This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft File: jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json) Hash identifier: GE46fO4y37/y9EeGUqginxs52PRHva/PWfR1mHdrGPE= Subject key identifier: D7:6B:75:54:E1:89:BC:B1:0B:64:8D:D3:2B:32:66:43:08:23:AD:2A Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90 Certificate issuer: /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390 Certificate serial: 019B41A4E9B2E4708B5688F5B11E3646BF40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft Manifest number: 0F74 Signing time: Sun 21 Dec 2025 16:01:25 +0000 Manifest this update: Sun 21 Dec 2025 16:01:25 +0000 Manifest next update: Mon 22 Dec 2025 16:01:25 +0000 Files and hashes: 1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: pC2QbL0Y6PJ8Hfiq7XaUkXxK5dd7+Iwdp1DyN8hvPaw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:e9:b2:e4:70:8b:56:88:f5:b1:1e:36:46:bf:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390 Validity Not Before: Dec 21 16:01:25 2025 GMT Not After : Dec 22 16:01:25 2025 GMT Subject: CN=d76b7554e189bcb10b648dd32b3266430823ad2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:9f:2c:35:06:35:58:07:f2:92:34:7c:27:8f: dd:74:67:11:09:0b:f0:75:7b:e3:35:2a:e7:54:00: e6:1e:96:37:59:3e:d6:70:21:65:b3:81:69:a2:bc: 8a:3e:fb:7d:a9:d0:4a:17:18:e5:78:c7:1b:12:96: d1:7f:f8:e3:dc:7f:79:ce:ed:25:2f:e5:8e:c4:16: 82:0f:47:9a:11:e9:33:d1:13:f3:47:f9:03:8d:db: 73:37:cd:6b:83:2b:2f:19:8a:d2:13:da:0b:5c:47: 07:38:76:0e:20:67:b2:53:b8:39:6e:45:de:2a:f5: 35:19:6f:34:a8:60:da:5e:93:cb:82:70:fa:05:8f: 74:ef:eb:23:b7:d4:0f:ca:25:1c:90:9e:7b:db:ac: 3c:9f:97:bc:e7:99:7f:f7:d6:f4:0b:f4:8d:01:32: 82:3c:30:b1:b5:a3:68:35:3e:8a:67:e0:d0:60:76: bb:cf:4e:98:de:e5:e7:f3:46:e1:0a:68:e5:b2:b0: 94:43:df:71:a4:ac:f5:04:a6:e0:de:5c:ac:93:8d: b9:7e:db:31:70:c2:1c:34:6d:44:10:38:02:dd:c4: 70:25:bf:d5:32:3f:c7:6a:28:00:a7:38:25:41:d9: b0:f9:f5:78:a1:7e:bc:1a:16:16:58:1f:a9:94:18: 1d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:6B:75:54:E1:89:BC:B1:0B:64:8D:D3:2B:32:66:43:08:23:AD:2A X509v3 Authority Key Identifier: keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:b9:ae:48:9c:27:2f:9f:cb:73:52:bd:9b:a9:d3:cb:fd:dd: 33:20:ad:e9:7f:da:33:21:19:8a:43:d0:59:c3:d9:92:95:17: 54:52:f4:a7:8e:1f:e5:b9:b0:0d:77:09:b3:ed:e0:a9:fd:38: 26:c6:25:cd:ac:9c:40:08:b7:93:31:9d:08:1c:68:22:a3:cc: 86:88:f3:62:80:bc:e1:3d:b2:27:04:a8:3d:fe:c7:80:9c:7d: b1:c7:5f:fd:b0:05:a4:04:3b:0b:06:fb:8f:69:ea:14:ef:43: 29:0f:da:bf:31:c4:1f:b6:59:b5:bd:14:92:40:8c:44:68:4b: fc:e7:89:8a:68:98:96:d1:4d:d4:47:e7:d1:ef:c0:cf:5d:d4: 76:c4:6b:49:51:bc:b3:14:9d:a8:19:3a:ff:ef:46:81:80:4c: b4:b5:74:53:1b:d1:c1:94:2f:ce:fc:3c:45:fb:16:87:1c:ea: 95:8d:4b:4e:53:f9:5f:6f:45:c9:29:95:89:83:64:b7:85:48: 46:2d:fd:9f:27:c2:58:3e:43:f7:74:0c:90:1c:5b:40:05:4c: d4:c4:da:82:af:02:ba:79:a8:86:5f:8c:22:7f:60:6f:07:ec: 0a:4b:c3:f0:f7:d0:e3:ef:d0:66:0a:3e:e9:ba:f5:ff:a0:63: 1f:66:d4:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpOmy5HCLVoj1sR42Rr9AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw ZjczOTAwHhcNMjUxMjIxMTYwMTI1WhcNMjUxMjIyMTYwMTI1WjAzMTEwLwYDVQQD EyhkNzZiNzU1NGUxODliY2IxMGI2NDhkZDMyYjMyNjY0MzA4MjNhZDJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Z8sNQY1WAfykjR8J4/ddGcRCQvw dXvjNSrnVADmHpY3WT7WcCFls4FporyKPvt9qdBKFxjleMcbEpbRf/jj3H95zu0l L+WOxBaCD0eaEekz0RPzR/kDjdtzN81rgysvGYrSE9oLXEcHOHYOIGeyU7g5bkXe KvU1GW80qGDaXpPLgnD6BY907+sjt9QPyiUckJ5726w8n5e855l/99b0C/SNATKC PDCxtaNoNT6KZ+DQYHa7z06Y3uXn80bhCmjlsrCUQ99xpKz1BKbg3lysk425ftsx cMIcNG1EEDgC3cRwJb/VMj/HaigApzglQdmw+fV4oX68GhYWWB+plBgdMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNdrdVThibyxC2SN0ysyZkMII60qMB8GA1UdIwQY MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2 LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrmuSJwn L5/Lc1K9m6nTy/3dMyCt6X/aMyEZikPQWcPZkpUXVFL0p44f5bmwDXcJs+3gqf04 JsYlzaycQAi3kzGdCBxoIqPMhojzYoC84T2yJwSoPf7HgJx9scdf/bAFpAQ7Cwb7 j2nqFO9DKQ/avzHEH7ZZtb0UkkCMRGhL/OeJimiYltFN1Efn0e/Az13UdsRrSVG8 sxSdqBk6/+9GgYBMtLV0UxvRwZQvzvw8RfsWhxzqlY1LTlP5X29FySmViYNkt4VI Ri39nyfCWD5D93QMkBxbQAVM1MTagq8Cunmohl+MIn9gbwfsCkvD8PfQ4+/QZgo+ 6br1/6BjH2bUkg== -----END CERTIFICATE-----Generated at Sun Dec 21 19:50:41 2025 by rpki-client