This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft File: J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft (raw, json) Hash identifier: j10O5B4MWB9cuPDi20NcotXQkuN/a//L0+g09OiqsJ8= Subject key identifier: 54:77:BF:96:D9:26:80:E8:54:6A:08:C7:7F:33:24:D7:D9:0E:90:00 Authority key identifier: 27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0 Certificate issuer: /CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0 Certificate serial: 019AF1D18B7BE39CE38E0AB3166D8E9E4688 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft Manifest number: 07DA Signing time: Sat 06 Dec 2025 04:00:32 +0000 Manifest this update: Sat 06 Dec 2025 04:00:32 +0000 Manifest next update: Sun 07 Dec 2025 04:00:32 +0000 Files and hashes: 1: J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl (hash: 7VmmFJToWcj88PLp8fNtlnL8P42EG1o0N+1DXGAgbe0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:8b:7b:e3:9c:e3:8e:0a:b3:16:6d:8e:9e:46:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27c406df29be9f2ad50b3ec5bd53dfb922d1afa0 Validity Not Before: Dec 6 04:00:32 2025 GMT Not After : Dec 7 04:00:32 2025 GMT Subject: CN=5477bf96d92680e8546a08c77f3324d7d90e9000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:85:72:2d:03:27:38:8d:57:dd:2c:f8:81:67: cc:3a:0f:ef:7f:0a:a0:af:95:19:ec:cf:b9:1f:bc: 8c:a4:b8:bf:79:07:bb:0c:11:30:e8:0b:d1:df:ce: 77:bb:4e:ea:58:6c:22:4e:49:c9:06:cd:9d:9e:45: 52:36:5f:e8:d2:a3:70:8e:ec:9b:1b:1d:dd:1f:11: d6:a0:e2:4e:0e:98:6c:be:c0:19:02:76:60:b0:ac: 3b:29:c9:49:60:be:48:fe:12:d4:f0:eb:5c:94:76: 8d:73:a9:5c:29:82:7a:56:60:27:44:8a:dd:56:92: f3:19:f1:09:c7:97:43:1d:a8:ba:20:64:96:74:83: 0a:d6:d5:b2:0d:f9:87:13:78:c2:25:ac:09:fa:a9: fe:30:7d:0d:04:fc:43:29:82:96:49:a1:6f:ce:f3: 8f:f7:0e:12:45:2f:be:d5:af:60:35:94:3a:ba:d1: e6:c5:2f:fa:de:03:79:9f:7a:0f:11:9c:b5:8f:45: 72:3e:a4:c7:ce:9a:d4:6f:e3:f9:fc:a1:d2:51:d7: 7c:dd:e4:81:4f:d5:d9:3b:f1:20:ed:f5:14:a0:ad: b2:99:9b:84:80:6c:ae:29:8a:da:0b:c1:54:ed:7f: 0f:99:c9:a7:1a:ef:0a:c7:11:e2:0b:06:b2:22:55: c2:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:77:BF:96:D9:26:80:E8:54:6A:08:C7:7F:33:24:D7:D9:0E:90:00 X509v3 Authority Key Identifier: keyid:27:C4:06:DF:29:BE:9F:2A:D5:0B:3E:C5:BD:53:DF:B9:22:D1:AF:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8QG3ym-nyrVCz7FvVPfuSLRr6A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/41b8f8-3900-4514-8dbf-27d362e96d40/1/J8QG3ym-nyrVCz7FvVPfuSLRr6A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:73:2a:44:67:8c:30:60:9f:a2:6e:ef:48:dd:26:d3:cf:ac: 