This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft File: J83PK9CaINK63Tq2yMft-h_Vwsw.mft (raw, json) Hash identifier: rVSHeRa0EaFl5hpz5m9+Li67U0A+5UQjbutpR005QAI= Subject key identifier: 75:60:75:E9:3D:FF:F2:CE:EE:BF:CD:2F:CE:5C:B4:C4:CC:28:88:10 Authority key identifier: 27:CD:CF:2B:D0:9A:20:D2:BA:DD:3A:B6:C8:C7:ED:FA:1F:D5:C2:CC Certificate issuer: /CN=27cdcf2bd09a20d2badd3ab6c8c7edfa1fd5c2cc Certificate serial: 019B5A5171FE329A57F1EA018EA89DCE6A49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft Manifest number: 04B1 Signing time: Fri 26 Dec 2025 11:00:45 +0000 Manifest this update: Fri 26 Dec 2025 11:00:45 +0000 Manifest next update: Sat 27 Dec 2025 11:00:45 +0000 Files and hashes: 1: J83PK9CaINK63Tq2yMft-h_Vwsw.crl (hash: 3suzcnQM4q/k6KZ76MzfZgCvlINgGmjmiScYmf9ly7U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.crl rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:71:fe:32:9a:57:f1:ea:01:8e:a8:9d:ce:6a:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27cdcf2bd09a20d2badd3ab6c8c7edfa1fd5c2cc Validity Not Before: Dec 26 11:00:45 2025 GMT Not After : Dec 27 11:00:45 2025 GMT Subject: CN=756075e93dfff2ceeebfcd2fce5cb4c4cc288810 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:28:82:2b:b8:e6:85:ec:36:29:7f:c1:d3:bf: 33:27:85:f6:75:8f:dc:36:6a:41:26:d0:29:a5:95: fb:99:6d:97:04:8c:21:6d:61:b4:1c:35:3e:e5:d4: 96:eb:5d:8d:59:45:b5:68:fc:88:54:ed:bf:9d:8d: 1c:c6:5e:b1:99:ca:74:87:85:1b:db:17:eb:a5:1b: f7:e3:05:af:ce:5d:60:a2:a2:7a:8c:83:b2:57:82: 65:ab:2e:d6:23:79:9a:72:bd:9d:08:da:10:1d:90: 99:ca:08:04:2f:6d:bc:52:4c:99:dd:e7:24:39:75: d6:7e:e8:68:1c:96:4f:a0:6c:ce:89:fb:31:9d:19: 20:00:74:eb:f3:e0:e2:cf:98:90:5a:e4:0a:51:50: e3:57:f9:f1:c6:94:15:d5:9d:3d:bf:bc:68:84:08: 9d:c6:9a:c1:05:8d:62:db:c9:26:d2:3e:10:53:a0: 7f:03:68:9f:ea:4d:90:6d:6f:ac:9a:0b:7d:a7:15: 8f:16:42:ee:6b:66:16:c6:ac:13:d0:bc:c7:2d:6e: 76:7d:01:68:17:c2:b5:58:e3:4e:a5:a2:93:f2:6e: 59:4f:21:74:ba:9d:c8:d3:6b:ae:b9:f0:69:7b:30: e2:82:4f:9f:bb:9f:37:77:04:33:b2:16:d7:1b:77: 6b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:60:75:E9:3D:FF:F2:CE:EE:BF:CD:2F:CE:5C:B4:C4:CC:28:88:10 X509v3 Authority Key Identifier: keyid:27:CD:CF:2B:D0:9A:20:D2:BA:DD:3A:B6:C8:C7:ED:FA:1F:D5:C2:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:41:37:6e:7a:df:2e:e3:ea:51:86:f0:61:4e:ff:3f:0b:4c: