This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft File: jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json) Hash identifier: R9MmlXW9++BKu30dI/Et+IExCcKCnPQZrwJ23Uh40Gk= Subject key identifier: 67:6C:ED:7D:46:FA:39:39:86:C1:72:7A:50:D2:31:38:AB:74:AA:3D Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36 Certificate issuer: /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36 Certificate serial: 019B5977AADF5636D56F9DF6C837B56C304A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft Manifest number: 0C71 Signing time: Fri 26 Dec 2025 07:02:53 +0000 Manifest this update: Fri 26 Dec 2025 07:02:53 +0000 Manifest next update: Sat 27 Dec 2025 07:02:53 +0000 Files and hashes: 1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: znXh0G03xRuWKgCaF3WE8DTImMUcqHD7EN4TcM3IzA0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:aa:df:56:36:d5:6f:9d:f6:c8:37:b5:6c:30:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36 Validity Not Before: Dec 26 07:02:53 2025 GMT Not After : Dec 27 07:02:53 2025 GMT Subject: CN=676ced7d46fa393986c1727a50d23138ab74aa3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:7b:c2:bf:bd:51:1e:db:44:d8:41:fb:56:c3: e1:53:36:8b:9b:46:f7:57:e0:1d:9f:2b:d6:6b:65: 69:f0:b9:50:e5:2c:f6:c1:87:17:79:46:82:fa:42: 48:28:38:1e:36:a9:47:34:e4:f4:24:41:3f:f1:28: 12:88:ff:99:7e:5c:37:98:d1:ac:27:63:3c:6d:c4: 04:74:c7:54:21:10:11:46:fe:4d:6a:67:46:8c:c2: d8:ff:a0:17:25:01:60:a6:b3:16:77:1b:18:f4:92: a3:b3:18:75:b3:33:d8:2a:7d:87:31:2e:54:08:74: e6:2e:7b:f6:d7:d6:49:6b:63:d0:92:ff:a1:b3:7d: 5b:13:17:9f:56:7e:c3:f9:61:3e:b7:d0:a2:6e:49: d0:37:e5:89:1d:ef:53:b6:3e:ea:40:d2:00:19:e2: 79:71:bf:51:a9:60:db:35:49:cf:2c:9e:0c:0c:aa: eb:21:55:e3:6e:42:44:37:5b:64:fe:04:21:31:b6: 0b:b8:06:db:89:6b:c5:5d:b8:3c:31:1a:1e:6c:fe: 02:9f:2a:c1:44:99:2a:0e:fd:3f:2d:8b:e9:64:08: ee:f3:4d:1a:57:b8:92:24:8a:eb:3a:dc:7c:4f:b4: 0c:a3:cc:79:12:4c:ab:54:3e:5f:ee:b5:9d:88:89: 9c:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:6C:ED:7D:46:FA:39:39:86:C1:72:7A:50:D2:31:38:AB:74:AA:3D X509v3 Authority Key Identifier: keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:90:10:8e:05:9b:18:38:54:9d:bb:1c:0c:76:ab:cd:63:7b: a7:45:db:60:b6:8f:df:93:a0:95:0b:0b:57:ae:04:00:54:4e: 92:b8:ee:13:12:aa:85:8a:b8:4b:dc:b9:04:19:2e:f7:5a:0b: 14:4c:74:57:d2:4d:c5:14:04:e0:f2:18:3a:e0:76:6e:95:5e: 3c:81:fa:c2:b6:e7:f5:91:3a:f5:c3:1c:19:00:93:56:8c:e6: cb:2f:0a:b6:75:2e:65:9d:f1:c0:f3:ff:61:f7:f0:47:44:e2: 43:6a:bf:72:90:c9:51:44:5f:30:27:8f:9d:7f:76:ed:65:7e: 0d:b9:a3:01:5d:77:d3:d5:6a:a0:77:2f:46:cd:d9:7a:41:eb: de:75:a4:13:b4:64:b0:ca:c5:69:d9:ad:6b:5a:01:61:31:47: 4b:1e:fe:cc:4c:0e:06:e8:96:c8:b2:1f:71:d3:68:0e:43:4d: ab:f7:b4:0a:0e:61:2b:57:a8:4f:3f:69:8a:24:ee:db:48:40: 67:b6:40:af:f9:22:84:93:6c:64:ba:13:b4:cf:9f:cf:c8:85: fd:04:f2:01:46:ed:d3:29:6e:32:65:cb:67:e2:81:d5:3c:59: 5f:0c:2b:bb:a8:79:68:bc:70:76:07:13:4e:2f:d9:ae:24:f9: 87:99:77:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd6rfVjbVb532yDe1bDBKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz ODFkMzYwHhcNMjUxMjI2MDcwMjUzWhcNMjUxMjI3MDcwMjUzWjAzMTEwLwYDVQQD Eyg2NzZjZWQ3ZDQ2ZmEzOTM5ODZjMTcyN2E1MGQyMzEzOGFiNzRhYTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3vCv71RHttE2EH7VsPhUzaLm0b3 V+AdnyvWa2Vp8LlQ5Sz2wYcXeUaC+kJIKDgeNqlHNOT0JEE/8SgSiP+Zflw3mNGs J2M8bcQEdMdUIRARRv5NamdGjMLY/6AXJQFgprMWdxsY9JKjsxh1szPYKn2HMS5U CHTmLnv219ZJa2PQkv+hs31bExefVn7D+WE+t9CibknQN+WJHe9Ttj7qQNIAGeJ5 cb9RqWDbNUnPLJ4MDKrrIVXjbkJEN1tk/gQhMbYLuAbbiWvFXbg8MRoebP4CnyrB RJkqDv0/LYvpZAju800aV7iSJIrrOtx8T7QMo8x5EkyrVD5f7rWdiImcVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGds7X1G+jk5hsFyelDSMTirdKo9MB8GA1UdIwQY MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZAQjgWb GDhUnbscDHarzWN7p0XbYLaP35OglQsLV64EAFROkrjuExKqhYq4S9y5BBku91oL FEx0V9JNxRQE4PIYOuB2bpVePIH6wrbn9ZE69cMcGQCTVozmyy8KtnUuZZ3xwPP/ YffwR0TiQ2q/cpDJUURfMCePnX927WV+DbmjAV1309VqoHcvRs3ZekHr3nWkE7Rk sMrFadmta1oBYTFHSx7+zEwOBuiWyLIfcdNoDkNNq/e0Cg5hK1eoTz9piiTu20hA Z7ZAr/kihJNsZLoTtM+fz8iF/QTyAUbt0yluMmXLZ+KB1TxZXwwru6h5aLxwdgcT Ti/ZriT5h5l35w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:17 2025 by rpki-client