5d:f7:c0:eb:d4:8a:05:d8:10:8e:11:b9:61:a4:93:69:d8:45: d0:27:fe:c1:97:45:58:21:ad:8d:f9:7c:b5:2e:7d:44:b0:d0: 68:61:f7:19:6f:a0:ef:92:6e:22:0d:3d:dc:b3:da:1e:01:02: 92:a3:9a:c2:fe:78:6a:57:cb:c6:54:cb:fb:9f:ec:c4:c5:d7: c3:97:8a:7f:81:2c:24:ad:09:8c:99:5f:5b:82:6e:a2:c0:20: d8:26:ff:b3:66:36:d3:24:ba:94:a6:10:75:d3:41:fc:33:16: 55:8b:e7:7d:1e:3c:23:63:3f:2d:26:87:46:83:3f:41:81:01: b6:10:da:10:51:6f:cc:e7:81:24:22:b3:9e:a9:c3:8b:9b:ae: 7e:f8:c2:87:f5:59:04:25:36:b7:72:ea:e9:30:e0:72:6f:e0: 51:f5:f9:9b:c7:1c:cc:16:c9:e6:69:84:22:d1:06:f2:bb:05: 3f:40:7b:08:af:7c:f9:01:7c:fe:29:de:51:54:11:b5:5d:b9: 59:15:e7:97:4f:c9:dc:33:0a:b8:1b:48:af:ff:50:a2:7b:98: 49:11:58:28:e4:b4:ac:b4:2b:80:b2:68:8c:42:84:85:b1:e9: 83:e1:2d:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0Yt745zjjgqzFm2OnkaIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3YzQwNmRmMjliZTlmMmFkNTBiM2VjNWJkNTNkZmI5MjJk MWFmYTAwHhcNMjUxMjA2MDQwMDMyWhcNMjUxMjA3MDQwMDMyWjAzMTEwLwYDVQQD Eyg1NDc3YmY5NmQ5MjY4MGU4NTQ2YTA4Yzc3ZjMzMjRkN2Q5MGU5MDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oVyLQMnOI1X3Sz4gWfMOg/vfwqg r5UZ7M+5H7yMpLi/eQe7DBEw6AvR3853u07qWGwiTknJBs2dnkVSNl/o0qNwjuyb Gx3dHxHWoOJODphsvsAZAnZgsKw7KclJYL5I/hLU8OtclHaNc6lcKYJ6VmAnRIrd VpLzGfEJx5dDHai6IGSWdIMK1tWyDfmHE3jCJawJ+qn+MH0NBPxDKYKWSaFvzvOP 9w4SRS++1a9gNZQ6utHmxS/63gN5n3oPEZy1j0VyPqTHzprUb+P5/KHSUdd83eSB T9XZO/Eg7fUUoK2ymZuEgGyuKYraC8FU7X8PmcmnGu8KxxHiCwayIlXCUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFR3v5bZJoDoVGoIx38zJNfZDpAAMB8GA1UdIwQY MBaAFCfEBt8pvp8q1Qs+xb1T37ki0a+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYt MjdkMzYyZTk2ZDQwLzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS80MWI4ZjgtMzkwMC00NTE0LThkYmYtMjdkMzYyZTk2ZDQw LzEvSjhRRzN5bS1ueXJWQ3o3RnZWUGZ1U0xScjZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXMqRGeM MGCfom7vSN0m08+sXffA69SKBdgQjhG5YaSTadhF0Cf+wZdFWCGtjfl8tS59RLDQ aGH3GW+g75JuIg093LPaHgECkqOawv54alfLxlTL+5/sxMXXw5eKf4EsJK0JjJlf W4JuosAg2Cb/s2Y20yS6lKYQddNB/DMWVYvnfR48I2M/LSaHRoM/QYEBthDaEFFv zOeBJCKznqnDi5uufvjCh/VZBCU2t3Lq6TDgcm/gUfX5m8cczBbJ5mmEItEG8rsF P0B7CK98+QF8/ineUVQRtV25WRXnl0/J3DMKuBtIr/9QonuYSRFYKOS0rLQrgLJo jEKEhbHpg+Etag== -----END CERTIFICATE-----Generated at Sat Dec 6 10:31:06 2025 by rpki-client