This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft File: jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json) Hash identifier: dcIdcTutKS/Vfx4b5gyYArIsdyPQBMsLlWSqlH9Ngns= Subject key identifier: 9B:7A:E9:3F:D7:EB:97:77:EA:90:A4:17:3F:74:23:64:B3:5E:D6:9C Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2 Certificate issuer: /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2 Certificate serial: 019B59773312E702B2765DC440AF570ADB56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft Manifest number: 12AB Signing time: Fri 26 Dec 2025 07:02:22 +0000 Manifest this update: Fri 26 Dec 2025 07:02:22 +0000 Manifest next update: Sat 27 Dec 2025 07:02:22 +0000 Files and hashes: 1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: 2gyS/5a3MtrDqIy98ke0OBrU5V5y401HilQZnYZFg9E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 07:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:33:12:e7:02:b2:76:5d:c4:40:af:57:0a:db:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2 Validity Not Before: Dec 26 07:02:22 2025 GMT Not After : Dec 27 07:02:22 2025 GMT Subject: CN=9b7ae93fd7eb9777ea90a4173f742364b35ed69c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8f:6e:38:18:9d:7a:67:dc:8f:8a:de:93:f9: cf:db:d2:9c:59:39:1f:dc:09:54:37:f5:eb:cc:de: 3e:29:f4:d1:b4:9f:53:e8:06:35:ac:d7:7b:72:a2: 2f:48:a9:d4:61:e5:c9:f3:5a:f1:44:90:ea:99:9d: fa:92:52:17:a6:2a:fb:17:5e:47:4f:af:5c:d6:c5: 76:68:84:2a:b1:43:f6:4b:7b:fa:df:b6:a6:3f:e5: 45:34:a1:7f:eb:91:11:6b:97:82:ee:48:ea:0c:c9: 11:ee:70:d6:72:00:9b:0a:45:83:dd:7b:b0:ff:24: 50:79:99:e4:e6:40:38:d5:83:90:b1:35:0d:33:97: a9:17:c8:5d:a6:ac:52:fc:ad:6b:2d:dc:04:75:00: 3e:aa:bf:a5:72:61:c9:1a:b1:b3:58:1d:42:71:73: fc:05:d2:da:7c:96:f7:aa:94:1c:59:29:f4:be:93: c5:70:11:92:46:bb:17:cc:f3:58:f2:6a:3b:ae:bc: 76:ba:56:9a:3a:f2:03:c6:d1:0e:f6:1f:83:65:50: 64:b2:8f:37:02:b9:6d:07:18:e8:fa:56:4b:d2:df: d8:24:62:36:4e:3c:ef:36:36:88:3e:ab:01:15:06: de:84:47:9f:57:ba:a0:0d:16:2b:45:14:74:76:75: d5:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:7A:E9:3F:D7:EB:97:77:EA:90:A4:17:3F:74:23:64:B3:5E:D6:9C X509v3 Authority Key Identifier: keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:4a:6e:f6:f3:2f:98:c6:f5:43:9e:17:86:28:52:ed:2e:29: 38:db:71:f3:05:59:4d:f7:ac:e0:09:10:5a:61:7d:e6:a8:fe: d1:20:c8:3c:84:95:fb:ed:ff:91:1c:49:01:54:e3:9c:b2:66: 91:b9:2c:4d:1a:8d:d4:80:a9:a2:dd:bb:2d:7b:43:eb:2d:e4: 0b:b9:35:a6:10:72:b1:58:0d:5c:7f:a3:71:ee:df:8f:1c:ee: 1e:6d:96:aa:ad:c0:3f:71:3c:62:35:2b:15:81:41:1d:8a:ec: e8:76:c6:8c:4e:48:73:ef:0c:26:3b:dc:80:a2:99:87:a4:9c: 8d:09:6e:2e:2e:01:52:42:c3:93:5b:c0:08:88:46:34:dd:48: 2b:66:22:64:22:7e:92:d7:20:fa:b0:fa:2f:8c:2c:17:cf:95: 53:78:11:7d:d6:29:ae:db:96:e5:fa:0e:29:71:13:06:76:cd: 13:ad:b2:68:01:e1:23:0f:ca:88:7e:0f:8b:f6:18:e7:16:9f: f4:66:44:47:a4:26:d0:81:b0:a2:d6:73:8f:0e:45:58:d9:e6: e2:d7:88:34:f4:83:b0:82:e5:c5:44:0e:58:30:64:2c:56:ff: c8:61:d5:c2:40:1c:9f:c6:e1:cc:f0:94:2f:bd:15:84:c9:bd: 26:89:af:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdzMS5wKydl3EQK9XCttWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy MWY4ZTIwHhcNMjUxMjI2MDcwMjIyWhcNMjUxMjI3MDcwMjIyWjAzMTEwLwYDVQQD Eyg5YjdhZTkzZmQ3ZWI5Nzc3ZWE5MGE0MTczZjc0MjM2NGIzNWVkNjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY9uOBidemfcj4rek/nP29KcWTkf 3AlUN/XrzN4+KfTRtJ9T6AY1rNd7cqIvSKnUYeXJ81rxRJDqmZ36klIXpir7F15H T69c1sV2aIQqsUP2S3v637amP+VFNKF/65ERa5eC7kjqDMkR7nDWcgCbCkWD3Xuw /yRQeZnk5kA41YOQsTUNM5epF8hdpqxS/K1rLdwEdQA+qr+lcmHJGrGzWB1CcXP8 BdLafJb3qpQcWSn0vpPFcBGSRrsXzPNY8mo7rrx2ulaaOvIDxtEO9h+DZVBkso83 ArltBxjo+lZL0t/YJGI2TjzvNjaIPqsBFQbehEefV7qgDRYrRRR0dnXVgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJt66T/X65d36pCkFz90I2SzXtacMB8GA1UdIwQY MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3 LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgUpu9vMv mMb1Q54XhihS7S4pONtx8wVZTfes4AkQWmF95qj+0SDIPISV++3/kRxJAVTjnLJm kbksTRqN1ICpot27LXtD6y3kC7k1phBysVgNXH+jce7fjxzuHm2Wqq3AP3E8YjUr FYFBHYrs6HbGjE5Ic+8MJjvcgKKZh6ScjQluLi4BUkLDk1vACIhGNN1IK2YiZCJ+ ktcg+rD6L4wsF8+VU3gRfdYprtuW5foOKXETBnbNE62yaAHhIw/KiH4Pi/YY5xaf 9GZER6Qm0IGwotZzjw5FWNnm4teINPSDsILlxUQOWDBkLFb/yGHVwkAcn8bhzPCU L70VhMm9JomvVQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:57 2025 by rpki-client