This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft File: jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json) Hash identifier: 0vtg6XxTCP2jfMaVEF8nqmzTA3m+vS3kUZALvPFzDPw= Subject key identifier: B0:56:48:29:51:89:88:49:5E:08:C9:B0:09:E8:FF:C5:6B:71:3B:D6 Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE Certificate issuer: /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Certificate serial: 019AF08852B7CD209EFDF55D3FC1EEFAA8FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft Manifest number: 13F2 Signing time: Fri 05 Dec 2025 22:00:57 +0000 Manifest this update: Fri 05 Dec 2025 22:00:57 +0000 Manifest next update: Sat 06 Dec 2025 22:00:57 +0000 Files and hashes: 1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: MMxvIbpj0vEVxUjOujKJfFIVeBzvr1QdIdFLzmAhC24=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:52:b7:cd:20:9e:fd:f5:5d:3f:c1:ee:fa:a8:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Validity Not Before: Dec 5 22:00:57 2025 GMT Not After : Dec 6 22:00:57 2025 GMT Subject: CN=b0564829518988495e08c9b009e8ffc56b713bd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a9:d8:06:56:b6:92:32:41:50:65:07:ea:20: 42:76:9d:e7:f3:5b:4d:6b:54:b8:6b:fb:d7:cb:3e: 05:1b:11:3f:2c:ee:e6:03:72:30:bf:98:df:4b:08: d8:e2:31:97:bf:73:77:b6:17:ee:09:b4:3d:0d:2c: 13:44:20:10:17:cf:31:b0:36:82:17:ca:6d:7a:7c: d7:a3:b6:5e:ac:a5:0c:ce:30:23:e6:f3:2c:0f:4c: 3a:50:3c:ee:87:03:97:17:a2:40:ed:78:21:98:be: 4c:50:9e:8a:da:c8:21:7f:a6:00:69:d7:21:6a:24: 46:7d:90:f2:03:b5:df:9a:94:f8:c5:3f:86:ae:7c: c7:84:35:25:c0:81:2f:34:04:07:8e:26:ce:6b:9c: b5:19:7f:26:30:f1:58:30:a7:21:f9:a1:60:8c:18: 5e:9b:cf:a0:74:b3:7a:95:fc:58:8e:40:7d:b6:b0: e8:bd:22:c7:39:1b:73:55:a3:3d:2c:99:d8:16:da: f3:e7:ab:5e:12:ac:1b:98:4d:31:26:f4:53:79:9d: 2a:ca:af:0f:8f:0e:2c:99:cc:2b:d2:ff:88:d7:5b: d4:e2:9d:8e:c7:c9:17:03:4e:1a:bc:93:4d:23:4d: 1e:70:01:2f:f7:30:75:0d:c2:15:d5:44:bc:6f:48: c5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:56:48:29:51:89:88:49:5E:08:C9:B0:09:E8:FF:C5:6B:71:3B:D6 X509v3 Authority Key Identifier: keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:68:7c:81:f4:3f:29:1a:fb:af:1c:bb:67:0a:30:90:63:c3: 32:34:20:e3:a9:78:fe:25:39:4c:6c:5d:b9:24:68:3e:4d:76: 68:b1:87:89:cb:dc:ad:9a:19:6f:34:ff:25:54:9b:3e:92:7f: a9:8b:aa:6d:1b:b2:0d:16:22:fd:b1:f7:c0:37:76:96:e0:ac: 06:45:d1:a0:1d:c0:7c:00:75:83:25:d6:88:63:6f:87:09:17: cb:04:2f:67:c0:f3:db:f0:bb:de:7a:b0:4a:22:fd:e2:bd:2c: 80:79:e2:9b:f2:61:78:63:1d:21:38:e5:40:aa:a0:7a:a4:d0: 10:b5:e9:44:a6:b4:48:1a:5c:a8:7c:ee:7f:73:e1:75:d6:e1: c0:38:1d:e0:4d:25:83:67:12:a5:6f:3e:da:b6:1e:b0:8d:8f: cd:e2:87:a7:08:6c:63:5b:b0:a0:05:ed:08:ce:9a:9e:98:ed: 1e:87:35:79:be:7f:9f:d6:42:34:24:32:2b:96:95:c9:d6:5e: d6:b7:46:8d:04:5f:01:c5:29:94:ee:12:dd:59:8e:c3:c1:f0: 39:46:5d:6f:dd:aa:84:71:f9:cc:c7:7a:30:13:55:d6:34:9c: 7b:f9:a1:f3:c9:88:98:63:1d:36:ab:07:da:5c:6b:ef:11:48: 66:0c:9f:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiFK3zSCe/fVdP8Hu+qj6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl MDBiY2UwHhcNMjUxMjA1MjIwMDU3WhcNMjUxMjA2MjIwMDU3WjAzMTEwLwYDVQQD EyhiMDU2NDgyOTUxODk4ODQ5NWUwOGM5YjAwOWU4ZmZjNTZiNzEzYmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKnYBla2kjJBUGUH6iBCdp3n81tN a1S4a/vXyz4FGxE/LO7mA3Iwv5jfSwjY4jGXv3N3thfuCbQ9DSwTRCAQF88xsDaC F8ptenzXo7ZerKUMzjAj5vMsD0w6UDzuhwOXF6JA7XghmL5MUJ6K2sghf6YAadch aiRGfZDyA7XfmpT4xT+GrnzHhDUlwIEvNAQHjibOa5y1GX8mMPFYMKch+aFgjBhe m8+gdLN6lfxYjkB9trDovSLHORtzVaM9LJnYFtrz56teEqwbmE0xJvRTeZ0qyq8P jw4smcwr0v+I11vU4p2Ox8kXA04avJNNI00ecAEv9zB1DcIV1US8b0jFfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBWSClRiYhJXgjJsAno/8VrcTvWMB8GA1UdIwQY MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3 LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWh8gfQ/ KRr7rxy7ZwowkGPDMjQg46l4/iU5TGxduSRoPk12aLGHicvcrZoZbzT/JVSbPpJ/ qYuqbRuyDRYi/bH3wDd2luCsBkXRoB3AfAB1gyXWiGNvhwkXywQvZ8Dz2/C73nqw SiL94r0sgHnim/JheGMdITjlQKqgeqTQELXpRKa0SBpcqHzuf3PhddbhwDgd4E0l g2cSpW8+2rYesI2PzeKHpwhsY1uwoAXtCM6anpjtHoc1eb5/n9ZCNCQyK5aVydZe 1rdGjQRfAcUplO4S3VmOw8HwOUZdb92qhHH5zMd6MBNV1jSce/mh88mImGMdNqsH 2lxr7xFIZgyf+A== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:32 2025 by rpki-client