This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft File: JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json) Hash identifier: cnlHMR8gK+xmHlJm8jZiqwEtzDJz1z+m6XCSBNqlO8A= Subject key identifier: AC:5D:4C:4D:39:D0:EC:D1:8F:82:A2:87:AA:9C:A4:F9:8A:4E:F0:F5 Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27 Certificate issuer: /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27 Certificate serial: 019B187191B4F74EE0069A610CE37B44F12E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft Manifest number: 0915 Signing time: Sat 13 Dec 2025 16:00:54 +0000 Manifest this update: Sat 13 Dec 2025 16:00:54 +0000 Manifest next update: Sun 14 Dec 2025 16:00:54 +0000 Files and hashes: 1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: qoRmuliSRuPd6MjvbgOX8uabzOl19Emzo96HqjaeqBc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 16:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:71:91:b4:f7:4e:e0:06:9a:61:0c:e3:7b:44:f1:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27 Validity Not Before: Dec 13 16:00:54 2025 GMT Not After : Dec 14 16:00:54 2025 GMT Subject: CN=ac5d4c4d39d0ecd18f82a287aa9ca4f98a4ef0f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:8f:40:7b:1a:84:6d:16:c6:32:eb:53:d9:69: c6:95:c8:7c:f3:c5:18:26:12:f8:6d:33:b9:81:67: 79:51:90:25:ab:1b:d8:05:7a:77:29:e4:42:66:7d: de:0f:1b:a7:a3:20:c4:c6:95:0d:4e:4f:c7:83:d1: 33:e9:4d:4b:d4:5d:c1:76:2a:25:3e:f9:c4:16:60: f3:4d:7f:22:b5:6a:63:4e:85:db:fc:90:a0:98:32: 0a:00:d2:17:00:db:f7:fc:2c:e6:a5:7a:3b:06:fe: c2:53:72:5f:6a:33:5b:d5:ac:ae:ed:6c:82:da:1c: fc:88:5c:31:e7:5a:24:e1:ec:97:aa:a5:ed:0f:d5: 45:af:f2:69:61:61:0b:e4:27:a5:81:81:83:11:76: 59:0d:4a:37:5e:0b:45:ff:4e:22:cf:9e:d6:dd:e7: 63:92:4c:3c:59:4c:14:16:2c:9d:21:f2:cb:87:98: 01:18:dc:35:75:ff:c4:3d:d4:74:09:84:df:6c:6b: 1f:e4:8a:29:e3:b3:25:2a:cf:9c:55:e7:57:db:aa: 36:0d:85:df:39:b5:55:3c:d3:ad:99:b7:cf:41:85: 11:41:61:17:59:c7:52:4e:be:49:47:24:90:38:3f: 87:6c:d1:ab:90:a1:bf:2e:4b:fc:58:5e:73:c5:e5: d1:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:5D:4C:4D:39:D0:EC:D1:8F:82:A2:87:AA:9C:A4:F9:8A:4E:F0:F5 X509v3 Authority Key Identifier: keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:f1:21:55:ef:f5:61:15:da:a3:63:97:be:17:a1:b0:43:b9: 5d:89:74:9b:32:bd:99:6e:f7:32:42:e0:47:a0:52:b8:29:05: 1e:43:b2:7d:b7:b6:80:1f:12:f7:e4:b2:10:f1:fc:ab:98:5f: 67:49:8b:f1:74:ee:c9:be:d0:46:19:37:eb:32:6e:1c:89:56: 82:5e:e1:47:7b:21:e4:fe:63:b7:01:6c:d3:4b:36:54:be:18: 71:0f:77:ec:f5:0f:f3:9e:ae:95:75:0b:78:34:27:6c:a4:ed: f4:bb:1d:b7:ed:f0:6d:60:d2:7a:20:fc:40:58:a1:97:7a:d4: 6b:38:5b:48:b5:1f:53:ee:4e:36:cb:c2:28:12:0c:fe:9d:ef: fe:5f:d8:14:7a:49:b5:04:65:de:93:de:0c:93:1c:6e:8e:30: 8d:6d:d0:26:13:c2:c1:3c:ca:aa:da:54:e0:5d:d6:04:6e:4d: 41:85:23:7f:7c:98:d6:21:b1:c1:cf:56:47:cf:50:d7:2b:b4: 45:10:72:94:a5:3b:52:d7:14:57:eb:13:0b:8e:e1:0e:a0:ca: 7b:4c:3b:87:21:f3:82:ce:e2:ac:17:8b:9e:ce:ea:75:18:19: b0:9a:ec:a8:c7:05:c1:ff:65:aa:f2:b8:93:f1:03:33:25:76: 25:d5:5e:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsYcZG0907gBpphDON7RPEuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh N2JkMjcwHhcNMjUxMjEzMTYwMDU0WhcNMjUxMjE0MTYwMDU0WjAzMTEwLwYDVQQD EyhhYzVkNGM0ZDM5ZDBlY2QxOGY4MmEyODdhYTljYTRmOThhNGVmMGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY9AexqEbRbGMutT2WnGlch888UY JhL4bTO5gWd5UZAlqxvYBXp3KeRCZn3eDxunoyDExpUNTk/Hg9Ez6U1L1F3Bdiol PvnEFmDzTX8itWpjToXb/JCgmDIKANIXANv3/CzmpXo7Bv7CU3JfajNb1ayu7WyC 2hz8iFwx51ok4eyXqqXtD9VFr/JpYWEL5CelgYGDEXZZDUo3XgtF/04iz57W3edj kkw8WUwUFiydIfLLh5gBGNw1df/EPdR0CYTfbGsf5Iop47MlKs+cVedX26o2DYXf ObVVPNOtmbfPQYURQWEXWcdSTr5JRySQOD+HbNGrkKG/Lkv8WF5zxeXRXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKxdTE050OzRj4Kih6qcpPmKTvD1MB8GA1UdIwQY MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAvEhVe/1 YRXao2OXvhehsEO5XYl0mzK9mW73MkLgR6BSuCkFHkOyfbe2gB8S9+SyEPH8q5hf Z0mL8XTuyb7QRhk36zJuHIlWgl7hR3sh5P5jtwFs00s2VL4YcQ937PUP856ulXUL eDQnbKTt9Lsdt+3wbWDSeiD8QFihl3rUazhbSLUfU+5ONsvCKBIM/p3v/l/YFHpJ tQRl3pPeDJMcbo4wjW3QJhPCwTzKqtpU4F3WBG5NQYUjf3yY1iGxwc9WR89Q1yu0 RRBylKU7UtcUV+sTC47hDqDKe0w7hyHzgs7irBeLns7qdRgZsJrsqMcFwf9lqvK4 k/EDMyV2JdVexw== -----END CERTIFICATE-----Generated at Sun Dec 14 01:50:59 2025 by rpki-client