA bc5zhtZ/PEyEGtjntUi6tWP1Q7/QbNJmmopotl9PFbDlTZ+5j8FKGC+lsIpOyywR gLCcBB7Q2vU7qDR3EUS12pvMG5cADOwikA7eYk6cYHg6UCrnTd4PMhBZEa59LqHs rjpaiJoL/2f4LEKlfkF3Np2au33r/jsIdrv5gF0s9U9T+gbxTLkZ3fbZLgxa5781 sUcCn8ZhbGR05iU/kosnLVe5ZnkZiya2eTZwgR6vQ8H6m0/YA7sS+RtJLOa5nD7k bl/OUhs/ElKfS9Eo+6LeGIYkhdp9J2WUHUcCNNuV3Da8pWr1/MiMffayRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEtchdpYxQOMn4vXpVcjJNVmUf5UMB8GA1UdIwQY MBaAFCU53BHC8iLpEEThvnsoHldt7uRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUt MGZjOGRhMDUwM2M5LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUtMGZjOGRhMDUwM2M5 LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHKPtemwI 2yoCn8nPDUwRXPD3dfCOyWCMnGEWqwyxWbp/fcgearLKn70SmGaDYejKsQNMX66D zqEtlkFt06rfJ+w6aphqpIa17nqdxBbyDOqIQ3HGIaY/SYs1gRZPD5uN3ZY0Hj8V 2AYWZdc8dZb2XlQ9b7dkTQaY8VbIZbu8VPtrV5cu6VSnTRRMDY++/CLGLdXrOLP0 beDA8hZkUbj8/+26uqCJKgUd9fqTk+yNWIaD1s9L2S7lmzs3+QihP//TWXH2uq4Q atYk+2kDxCUnZsFEyK4u4/lT9u8P7g/wByeApl5Bo4b1E0o5QihKF35Eq8lQa2VK VxMKL5mIPOC1MQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:22 2025 by rpki-client