This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft File: JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json) Hash identifier: vHXhp3+ImZEcEFh74a7m0zNWrlbJl5XBaFxH9LwSvxo= Subject key identifier: FC:CE:73:F6:4C:C7:76:A6:6A:14:29:E2:E5:4A:26:42:E6:63:B3:F8 Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60 Certificate issuer: /CN=240cbb9947961e2828d8474bcaca1e9b91556560 Certificate serial: 019B33E8848A31C01AF4AFE2C902F2FB8662 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft Manifest number: 14BF Signing time: Fri 19 Dec 2025 00:00:34 +0000 Manifest this update: Fri 19 Dec 2025 00:00:34 +0000 Manifest next update: Sat 20 Dec 2025 00:00:34 +0000 Files and hashes: 1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: izhJY+NVlGUKq8GJZCyjwwHxE9k3Ux7BA1EBbzXzV/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:84:8a:31:c0:1a:f4:af:e2:c9:02:f2:fb:86:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560 Validity Not Before: Dec 19 00:00:34 2025 GMT Not After : Dec 20 00:00:34 2025 GMT Subject: CN=fcce73f64cc776a66a1429e2e54a2642e663b3f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a8:0d:fb:cb:d3:2c:9d:f6:16:82:a4:52:9c: 31:f2:64:1a:2c:2a:d1:d6:1b:13:aa:b6:65:3f:28: 93:99:28:f8:e5:31:34:c1:82:59:31:97:c5:db:83: 4e:47:b0:b2:f1:19:4f:7d:5e:ab:55:03:8c:f9:48: 09:cf:d7:63:f9:dc:27:1d:a3:3d:70:2c:02:90:db: b6:84:51:b7:46:2b:0e:30:85:3a:16:50:cd:d7:52: a5:b3:6d:09:79:e1:85:ca:8c:46:89:6f:bd:b9:ed: 2d:ec:07:22:8d:e1:8a:b9:8d:e3:72:11:bc:fd:31: 6b:91:5f:6b:7a:40:12:4c:e3:78:56:cf:e0:59:6d: b3:4c:42:ee:d7:be:c3:b9:cf:c5:9a:79:69:f1:d0: 23:ff:a6:e1:71:01:39:52:9a:d1:99:29:89:15:a6: 77:60:52:11:c6:60:b2:fb:38:18:be:41:8d:c3:59: 5b:4b:1b:5d:b4:fe:57:10:ec:ae:36:c2:a2:22:9e: 24:61:bc:bd:9f:cb:c7:4c:d4:57:be:8f:f4:b6:9e: 07:42:31:80:1b:fd:3c:4e:1d:7a:b0:7c:d4:f5:ad: 4f:c4:45:34:9d:ce:7f:0e:f5:3a:90:c4:a4:b5:df: 46:50:41:87:eb:f9:80:d3:15:4b:2a:75:11:28:a0: 6d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:CE:73:F6:4C:C7:76:A6:6A:14:29:E2:E5:4A:26:42:E6:63:B3:F8 X509v3 Authority Key Identifier: keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:1e:52:58:e8:6a:44:85:64:35:0c:e4:50:6a:80:f7:12:38: c0:63:60:10:8b:b5:9f:34:96:41:b3:43:12:27:c9:86:24:e5: a5:ec:1a:49:d7:e8:dc:20:45:46:31:f5:1e:43:11:81:0d:b8: 2e:c3:bf:44:e8:ab:f8:65:a3:43:56:36:da:dd:d1:fa:3f:92: 9c:67:07:9b:5f:0f:e2:4b:d5:24:22:d8:ad:be:57:8e:ea:92: 98:91:98:4a:46:99:80:72:c1:4d:c1:1f:6e:4a:ec:d9:61:23: cf:2d:86:91:4e:24:f5:5b:5b:b5:4f:a8:f1:bf:33:5b:48:ad: 34:ed:8f:c3:d7:0c:74:e8:a9:37:36:ff:8a:d4:a8:d9:76:87: 63:32:96:16:a4:06:46:d3:b4:36:f8:0e:17:08:b9:f2:f7:91: 88:87:69:da:86:59:ab:c9:a5:aa:06:5f:e5:5c:f0:01:84:bd: 55:4d:92:35:c6:f2:36:0d:a0:af:a0:c2:82:60:ba:75:7c:7e: 4f:56:9f:61:4d:7f:32:19:a0:00:98:ab:67:ad:77:0a:33:ef: 11:b0:ad:5c:1d:4a:28:ff:1d:d2:2f:00:72:3b:e2:9e:c1:a9: c2:61:01:9f:5f:14:3e:e8:66:2f:8a:f3:c5:a3:01:1b:7f:64: ec:f7:fd:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6ISKMcAa9K/iyQLy+4ZiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1 NTY1NjAwHhcNMjUxMjE5MDAwMDM0WhcNMjUxMjIwMDAwMDM0WjAzMTEwLwYDVQQD EyhmY2NlNzNmNjRjYzc3NmE2NmExNDI5ZTJlNTRhMjY0MmU2NjNiM2Y4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6gN+8vTLJ32FoKkUpwx8mQaLCrR 1hsTqrZlPyiTmSj45TE0wYJZMZfF24NOR7Cy8RlPfV6rVQOM+UgJz9dj+dwnHaM9 cCwCkNu2hFG3RisOMIU6FlDN11Kls20JeeGFyoxGiW+9ue0t7AcijeGKuY3jchG8 /TFrkV9rekASTON4Vs/gWW2zTELu177Duc/Fmnlp8dAj/6bhcQE5UprRmSmJFaZ3 YFIRxmCy+zgYvkGNw1lbSxtdtP5XEOyuNsKiIp4kYby9n8vHTNRXvo/0tp4HQjGA G/08Th16sHzU9a1PxEU0nc5/DvU6kMSktd9GUEGH6/mA0xVLKnURKKBtKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPzOc/ZMx3amahQp4uVKJkLmY7P4MB8GA1UdIwQY MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHB5SWOhq RIVkNQzkUGqA9xI4wGNgEIu1nzSWQbNDEifJhiTlpewaSdfo3CBFRjH1HkMRgQ24 LsO/ROir+GWjQ1Y22t3R+j+SnGcHm18P4kvVJCLYrb5XjuqSmJGYSkaZgHLBTcEf bkrs2WEjzy2GkU4k9VtbtU+o8b8zW0itNO2Pw9cMdOipNzb/itSo2XaHYzKWFqQG RtO0NvgOFwi58veRiIdp2oZZq8mlqgZf5VzwAYS9VU2SNcbyNg2gr6DCgmC6dXx+ T1afYU1/MhmgAJirZ613CjPvEbCtXB1KKP8d0i8AcjvinsGpwmEBn18UPuhmL4rz xaMBG39k7Pf9VA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:41:35 2025 by rpki-client