This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft File: JQou0RQnyhZIM4Ur1JydtT1j5js.mft (raw, json) Hash identifier: L35j9sLg927ugtuyPxRVYB5XoHJdfMZXJDv0rHaPtrA= Subject key identifier: F6:BC:41:23:59:98:4D:BC:1E:83:95:FC:42:6E:C2:7F:2E:E5:F1:FF Authority key identifier: 25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B Certificate issuer: /CN=250a2ed11427ca164833852bd49c9db53d63e63b Certificate serial: 019B5A88773E405146F0D8CA1C98D9E744FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft Manifest number: 0334 Signing time: Fri 26 Dec 2025 12:00:51 +0000 Manifest this update: Fri 26 Dec 2025 12:00:51 +0000 Manifest next update: Sat 27 Dec 2025 12:00:51 +0000 Files and hashes: 1: JQou0RQnyhZIM4Ur1JydtT1j5js.crl (hash: GBAyt57uxH9IvN5NR7QLHXrhoo6hmZBN4wTiFF0e9xY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:77:3e:40:51:46:f0:d8:ca:1c:98:d9:e7:44:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=250a2ed11427ca164833852bd49c9db53d63e63b Validity Not Before: Dec 26 12:00:51 2025 GMT Not After : Dec 27 12:00:51 2025 GMT Subject: CN=f6bc412359984dbc1e8395fc426ec27f2ee5f1ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a2:a1:c9:19:4b:7d:d8:ed:af:a3:2f:52:37: 01:34:be:87:7f:cb:de:ef:10:2a:21:d7:61:9f:62: 73:7a:0e:bb:f9:b2:68:bf:ed:a6:88:1a:79:66:ff: ea:19:a6:25:df:54:e7:73:bb:e7:b4:66:6c:dc:b6: 49:09:9d:7c:d0:3d:21:29:c5:cb:6d:bc:0f:0f:41: 27:c1:28:be:02:19:cb:bd:75:8d:d5:41:8f:fc:cd: cd:31:2d:f0:df:3e:e6:46:f0:65:d6:05:ec:f1:e5: f1:cb:cc:43:90:6e:bc:28:79:5c:bc:51:ac:6d:6b: 3a:60:1b:a2:ee:b5:4c:88:4d:8d:9f:e6:a3:1d:a6: 25:7d:82:e6:6c:cb:d4:85:7c:22:bb:a2:3f:f3:91: aa:11:30:21:11:5f:af:a9:e7:ba:4d:da:6a:0d:c7: f7:50:a1:e5:d4:d0:ee:8d:bd:7d:63:63:1b:9b:48: cc:0e:96:d8:9c:6a:13:1d:e5:99:e3:bf:b0:5d:3f: fe:b6:45:47:94:d8:7b:54:dc:5e:43:8d:ad:41:94: 01:68:3f:d2:ed:8c:4f:3b:3d:8c:d6:ee:10:39:03: 05:a8:66:b7:31:c8:76:1d:4f:3d:3a:51:19:a0:34: 8c:24:67:9c:e0:5b:7c:76:3e:ba:22:4d:ba:4a:2c: 5f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:BC:41:23:59:98:4D:BC:1E:83:95:FC:42:6E:C2:7F:2E:E5:F1:FF X509v3 Authority Key Identifier: keyid:25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:7a:a3:16:3b:35:ec:48:e6:12:6a:42:40:52:10:d7:ef:ee: 49:de:dc:49:24:72:21:ea:af:46:fc:48:95:6b:27:2b:1d:69: 54:1f:52:07:db:b8:b8:e3:90:cc:f0:c0:ad:4c:9a:1e:2b:b2: cf:8e:48:e8:15:b7:f4:07:2b:aa:20:16:ca:3e:36:07:7f:81: 0a:02:eb:58:29:3a:5b:49:33:78:f6:b7:df:a9:ac:46:81:72: 06:dc:5d:46:e0:41:23:c0:01:c6:bd:84:35:1b:44:ad:06:89: c0:87:92:9f:65:f9:2d:46:ba:08:09:e3:52:aa:25:f6:bb:ea: cf:7c:20:1b:bf:22:eb:d1:25:28:29:c4:63:cf:28:d1:c5:83: 60:5e:de:3b:40:f2:98:28:31:b8:48:32:e2:48:d8:13:7c:ce: 87:80:fc:7b:c9:14:40:af:f2:1d:b6:00:75:39:c0:fa:dd:a9: 0e:6c:b3:22:a1:74:ab:d6:62:e2:1e:0a:89:0d:60:9e:c1:30: e2:bf:51:29:d4:fe:0c:e1:c3:07:d8:a5:54:ac:52:ca:5d:12: f8:44:8d:e9:35:7b:79:6e:d3:eb:10:04:25:a3:9c:b2:c8:8b: 9c:73:46:93:2e:ea:02:58:f0:91:1a:b6:8f:94:da:68:4c:20: c1:49:9d:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiHc+QFFG8NjKHJjZ50T8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MGEyZWQxMTQyN2NhMTY0ODMzODUyYmQ0OWM5ZGI1M2Q2 M2U2M2IwHhcNMjUxMjI2MTIwMDUxWhcNMjUxMjI3MTIwMDUxWjAzMTEwLwYDVQQD EyhmNmJjNDEyMzU5OTg0ZGJjMWU4Mzk1ZmM0MjZlYzI3ZjJlZTVmMWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqKhyRlLfdjtr6MvUjcBNL6Hf8ve 7xAqIddhn2Jzeg67+bJov+2miBp5Zv/qGaYl31Tnc7vntGZs3LZJCZ180D0hKcXL bbwPD0EnwSi+AhnLvXWN1UGP/M3NMS3w3z7mRvBl1gXs8eXxy8xDkG68KHlcvFGs bWs6YBui7rVMiE2Nn+ajHaYlfYLmbMvUhXwiu6I/85GqETAhEV+vqee6TdpqDcf3 UKHl1NDujb19Y2Mbm0jMDpbYnGoTHeWZ47+wXT/+tkVHlNh7VNxeQ42tQZQBaD/S 7YxPOz2M1u4QOQMFqGa3Mch2HU89OlEZoDSMJGec4Ft8dj66Ik26SixfWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPa8QSNZmE28HoOV/EJuwn8u5fH/MB8GA1UdIwQY MBaAFCUKLtEUJ8oWSDOFK9ScnbU9Y+Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEt NTVjNjVjNDE1YjM2LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEtNTVjNjVjNDE1YjM2 LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkXqjFjs1 7EjmEmpCQFIQ1+/uSd7cSSRyIeqvRvxIlWsnKx1pVB9SB9u4uOOQzPDArUyaHiuy z45I6BW39AcrqiAWyj42B3+BCgLrWCk6W0kzePa336msRoFyBtxdRuBBI8ABxr2E NRtErQaJwIeSn2X5LUa6CAnjUqol9rvqz3wgG78i69ElKCnEY88o0cWDYF7eO0Dy mCgxuEgy4kjYE3zOh4D8e8kUQK/yHbYAdTnA+t2pDmyzIqF0q9Zi4h4KiQ1gnsEw 4r9RKdT+DOHDB9ilVKxSyl0S+ESN6TV7eW7T6xAEJaOcssiLnHNGky7qAljwkRq2 j5TaaEwgwUmdkw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:23 2025 by rpki-client