d5:b0:0a:72:41:ff:12:ac:d9:00:22:77:5d:ff:c8:ae:b8:be: 91:2c:6b:14:09:49:17:69:8c:06:b3:89:17:1e:57:4e:50:c8: 92:db:49:94:89:a1:4a:d6:21:8b:e8:5f:3d:32:c6:ba:a0:9a: a7:6a:9d:e6:6e:b9:d7:a7:39:96:c8:54:d3:27:c2:9d:9f:f2: 08:75:82:51:d3:28:16:db:8b:4d:ba:48:17:13:90:fc:c8:3e: ca:db:3d:cc:fa:16:a1:a1:c9:45:00:8e:88:4b:1f:52:38:17: c0:ba:a4:a9:4c:53:7d:df:09:f0:01:d9:56:3f:4a:57:e3:57: cf:fd:e5:91:22:a1:07:21:80:9f:fa:67:85:7e:6a:10:08:70: c3:aa:e4:0d:3c:41:fb:07:af:c9:93:2f:61:18:bc:f5:2b:f9: 26:c3:e7:b3:cc:39:56:ec:0d:04:9e:09:dd:df:cf:4a:f3:43: da:6c:d8:1a:d8:ab:00:5f:7a:3d:55:ef:15:1f:89:05:b5:80: f7:f7:0a:f8:7c:2f:89:64:4a:e7:e2:04:ec:d6:b8:19:a6:47: 5d:e9:74:44:40:a1:ba:ed:3c:b4:5b:90:d0:7d:ad:aa:5b:68: 73:17:34:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUXH+MppX8eoBjqidzmpJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3Y2RjZjJiZDA5YTIwZDJiYWRkM2FiNmM4YzdlZGZhMWZk NWMyY2MwHhcNMjUxMjI2MTEwMDQ1WhcNMjUxMjI3MTEwMDQ1WjAzMTEwLwYDVQQD Eyg3NTYwNzVlOTNkZmZmMmNlZWViZmNkMmZjZTVjYjRjNGNjMjg4ODEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyiCK7jmhew2KX/B078zJ4X2dY/c NmpBJtAppZX7mW2XBIwhbWG0HDU+5dSW612NWUW1aPyIVO2/nY0cxl6xmcp0h4Ub 2xfrpRv34wWvzl1goqJ6jIOyV4Jlqy7WI3macr2dCNoQHZCZyggEL228UkyZ3eck OXXWfuhoHJZPoGzOifsxnRkgAHTr8+Diz5iQWuQKUVDjV/nxxpQV1Z09v7xohAid xprBBY1i28km0j4QU6B/A2if6k2QbW+smgt9pxWPFkLua2YWxqwT0LzHLW52fQFo F8K1WONOpaKT8m5ZTyF0up3I02uuufBpezDigk+fu583dwQzshbXG3drQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHVgdek9//LO7r/NL85ctMTMKIgQMB8GA1UdIwQY MBaAFCfNzyvQmiDSut06tsjH7fof1cLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kMmJjOTAtMjk1MC00MzIyLWE5MmUt YzYzZmNkMDNhODliLzEvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9kMmJjOTAtMjk1MC00MzIyLWE5MmUtYzYzZmNkMDNhODli LzEvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkE3bnrf LuPqUYbwYU7/PwtM1bAKckH/EqzZACJ3Xf/Irri+kSxrFAlJF2mMBrOJFx5XTlDI kttJlImhStYhi+hfPTLGuqCap2qd5m6516c5lshU0yfCnZ/yCHWCUdMoFtuLTbpI FxOQ/Mg+yts9zPoWoaHJRQCOiEsfUjgXwLqkqUxTfd8J8AHZVj9KV+NXz/3lkSKh ByGAn/pnhX5qEAhww6rkDTxB+wevyZMvYRi89Sv5JsPns8w5VuwNBJ4J3d/PSvND 2mzYGtirAF96PVXvFR+JBbWA9/cK+HwviWRK5+IE7Na4GaZHXel0REChuu08tFuQ 0H2tqltocxc0wQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:26 2025 by rpki-client