This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft File: JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json) Hash identifier: 8xBgJy1bBl4jTinmUpGMFNN2m2gbMfy0tBxup+Hgc28= Subject key identifier: 5C:C9:8B:E5:61:3D:72:32:34:22:AF:AD:85:D7:06:E5:84:B7:6B:8A Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9 Certificate issuer: /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9 Certificate serial: 019AF12E21AA18DBB89FA3461BD409733D7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:02:03 +0000 Manifest this update: Sat 06 Dec 2025 01:02:03 +0000 Manifest next update: Sun 07 Dec 2025 01:02:03 +0000 Files and hashes: 1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: GON1I2bZpi6+YNIJs0f5/NhUs1g3+7gz/8EK51H9Uu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:21:aa:18:db:b8:9f:a3:46:1b:d4:09:73:3d:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9 Validity Not Before: Dec 6 01:02:03 2025 GMT Not After : Dec 7 01:02:03 2025 GMT Subject: CN=5cc98be5613d72323422afad85d706e584b76b8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ee:d5:93:0c:55:ae:34:ac:59:50:a7:0f:8c: 4b:59:57:50:24:f8:71:0f:74:87:df:a2:d0:8d:dc: 0b:cf:b4:4a:be:29:d1:75:86:e8:4b:6e:49:76:e2: 06:4f:03:12:49:87:80:20:ff:e3:74:ea:30:41:b9: 04:46:c0:e4:27:8e:a4:59:40:7b:31:f9:a7:6a:41: b7:17:96:83:e8:89:10:29:35:a6:62:6c:bb:1e:b6: 26:46:03:cc:52:58:81:b2:b9:b2:63:cf:f4:fa:34: b1:29:4a:b8:e4:d4:c6:d2:df:d3:bb:fa:33:74:ff: d7:e3:27:b2:01:ba:c2:b1:14:52:50:4a:cb:da:77: f0:09:82:c3:58:1f:f2:72:a2:22:6a:13:75:fd:d4: 9c:41:8f:4d:c6:c4:8a:cb:30:62:66:f7:c9:53:bc: ea:be:c5:bc:70:6c:dd:91:78:51:d1:64:db:41:17: ea:23:1a:e6:3f:41:05:47:07:05:ae:3a:fb:13:7c: 3d:86:67:28:b3:ab:ef:23:0a:0e:f1:ea:41:97:0f: a7:46:33:cf:53:e0:87:59:f4:61:4b:54:89:34:21: 4d:f8:53:40:cf:34:ff:8d:db:6e:bc:c9:ab:e2:61: c1:3c:50:1b:df:f0:84:49:b2:bb:f2:74:c2:9b:2c: 65:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C9:8B:E5:61:3D:72:32:34:22:AF:AD:85:D7:06:E5:84:B7:6B:8A X509v3 Authority Key Identifier: keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:fb:d8:3c:32:64:cf:b0:38:c8:35:97:dd:85:82:f8:69:79: 7d:0e:73:d1:17:30:5b:f9:a7:25:ca:ab:03:f3:5e:ab:93:28: f6:31:ae:b7:52:d8:47:3a:78:fe:15:8e:a0:ef:91:2b:7e:28: 91:f1:1d:26:a0:ae:90:44:b0:76:c2:4f:a2:89:19:fa:b7:b0: 93:de:3f:00:5b:e2:a4:1d:76:a6:17:45:96:6f:80:ad:ab:86: 35:4e:8f:e8:aa:ab:56:56:ad:8f:a7:0e:1a:bf:b2:a8:b2:e5: 14:ba:7e:26:84:43:31:04:ac:51:07:3a:61:04:23:c5:f3:4a: 29:7b:3f:86:1b:73:e1:46:05:f5:ec:e1:ab:24:9b:62:fd:61: 04:eb:69:af:72:02:b6:5e:ef:1c:82:21:ad:ff:35:43:b1:f6: b5:12:75:a6:b7:a8:0c:66:3a:8b:10:46:4a:7b:f8:1c:5b:27: f2:32:bc:a3:e7:1e:80:c3:66:e1:c4:91:9f:e4:15:7f:c2:e7: 7c:1d:f0:8d:82:1c:6c:36:2f:ac:7c:f2:82:35:1e:bc:c8:a7: 26:d3:d0:9e:7d:ae:ff:41:83:81:e3:75:cd:4f:73:f0:a1:50: 94:e4:a1:3c:1e:17:bf:88:dd:21:34:82:b6:80:41:25:d3:e8: 41:53:84:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLiGqGNu4n6NGG9QJcz19MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4 MmFmYjkwHhcNMjUxMjA2MDEwMjAzWhcNMjUxMjA3MDEwMjAzWjAzMTEwLwYDVQQD Eyg1Y2M5OGJlNTYxM2Q3MjMyMzQyMmFmYWQ4NWQ3MDZlNTg0Yjc2YjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u7VkwxVrjSsWVCnD4xLWVdQJPhx D3SH36LQjdwLz7RKvinRdYboS25JduIGTwMSSYeAIP/jdOowQbkERsDkJ46kWUB7 MfmnakG3F5aD6IkQKTWmYmy7HrYmRgPMUliBsrmyY8/0+jSxKUq45NTG0t/Tu/oz dP/X4yeyAbrCsRRSUErL2nfwCYLDWB/ycqIiahN1/dScQY9NxsSKyzBiZvfJU7zq vsW8cGzdkXhR0WTbQRfqIxrmP0EFRwcFrjr7E3w9hmcos6vvIwoO8epBlw+nRjPP U+CHWfRhS1SJNCFN+FNAzzT/jdtuvMmr4mHBPFAb3/CESbK78nTCmyxl9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFzJi+VhPXIyNCKvrYXXBuWEt2uKMB8GA1UdIwQY MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvvYPDJk z7A4yDWX3YWC+Gl5fQ5z0RcwW/mnJcqrA/Neq5Mo9jGut1LYRzp4/hWOoO+RK34o kfEdJqCukESwdsJPookZ+rewk94/AFvipB12phdFlm+ArauGNU6P6KqrVlatj6cO Gr+yqLLlFLp+JoRDMQSsUQc6YQQjxfNKKXs/hhtz4UYF9ezhqySbYv1hBOtpr3IC tl7vHIIhrf81Q7H2tRJ1preoDGY6ixBGSnv4HFsn8jK8o+cegMNm4cSRn+QVf8Ln fB3wjYIcbDYvrHzygjUevMinJtPQnn2u/0GDgeN1zU9z8KFQlOShPB4Xv4jdITSC toBBJdPoQVOE4Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:26 2025 by rpki-client