This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft File: Jnzx804vAQuQLcFCRVtrtzJs8I0.mft (raw, json) Hash identifier: +muUrpNJb6qQGOwaIVUk7toT0x7Y7jGNFEeP9S2cb00= Subject key identifier: 20:25:9E:69:51:82:53:95:3F:64:83:76:0D:10:20:A8:33:AF:45:24 Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D Certificate issuer: /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d Certificate serial: 019B194D7F47542EDD72458DB670771080B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft Manifest number: 1777 Signing time: Sat 13 Dec 2025 20:01:07 +0000 Manifest this update: Sat 13 Dec 2025 20:01:07 +0000 Manifest next update: Sun 14 Dec 2025 20:01:07 +0000 Files and hashes: 1: Jnzx804vAQuQLcFCRVtrtzJs8I0.crl (hash: ldyn3xVysusCi8PGrCtbyr1/KDyIjQBD7wIhHUE1aek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:4d:7f:47:54:2e:dd:72:45:8d:b6:70:77:10:80:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d Validity Not Before: Dec 13 20:01:07 2025 GMT Not After : Dec 14 20:01:07 2025 GMT Subject: CN=20259e69518253953f6483760d1020a833af4524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:24:0f:b6:60:41:d3:9e:30:e7:05:b4:23:27: 7c:75:76:82:48:83:b7:21:9b:e5:8b:8d:19:98:04: 66:ec:dc:cb:d3:a0:85:e1:cb:d0:ed:00:5c:86:9e: 55:f7:dc:50:ed:35:b8:2f:17:d3:81:54:63:bc:72: 7f:85:cd:6d:d4:e2:ed:37:be:83:8f:28:d8:21:1b: 86:38:7d:11:c1:95:a3:ee:64:76:2f:38:93:7c:be: 1b:94:a5:1f:9a:87:f5:a8:fa:23:1c:0c:83:f3:6b: 73:c9:5d:e5:6c:64:cc:81:e4:e1:5f:22:be:e7:28: 8a:45:54:11:a5:a6:42:1e:73:7c:23:18:fb:22:54: d3:8e:61:e9:5e:9d:e8:a5:7b:63:98:c1:45:f1:fb: a6:4a:5a:8d:60:50:24:e8:ce:bd:e8:d0:73:b8:f3: b1:44:63:55:12:30:58:fa:3d:b8:f7:35:5f:1b:f0: 42:f9:9c:72:fc:ed:53:12:5d:55:e2:24:b7:a4:38: ae:b1:9c:f4:45:bf:6b:2d:2d:60:0c:04:d4:f9:93: 34:91:2c:7e:2b:1a:4c:37:b4:d1:01:4e:67:04:1d: b1:87:0e:12:4f:cc:75:b1:af:98:21:dc:5c:8f:c9: 97:78:ab:8e:a8:9a:e7:7b:51:c0:34:97:62:ed:44: b4:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:25:9E:69:51:82:53:95:3F:64:83:76:0D:10:20:A8:33:AF:45:24 X509v3 Authority Key Identifier: keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:5d:54:ce:ce:df:77:96:79:ab:41:bb:00:6f:e1:27:7a:a6: 28:b6:63:e9:4d:0c:27:f6:c6:dc:7c:3e:2e:cd:60:b7:7a:03: 8c:51:0a:75:d1:4d:d0:7a:49:41:92:d7:ca:cc:7c:7c:43:96: 00:83:59:41:11:69:2c:bb:83:d1:bf:0f:1f:93:bb:10:7e:6a: 17:51:ab:3c:66:13:93:3d:92:83:0c:9c:6b:c2:0c:dd:6f:e0: 6d:2e:3e:c5:7e:08:19:76:9c:7f:11:3e:39:be:75:71:04:5f: 5b:76:88:6e:64:48:43:02:e1:e1:4d:c1:4d:fd:9d:49:6b:30: e3:52:d4:a3:52:cc:69:ec:77:5e:0e:14:40:59:3c:f8:ef:98: a7:00:33:74:fa:cd:2e:0f:bf:9d:74:aa:5f:9e:af:33:90:7e: 76:cd:83:1d:3f:89:3d:64:74:77:e7:7b:7e:92:06:09:7f:11: e4:43:c6:d0:c1:24:c2:e0:9f:cb:51:cd:7f:08:4a:3e:6f:15: 32:73:f7:c4:a3:9d:ac:69:9e:e6:a7:7e:87:83:77:06:c3:01: a4:63:a6:61:1b:d6:c2:5c:1b:26:e0:f3:a6:ae:00:7b:04:22: 0a:18:af:cf:8c:c6:a9:23:48:12:0d:cb:d5:ac:04:47:7d:cd: e7:7e:85:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZTX9HVC7dckWNtnB3EIC3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2N2NmMWYzNGUyZjAxMGI5MDJkYzE0MjQ1NWI2YmI3MzI2 Y2YwOGQwHhcNMjUxMjEzMjAwMTA3WhcNMjUxMjE0MjAwMTA3WjAzMTEwLwYDVQQD EygyMDI1OWU2OTUxODI1Mzk1M2Y2NDgzNzYwZDEwMjBhODMzYWY0NTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iQPtmBB054w5wW0Iyd8dXaCSIO3 IZvli40ZmARm7NzL06CF4cvQ7QBchp5V99xQ7TW4LxfTgVRjvHJ/hc1t1OLtN76D jyjYIRuGOH0RwZWj7mR2LziTfL4blKUfmof1qPojHAyD82tzyV3lbGTMgeThXyK+ 5yiKRVQRpaZCHnN8Ixj7IlTTjmHpXp3opXtjmMFF8fumSlqNYFAk6M696NBzuPOx RGNVEjBY+j249zVfG/BC+Zxy/O1TEl1V4iS3pDiusZz0Rb9rLS1gDATU+ZM0kSx+ KxpMN7TRAU5nBB2xhw4ST8x1sa+YIdxcj8mXeKuOqJrne1HANJdi7US0ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCAlnmlRglOVP2SDdg0QIKgzr0UkMB8GA1UdIwQY MBaAFCZ88fNOLwELkC3BQkVba7cybPCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgt MDExYjQ1MWI0NWI0LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgtMDExYjQ1MWI0NWI0 LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXV1Uzs7f d5Z5q0G7AG/hJ3qmKLZj6U0MJ/bG3Hw+Ls1gt3oDjFEKddFN0HpJQZLXysx8fEOW AINZQRFpLLuD0b8PH5O7EH5qF1GrPGYTkz2Sgwyca8IM3W/gbS4+xX4IGXacfxE+ Ob51cQRfW3aIbmRIQwLh4U3BTf2dSWsw41LUo1LMaex3Xg4UQFk8+O+YpwAzdPrN Lg+/nXSqX56vM5B+ds2DHT+JPWR0d+d7fpIGCX8R5EPG0MEkwuCfy1HNfwhKPm8V MnP3xKOdrGme5qd+h4N3BsMBpGOmYRvWwlwbJuDzpq4AewQiChivz4zGqSNIEg3L 1awER33N536FCw== -----END CERTIFICATE-----Generated at Sun Dec 14 03:29:43 2025 by rpki-client