This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft File: j3phc572fsR6X9EOVvx6NNy3PHA.mft (raw, json) Hash identifier: asKYBG+hIf63y9gCZN9e6r6T6fgcp73pNHxzwspJQbg= Subject key identifier: B6:21:61:59:F0:53:C4:B8:8D:1F:E1:CC:E9:CA:FC:34:B7:EB:B5:5F Authority key identifier: 8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70 Certificate issuer: /CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70 Certificate serial: 019B3757D6E6D5FE270CE2623F4F89591BED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft Manifest number: 0FD8 Signing time: Fri 19 Dec 2025 16:01:02 +0000 Manifest this update: Fri 19 Dec 2025 16:01:02 +0000 Manifest next update: Sat 20 Dec 2025 16:01:02 +0000 Files and hashes: 1: j3phc572fsR6X9EOVvx6NNy3PHA.crl (hash: LgNid8DIu/AMhfeqf5LitM2fs9IA9iPELZtXrq7cl9c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:57:d6:e6:d5:fe:27:0c:e2:62:3f:4f:89:59:1b:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70 Validity Not Before: Dec 19 16:01:02 2025 GMT Not After : Dec 20 16:01:02 2025 GMT Subject: CN=b6216159f053c4b88d1fe1cce9cafc34b7ebb55f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:db:40:78:b0:f0:e2:b1:e2:13:6e:c4:5f:92: e9:81:91:4b:07:5b:39:67:3e:99:7e:3d:1d:7b:d8: f8:64:f5:5e:a9:33:c0:21:b3:40:32:df:c9:bb:dc: 80:71:55:07:49:c7:6f:4b:14:93:92:8e:55:e0:ff: 89:33:04:2f:0a:65:f1:f1:7a:6e:37:1f:82:c5:6d: 7b:53:b6:a3:04:4e:3a:6d:92:71:92:db:c0:76:4a: 92:a4:d6:e2:8e:9b:27:25:a4:6f:04:ee:c8:f9:9d: f2:e8:d0:68:0f:12:c2:66:9f:5a:15:45:c2:c5:a8: 51:b5:e9:93:76:20:2b:45:40:3d:9f:fe:dc:d7:6c: 97:16:89:90:a6:f1:2c:7b:02:02:5c:97:4f:d7:59: 0b:df:b2:2d:09:97:4c:fd:5a:49:1a:e9:49:3d:9f: 72:94:66:b9:2f:bb:72:cb:09:74:73:c6:c7:1a:db: 65:c9:bf:9f:67:74:cc:a4:71:b9:e5:ab:52:c4:ac: 65:7d:2b:14:49:e8:c4:81:83:b9:6d:2e:79:8d:8e: c9:67:d2:ee:ab:d2:ea:d8:48:7d:10:e6:a0:bc:5c: d6:9b:ee:ef:26:76:d2:b9:74:f3:b2:c2:7b:93:ca: 55:cc:0e:fc:49:d2:c6:2c:69:a4:d3:7a:d0:9c:aa: 29:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:21:61:59:F0:53:C4:B8:8D:1F:E1:CC:E9:CA:FC:34:B7:EB:B5:5F X509v3 Authority Key Identifier: keyid:8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:da:0f:2f:cd:c1:10:d8:47:94:a2:1f:03:93:c5:7e:d4:53: 6b:72:55:96:87:4e:92:a3:f7:43:ed:4a:bd:35:93:a4:9e:e9: 91:e9:6c:c8:fa:5c:82:7a:94:75:a0:38:b4:55:1b:75:00:64: 6f:a8:20:f5:fa:b8:2a:22:7c:c2:a5:b4:59:1f:e7:07:77:b2: 5d:c7:aa:6a:74:fc:af:f3:fd:f4:2e:5d:fe:2c:52:04:26:29: 45:2e:fc:2c:3f:b9:86:a9:5e:51:f7:4e:9b:4f:25:e5:cd:e2: ed:cc:f4:7c:84:50:49:63:5c:85:32:c8:68:c2:40:c9:20:3f: fe:21:f6:b1:35:1e:6c:9d:8e:5e:d3:b7:f1:e7:36:4d:84:3c: 65:c3:0c:8b:52:1b:01:9b:cc:45:2c:74:28:d4:81:3d:b0:c2: 91:8e:d7:26:25:57:e2:fb:7b:8f:7f:ec:52:18:62:85:b7:45: 06:71:c7:a4:74:eb:71:19:78:a1:09:05:e8:63:a0:20:89:10: 32:18:bd:9e:fe:18:d1:4e:d3:7a:56:66:0f:7c:a9:97:44:25: 5c:71:b1:19:02:54:37:92:10:35:5e:5e:25:60:32:21:16:8f: c7:69:fb:4e:6a:52:91:83:75:db:df:fe:3f:fc:53:1f:f8:49: 5b:89:af:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3V9bm1f4nDOJiP0+JWRvtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmN2E2MTczOWVmNjdlYzQ3YTVmZDEwZTU2ZmM3YTM0ZGNi NzNjNzAwHhcNMjUxMjE5MTYwMTAyWhcNMjUxMjIwMTYwMTAyWjAzMTEwLwYDVQQD EyhiNjIxNjE1OWYwNTNjNGI4OGQxZmUxY2NlOWNhZmMzNGI3ZWJiNTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dtAeLDw4rHiE27EX5LpgZFLB1s5 Zz6Zfj0de9j4ZPVeqTPAIbNAMt/Ju9yAcVUHScdvSxSTko5V4P+JMwQvCmXx8Xpu Nx+CxW17U7ajBE46bZJxktvAdkqSpNbijpsnJaRvBO7I+Z3y6NBoDxLCZp9aFUXC xahRtemTdiArRUA9n/7c12yXFomQpvEsewICXJdP11kL37ItCZdM/VpJGulJPZ9y lGa5L7tyywl0c8bHGttlyb+fZ3TMpHG55atSxKxlfSsUSejEgYO5bS55jY7JZ9Lu q9Lq2Eh9EOagvFzWm+7vJnbSuXTzssJ7k8pVzA78SdLGLGmk03rQnKopTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYhYVnwU8S4jR/hzOnK/DS367VfMB8GA1UdIwQY MBaAFI96YXOe9n7Eel/RDlb8ejTctzxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUt NzM4OTQwODEwYWRmLzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUtNzM4OTQwODEwYWRm LzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9oPL83B ENhHlKIfA5PFftRTa3JVlodOkqP3Q+1KvTWTpJ7pkelsyPpcgnqUdaA4tFUbdQBk b6gg9fq4KiJ8wqW0WR/nB3eyXceqanT8r/P99C5d/ixSBCYpRS78LD+5hqleUfdO m08l5c3i7cz0fIRQSWNchTLIaMJAySA//iH2sTUebJ2OXtO38ec2TYQ8ZcMMi1Ib AZvMRSx0KNSBPbDCkY7XJiVX4vt7j3/sUhhihbdFBnHHpHTrcRl4oQkF6GOgIIkQ Mhi9nv4Y0U7TelZmD3ypl0QlXHGxGQJUN5IQNV5eJWAyIRaPx2n7TmpSkYN129/+ P/xTH/hJW4mvfg== -----END CERTIFICATE-----Generated at Fri Dec 19 21:11:18 2025 by rpki-client