This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft File: J2zuYEMhsPEryjZ7VMBzmqil8To.mft (raw, json) Hash identifier: qYHfoaZPouPoyA7u3JK+0IibqgBpP3mXg7t5HX2jMnY= Subject key identifier: 9F:9E:C3:2A:29:62:2D:19:60:0C:DD:C1:FA:52:83:9C:D1:AF:BC:0C Authority key identifier: 27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A Certificate issuer: /CN=276cee604321b0f12bca367b54c0739aa8a5f13a Certificate serial: 019B2EFA124575AC9F507817DF1E3FFD3CE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft Manifest number: 10D3 Signing time: Thu 18 Dec 2025 01:01:39 +0000 Manifest this update: Thu 18 Dec 2025 01:01:39 +0000 Manifest next update: Fri 19 Dec 2025 01:01:39 +0000 Files and hashes: 1: J2zuYEMhsPEryjZ7VMBzmqil8To.crl (hash: /IAzoLqBPq124wdJ2FzHLCeFD+Qr4KtxvEin80tu/yc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:12:45:75:ac:9f:50:78:17:df:1e:3f:fd:3c:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=276cee604321b0f12bca367b54c0739aa8a5f13a Validity Not Before: Dec 18 01:01:39 2025 GMT Not After : Dec 19 01:01:39 2025 GMT Subject: CN=9f9ec32a29622d19600cddc1fa52839cd1afbc0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3d:77:4a:5f:51:c6:a8:4b:58:07:3e:d8:ae: 4f:b8:a2:09:ed:57:96:5e:e0:08:86:74:4b:a5:40: 73:ca:e3:fe:30:ba:85:62:ab:13:9f:ee:3c:4d:de: 1c:10:6a:e4:02:bc:87:e8:6c:2d:01:ea:26:c3:66: 0b:3d:48:ba:29:f8:09:41:79:64:22:0e:f7:0f:b0: fa:1a:76:35:d6:e6:81:b2:a7:c0:bf:cf:c0:82:a9: c4:69:04:46:d0:6d:f7:ef:c0:03:fb:f7:1f:54:b1: 10:bb:d0:6e:bb:14:e6:ce:15:fa:4e:aa:7f:0b:fe: 2a:d5:38:20:92:cb:9a:cf:4d:74:0d:12:ea:cf:be: c0:b2:96:6f:b1:d3:d2:4c:40:d0:b8:2f:ad:f5:99: d4:fd:6c:3f:6e:ff:58:d3:f0:4e:15:e5:26:08:42: 00:d1:7c:96:96:a6:ae:eb:8c:89:b6:4a:34:07:0d: 88:c7:96:0a:7c:16:18:5a:5e:d1:cd:b7:29:9a:00: 65:f2:1a:49:05:cf:05:17:ac:c0:c6:37:6b:5a:ea: 1a:e2:c5:24:6d:d4:d2:75:d3:3f:76:27:f8:9a:cc: 13:ac:89:c1:71:8b:89:87:36:60:9a:42:ad:fd:95: a4:56:47:2a:76:3d:ff:b5:54:46:70:f6:8b:aa:2a: a3:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:9E:C3:2A:29:62:2D:19:60:0C:DD:C1:FA:52:83:9C:D1:AF:BC:0C X509v3 Authority Key Identifier: keyid:27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:ef:5c:f4:b7:53:be:97:6f:ff:21:d9:ba:3a:b3:8f:64:5c: 1a:d5:c2:a3:e6:bf:ab:5c:c9:a1:f2:bf:ec:99:72:a0:3e:d0: 11:b8:2d:52:fc:7e:18:50:66:73:b8:0c:7b:0c:4b:f1:cc:14: 43:9e:4a:81:6b:54:58:c4:a2:f5:a4:61:8f:68:f6:a1:f7:5a: 33:79:3d:dc:9f:38:06:b4:df:69:87:85:2d:60:9b:8b:52:0f: 3a:95:78:cf:db:33:30:d9:9d:54:94:2a:6b:27:5e:7b:ef:dc: 79:01:70:3a:1f:55:5c:b9:d8:bd:27:c8:27:10:2d:bb:08:cd: ce:76:e7:a7:93:8c:27:d9:c0:b4:73:9f:9a:8f:79:66:c4:dd: 30:dd:a0:ba:01:43:f9:e2:f6:37:1f:69:12:8a:7c:72:c7:97: fd:0d:84:ca:c0:36:cc:d5:6f:74:38:ee:24:d0:93:40:7a:ec: ea:2d:3d:0b:a5:48:0a:4e:bb:24:5e:46:e3:48:7c:09:7c:89: 88:6a:35:0a:fa:eb:34:30:e2:4d:b7:34:1d:ea:1f:13:05:25: d5:18:31:6c:2e:a1:5a:35:7e:60:3c:07:fb:9b:ed:b6:b7:29: 89:23:cb:19:03:d8:80:db:fd:55:3f:b5:5b:ef:0d:0d:36:53: 0d:f4:76:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+hJFdayfUHgX3x4//TznMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3NmNlZTYwNDMyMWIwZjEyYmNhMzY3YjU0YzA3MzlhYThh NWYxM2EwHhcNMjUxMjE4MDEwMTM5WhcNMjUxMjE5MDEwMTM5WjAzMTEwLwYDVQQD Eyg5ZjllYzMyYTI5NjIyZDE5NjAwY2RkYzFmYTUyODM5Y2QxYWZiYzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz13Sl9RxqhLWAc+2K5PuKIJ7VeW XuAIhnRLpUBzyuP+MLqFYqsTn+48Td4cEGrkAryH6GwtAeomw2YLPUi6KfgJQXlk Ig73D7D6GnY11uaBsqfAv8/AgqnEaQRG0G3378AD+/cfVLEQu9BuuxTmzhX6Tqp/ C/4q1Tggksuaz010DRLqz77AspZvsdPSTEDQuC+t9ZnU/Ww/bv9Y0/BOFeUmCEIA 0XyWlqau64yJtko0Bw2Ix5YKfBYYWl7RzbcpmgBl8hpJBc8FF6zAxjdrWuoa4sUk bdTSddM/dif4mswTrInBcYuJhzZgmkKt/ZWkVkcqdj3/tVRGcPaLqiqj/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ+ewyopYi0ZYAzdwfpSg5zRr7wMMB8GA1UdIwQY MBaAFCds7mBDIbDxK8o2e1TAc5qopfE6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgt MjU4OTU0YjRmZTVhLzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgtMjU4OTU0YjRmZTVh LzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+9c9LdT vpdv/yHZujqzj2RcGtXCo+a/q1zJofK/7JlyoD7QEbgtUvx+GFBmc7gMewxL8cwU Q55KgWtUWMSi9aRhj2j2ofdaM3k93J84BrTfaYeFLWCbi1IPOpV4z9szMNmdVJQq aydee+/ceQFwOh9VXLnYvSfIJxAtuwjNznbnp5OMJ9nAtHOfmo95ZsTdMN2gugFD +eL2Nx9pEop8cseX/Q2EysA2zNVvdDjuJNCTQHrs6i09C6VICk67JF5G40h8CXyJ iGo1CvrrNDDiTbc0HeofEwUl1RgxbC6hWjV+YDwH+5vttrcpiSPLGQPYgNv9VT+1 W+8NDTZTDfR2Bw== -----END CERTIFICATE-----Generated at Thu Dec 18 05:04:07 2025 by rpki-client