This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft File: JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json) Hash identifier: F7jw15VdZExD3cY5RqmHLTrjd4jWKtSIzG0Y7IlpVcY= Subject key identifier: DD:E2:52:34:A6:DF:39:8A:0C:05:5B:C0:5B:8D:CF:46:93:26:1E:09 Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39 Certificate issuer: /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739 Certificate serial: 019B5975D365D15CB5D988C5B49E897D88C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft Manifest number: 0C3B Signing time: Fri 26 Dec 2025 07:00:52 +0000 Manifest this update: Fri 26 Dec 2025 07:00:52 +0000 Manifest next update: Sat 27 Dec 2025 07:00:52 +0000 Files and hashes: 1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: V1G4KPkS0JtTalwVOxZ53j/LbAjbYXf7NimARWqpVbo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:d3:65:d1:5c:b5:d9:88:c5:b4:9e:89:7d:88:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739 Validity Not Before: Dec 26 07:00:52 2025 GMT Not After : Dec 27 07:00:52 2025 GMT Subject: CN=dde25234a6df398a0c055bc05b8dcf4693261e09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:26:37:59:7d:ac:9a:41:5f:e0:59:95:c7: 31:d9:40:3d:d2:9e:84:4a:0c:90:28:bc:32:ef:26: 34:8b:7b:79:1d:65:32:c5:7e:cb:af:c6:c0:0a:a5: 73:ce:ba:a1:53:c5:cb:11:fa:70:96:4d:ae:b5:8f: 45:df:6a:a8:7f:19:ba:63:5f:8d:ce:54:56:2a:86: 6b:db:92:d1:e3:19:15:6c:46:4a:f6:77:ee:6e:c1: ad:c4:c5:82:c9:d1:1c:3e:7d:96:ac:60:86:0a:bc: ca:11:e0:9b:f9:af:22:22:41:4a:81:cf:ae:41:40: 5d:5e:3b:4a:c9:6f:23:7c:90:c7:34:01:76:d5:5f: 9a:6c:c7:17:40:6a:23:44:65:72:d0:71:78:a3:d6: e8:d0:a9:00:d5:0d:eb:45:25:3e:ce:b5:10:e1:76: 6c:70:e6:2c:57:2f:13:86:91:bc:04:e1:c1:bd:9a: 23:bc:59:58:f9:11:f3:4e:da:50:b0:39:34:ba:89: 2e:6f:9f:63:f0:60:04:88:96:34:cd:dc:9f:b5:a7: 52:3f:47:a6:9b:ee:1a:77:67:f8:40:71:1a:06:02: 85:8e:59:08:53:c3:c2:70:3d:99:c5:3b:2f:7c:ac: bc:aa:3a:a9:39:b0:a1:bc:24:20:b1:d9:1b:ed:74: f6:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:E2:52:34:A6:DF:39:8A:0C:05:5B:C0:5B:8D:CF:46:93:26:1E:09 X509v3 Authority Key Identifier: keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:5c:57:cd:ae:e6:3d:fc:e6:b3:c1:91:15:f3:aa:8b:c9:cc: 1f:04:44:52:dc:b4:c8:65:8b:9e:4f:a2:81:95:4a:74:3e:58: 70:5c:59:11:1e:7f:1d:68:4b:ff:ad:28:09:77:d1:71:70:07: 65:1f:f5:4a:80:51:2d:9f:d3:85:e4:ef:ff:d7:e8:0f:72:1f: a4:ec:66:f6:92:94:e7:03:eb:3c:73:0b:f6:11:8c:51:b3:0f: 5f:7b:89:9a:c4:c8:e2:a6:85:05:7b:b8:ee:45:70:52:ad:2f: 61:39:c0:39:1f:02:6e:0c:ce:a0:03:80:4d:76:04:e2:c7:34: eb:5f:e6:eb:61:55:94:38:b2:4b:66:af:bd:59:7d:df:5e:d7: fa:ee:af:c5:c1:67:ea:a6:a6:1e:88:be:8e:33:63:5d:bf:99: f7:cf:83:29:d7:26:20:69:0f:33:f0:b5:00:3d:6d:13:6b:4b: ed:d0:9f:9f:fc:91:61:8f:cd:b2:dd:d7:19:7d:c6:54:44:de: 64:fc:eb:12:83:20:3d:f4:eb:e2:63:56:3b:4b:45:f6:98:66: ed:09:7e:79:33:5a:f3:e1:50:af:96:24:7f:02:70:e7:5f:23: e5:4e:08:ad:0a:80:ae:63:8a:ed:1b:17:2d:fb:b5:13:34:10: 8c:f1:c2:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZddNl0Vy12YjFtJ6JfYjJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux Yzg3MzkwHhcNMjUxMjI2MDcwMDUyWhcNMjUxMjI3MDcwMDUyWjAzMTEwLwYDVQQD EyhkZGUyNTIzNGE2ZGYzOThhMGMwNTViYzA1YjhkY2Y0NjkzMjYxZTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw10mN1l9rJpBX+BZlccx2UA90p6E SgyQKLwy7yY0i3t5HWUyxX7Lr8bACqVzzrqhU8XLEfpwlk2utY9F32qofxm6Y1+N zlRWKoZr25LR4xkVbEZK9nfubsGtxMWCydEcPn2WrGCGCrzKEeCb+a8iIkFKgc+u QUBdXjtKyW8jfJDHNAF21V+abMcXQGojRGVy0HF4o9bo0KkA1Q3rRSU+zrUQ4XZs cOYsVy8ThpG8BOHBvZojvFlY+RHzTtpQsDk0uokub59j8GAEiJY0zdyftadSP0em m+4ad2f4QHEaBgKFjlkIU8PCcD2ZxTsvfKy8qjqpObChvCQgsdkb7XT2wwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3iUjSm3zmKDAVbwFuNz0aTJh4JMB8GA1UdIwQY MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVxXza7m Pfzms8GRFfOqi8nMHwREUty0yGWLnk+igZVKdD5YcFxZER5/HWhL/60oCXfRcXAH ZR/1SoBRLZ/TheTv/9foD3IfpOxm9pKU5wPrPHML9hGMUbMPX3uJmsTI4qaFBXu4 7kVwUq0vYTnAOR8CbgzOoAOATXYE4sc061/m62FVlDiyS2avvVl9317X+u6vxcFn 6qamHoi+jjNjXb+Z98+DKdcmIGkPM/C1AD1tE2tL7dCfn/yRYY/Nst3XGX3GVETe ZPzrEoMgPfTr4mNWO0tF9phm7Ql+eTNa8+FQr5YkfwJw518j5U4IrQqArmOK7RsX Lfu1EzQQjPHChQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:13 2025 by rpki-client