This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft File: JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json) Hash identifier: Sv4SPnrU7Cf7947b8y4190+fLJ2uOq94tipa0B9ilT8= Subject key identifier: 52:67:A6:41:32:63:E4:8B:40:1D:BA:DA:05:F8:23:E5:E9:2F:B1:F8 Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F Certificate issuer: /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f Certificate serial: 019B39EAC01E2022428EDFE1A2DCB8B7CD57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft Manifest number: 0E1A Signing time: Sat 20 Dec 2025 04:00:44 +0000 Manifest this update: Sat 20 Dec 2025 04:00:44 +0000 Manifest next update: Sun 21 Dec 2025 04:00:44 +0000 Files and hashes: 1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: pYbXbtEWlR1boU5kISIDCKNVZ+PkRggUMZrzbRBoygA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 04:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:ea:c0:1e:20:22:42:8e:df:e1:a2:dc:b8:b7:cd:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f Validity Not Before: Dec 20 04:00:44 2025 GMT Not After : Dec 21 04:00:44 2025 GMT Subject: CN=5267a6413263e48b401dbada05f823e5e92fb1f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6e:5e:9f:96:d4:df:48:ce:69:48:ab:1e:35: f8:f4:2a:30:8e:e8:25:28:bc:3f:93:92:22:a8:9d: 47:60:4a:4d:04:16:27:86:8b:e4:44:00:cd:1a:5c: 84:17:50:6f:5e:89:3c:e0:8e:4a:c8:39:93:ab:9f: 80:22:88:75:83:f3:26:71:67:c3:ab:83:af:28:5e: fe:ac:72:ae:36:43:62:fe:ab:5d:95:d1:33:59:61: a7:4e:34:5a:68:53:3a:e3:1d:50:f6:5f:47:ea:b8: d3:01:93:d4:42:ea:92:e6:a3:3b:ef:25:3d:f1:fb: 1a:a0:13:1a:d8:41:12:66:87:a0:a6:60:f1:16:8f: f8:3e:eb:18:ec:da:ce:55:60:47:45:fd:89:7e:4d: 8a:3e:fa:37:78:2f:11:82:3c:70:17:cb:b1:a3:01: 23:55:83:69:85:d5:95:fd:29:43:37:23:5e:41:40: d2:c8:71:da:c6:f4:9f:f1:85:f1:55:eb:09:21:86: cc:d1:91:9f:27:4f:10:16:63:6b:7c:6b:82:55:22: c8:ef:d0:b4:f9:19:db:97:1a:6b:b4:31:2f:1c:ac: a2:76:a3:c4:3f:3d:de:60:f8:da:fd:8c:06:b9:1f: b1:9b:d7:c9:d7:b4:d5:69:f9:06:c9:88:87:d0:0e: 0e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:67:A6:41:32:63:E4:8B:40:1D:BA:DA:05:F8:23:E5:E9:2F:B1:F8 X509v3 Authority Key Identifier: keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:cc:52:d3:d9:11:ed:3c:13:1b:f1:ea:18:20:be:00:a8:71: 44:50:12:7f:76:44:f4:7e:f6:0c:54:0d:40:5d:77:c0:df:9c: 17:f1:e5:71:bb:91:e8:c6:f8:0b:b4:30:a8:8e:be:5a:f1:20: 41:38:79:fe:c9:84:bb:8f:95:17:6d:c9:4d:66:68:66:3d:43: c1:e4:96:c4:2e:43:c1:d6:94:58:ce:ff:7b:4d:7b:0a:49:25: 4f:c0:66:0e:2a:72:a2:21:f5:c6:29:92:dd:b5:4b:9c:61:72: 1f:0f:ca:79:17:84:14:0c:a4:16:6a:cd:db:55:16:67:ef:a8: 64:76:91:1c:41:29:04:4d:ac:5e:af:22:c7:49:83:bd:41:b1: 93:1d:75:78:9e:e1:e8:9f:42:25:3e:a3:81:8f:b6:b9:db:58: 65:4f:f2:4c:c2:08:a8:c3:3f:12:e8:7d:7d:32:13:5b:47:5a: a4:98:bf:92:fc:24:e8:2b:44:37:ec:40:a4:39:3f:85:e9:bb: 6b:df:db:ea:ed:27:0d:e5:ca:51:e8:4f:1f:d6:68:bb:0d:e2: 4e:a2:d0:1c:07:79:39:97:23:7b:ed:b8:1d:a6:32:bd:cf:db: f3:7f:f2:4b:34:50:86:8e:80:81:3a:7f:c4:be:41:c7:96:36: 48:2b:0f:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56sAeICJCjt/hoty4t81XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1 MTE2OWYwHhcNMjUxMjIwMDQwMDQ0WhcNMjUxMjIxMDQwMDQ0WjAzMTEwLwYDVQQD Eyg1MjY3YTY0MTMyNjNlNDhiNDAxZGJhZGEwNWY4MjNlNWU5MmZiMWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw25en5bU30jOaUirHjX49Cowjugl KLw/k5IiqJ1HYEpNBBYnhovkRADNGlyEF1BvXok84I5KyDmTq5+AIoh1g/MmcWfD q4OvKF7+rHKuNkNi/qtdldEzWWGnTjRaaFM64x1Q9l9H6rjTAZPUQuqS5qM77yU9 8fsaoBMa2EESZoegpmDxFo/4PusY7NrOVWBHRf2Jfk2KPvo3eC8RgjxwF8uxowEj VYNphdWV/SlDNyNeQUDSyHHaxvSf8YXxVesJIYbM0ZGfJ08QFmNrfGuCVSLI79C0 +RnblxprtDEvHKyidqPEPz3eYPja/YwGuR+xm9fJ17TVafkGyYiH0A4OOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFJnpkEyY+SLQB262gX4I+XpL7H4MB8GA1UdIwQY MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAusxS09kR 7TwTG/HqGCC+AKhxRFASf3ZE9H72DFQNQF13wN+cF/HlcbuR6Mb4C7QwqI6+WvEg QTh5/smEu4+VF23JTWZoZj1DweSWxC5DwdaUWM7/e017CkklT8BmDipyoiH1ximS 3bVLnGFyHw/KeReEFAykFmrN21UWZ++oZHaRHEEpBE2sXq8ix0mDvUGxkx11eJ7h 6J9CJT6jgY+2udtYZU/yTMIIqMM/Euh9fTITW0dapJi/kvwk6CtEN+xApDk/hem7 a9/b6u0nDeXKUehPH9Zouw3iTqLQHAd5OZcje+24HaYyvc/b83/ySzRQho6AgTp/ xL5Bx5Y2SCsPHg== -----END CERTIFICATE-----Generated at Sat Dec 20 12:25:40 2025 by rpki-client