This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft File: JKtnE2v5kKqL6IV6aNLDmezWKZo.mft (raw, json) Hash identifier: TqLXlH/wWLvNI0C+nxa0+Q30/YyhQ4XX6/cRJFlzbLo= Subject key identifier: 4B:BC:1A:DB:BD:E1:32:48:10:3D:39:26:59:AD:DF:98:63:B9:09:9A Authority key identifier: 24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A Certificate issuer: /CN=24ab67136bf990aa8be8857a68d2c399ecd6299a Certificate serial: 019AF19BA7F1FBC4811935316C91EFB4C54A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft Manifest number: 16F0 Signing time: Sat 06 Dec 2025 03:01:41 +0000 Manifest this update: Sat 06 Dec 2025 03:01:41 +0000 Manifest next update: Sun 07 Dec 2025 03:01:41 +0000 Files and hashes: 1: JKtnE2v5kKqL6IV6aNLDmezWKZo.crl (hash: ta/mnTpcpsEhPl3n515xtq62bPbmjC3TCILHwp7ias4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:a7:f1:fb:c4:81:19:35:31:6c:91:ef:b4:c5:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24ab67136bf990aa8be8857a68d2c399ecd6299a Validity Not Before: Dec 6 03:01:41 2025 GMT Not After : Dec 7 03:01:41 2025 GMT Subject: CN=4bbc1adbbde13248103d392659addf9863b9099a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:fd:0a:52:79:a6:45:ea:31:55:ce:7f:42:33: be:c6:00:0c:6d:dc:f0:dc:6b:71:1f:ae:6f:af:b6: 4b:c0:f2:e0:5d:76:de:94:78:b9:08:e1:b4:76:04: c3:6f:64:49:49:aa:54:f0:e3:b6:7c:98:62:43:af: 23:7f:b2:e7:a7:38:bb:6c:85:08:b6:9c:d1:1a:c9: 45:0e:9b:e6:19:7b:26:a3:92:0e:ff:dc:15:fe:cd: 4a:e8:e6:bb:78:64:78:1e:cd:57:32:fe:5a:c1:87: b5:57:50:45:f3:f4:0c:fd:3a:44:60:f7:1d:91:4d: 31:b5:d9:7e:1a:36:db:07:75:d6:30:dd:a5:b6:7f: bb:c3:06:48:e7:02:89:fa:cb:40:62:d6:21:0f:ea: f6:61:c9:4f:7b:8e:00:73:0c:da:10:7e:e1:bd:15: b5:ee:cb:5b:68:bb:6e:b5:cd:44:84:33:86:3b:49: 79:b7:73:5d:fc:50:5c:fb:ae:57:61:e8:c7:c7:ed: b2:6c:a7:37:88:8e:bb:e8:09:4c:f4:6a:9a:27:12: 85:d0:27:15:53:c4:38:41:d9:66:b1:81:6c:6d:c3: 32:a6:66:2d:10:91:5b:7d:48:b8:a8:d7:60:6f:15: 1e:ff:8c:f9:c3:f7:ae:6c:7f:da:15:59:29:8f:01: f0:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:BC:1A:DB:BD:E1:32:48:10:3D:39:26:59:AD:DF:98:63:B9:09:9A X509v3 Authority Key Identifier: keyid:24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:dd:07:f1:9f:d0:8c:f4:34:7e:c1:da:3b:45:89:35:f5:cc: 60:23:80:e0:8f:1d:fc:c5:d1:5d:ad:bd:54:f3:0b:2b:94:6e: bc:07:4c:73:7b:7f:c7:43:f5:93:ec:57:92:ff:39:d2:aa:79: 6c:e2:13:df:00:17:58:25:83:44:34:30:a4:ea:41:f8:8f:96: 95:94:53:d9:a7:bd:64:60:9d:89:af:06:79:11:59:03:50:53: 3e:08:82:01:8f:87:31:25:60:11:3e:63:1d:7f:c4:ca:61:b4: 58:98:46:07:cc:ca:ae:c2:31:82:41:c9:8b:94:a5:39:40:0f: 19:20:a6:9e:fe:3e:c3:86:8e:17:28:e3:e8:1a:a5:a8:8e:ae: a6:b4:bf:fe:38:d5:7c:3b:11:50:79:52:50:0b:03:cc:86:32: 77:42:38:21:91:50:bb:d6:43:9f:e8:ca:96:90:89:88:bd:44: 1b:8d:21:ed:0c:75:35:20:1f:00:78:49:ee:71:47:a8:5f:b3: 86:fb:21:51:01:45:18:eb:b9:e4:37:df:ba:26:09:b8:b9:9c: 21:af:24:50:8d:3d:dd:0d:87:37:48:1c:bf:f1:01:87:38:89: 8d:98:c0:a2:34:cd:8e:5f:28:4c:5d:78:be:51:38:15:6b:be: 29:d8:12:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm6fx+8SBGTUxbJHvtMVKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0YWI2NzEzNmJmOTkwYWE4YmU4ODU3YTY4ZDJjMzk5ZWNk NjI5OWEwHhcNMjUxMjA2MDMwMTQxWhcNMjUxMjA3MDMwMTQxWjAzMTEwLwYDVQQD Eyg0YmJjMWFkYmJkZTEzMjQ4MTAzZDM5MjY1OWFkZGY5ODYzYjkwOTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2f0KUnmmReoxVc5/QjO+xgAMbdzw 3GtxH65vr7ZLwPLgXXbelHi5COG0dgTDb2RJSapU8OO2fJhiQ68jf7Lnpzi7bIUI tpzRGslFDpvmGXsmo5IO/9wV/s1K6Oa7eGR4Hs1XMv5awYe1V1BF8/QM/TpEYPcd kU0xtdl+GjbbB3XWMN2ltn+7wwZI5wKJ+stAYtYhD+r2YclPe44AcwzaEH7hvRW1 7stbaLtutc1EhDOGO0l5t3Nd/FBc+65XYejHx+2ybKc3iI676AlM9GqaJxKF0CcV U8Q4QdlmsYFsbcMypmYtEJFbfUi4qNdgbxUe/4z5w/eubH/aFVkpjwHwBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEu8Gtu94TJIED05Jlmt35hjuQmaMB8GA1UdIwQY MBaAFCSrZxNr+ZCqi+iFemjSw5ns1imaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMt ZGQzMzYwMzkzMzkxLzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMtZGQzMzYwMzkzMzkx LzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANN0H8Z/Q jPQ0fsHaO0WJNfXMYCOA4I8d/MXRXa29VPMLK5RuvAdMc3t/x0P1k+xXkv850qp5 bOIT3wAXWCWDRDQwpOpB+I+WlZRT2ae9ZGCdia8GeRFZA1BTPgiCAY+HMSVgET5j HX/EymG0WJhGB8zKrsIxgkHJi5SlOUAPGSCmnv4+w4aOFyjj6BqlqI6uprS//jjV fDsRUHlSUAsDzIYyd0I4IZFQu9ZDn+jKlpCJiL1EG40h7Qx1NSAfAHhJ7nFHqF+z hvshUQFFGOu55DffuiYJuLmcIa8kUI093Q2HN0gcv/EBhziJjZjAojTNjl8oTF14 vlE4FWu+KdgSHQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:14:38 2025 by rpki-client