This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft File: JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft (raw, json) Hash identifier: 8UEbXWUofkTnRBGkg9wGMOmRyfUuZE7W8Um/PPI9U/g= Subject key identifier: BA:12:72:68:54:BD:3E:8C:88:79:86:17:E8:A7:D2:74:1D:0B:DD:C7 Authority key identifier: 24:E9:40:DB:19:0B:69:2C:D1:B0:D5:83:ED:B6:D8:C3:61:12:45:69 Certificate issuer: /CN=24e940db190b692cd1b0d583edb6d8c361124569 Certificate serial: 019AF2ADE9A9FDAB9C2862CA55B53847A14A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft Manifest number: 01F0 Signing time: Sat 06 Dec 2025 08:01:14 +0000 Manifest this update: Sat 06 Dec 2025 08:01:14 +0000 Manifest next update: Sun 07 Dec 2025 08:01:14 +0000 Files and hashes: 1: JOlA2xkLaSzRsNWD7bbYw2ESRWk.crl (hash: nKhfuNmJOdGWZf+KN2vnHRYXBNWqodWZXWQXR/Wv0Us=) 2: NDyL4QmyZMdWfVseu9H3PyESraU.roa (hash: 2KgZJolbNaz+51AuiNXbaQEgEsCh7UoocaNukepjnzw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:e9:a9:fd:ab:9c:28:62:ca:55:b5:38:47:a1:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e940db190b692cd1b0d583edb6d8c361124569 Validity Not Before: Dec 6 08:01:14 2025 GMT Not After : Dec 7 08:01:14 2025 GMT Subject: CN=ba12726854bd3e8c88798617e8a7d2741d0bddc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:45:cb:68:09:9e:0b:26:82:62:68:08:6e:b8: a2:d6:fc:50:72:7e:dc:0a:84:e5:e1:be:3e:02:8d: 2a:2f:b3:99:6f:65:56:08:9e:43:55:d2:38:4c:9e: 5f:b6:f0:2d:6e:9f:50:6c:81:b3:47:52:10:e2:d4: 81:b4:6e:1f:1e:2f:3c:f0:59:2e:eb:ab:25:d6:cd: 1e:af:31:09:e2:76:19:20:74:85:2a:80:80:74:4d: 12:bd:64:d6:4c:c7:81:06:b4:84:1f:22:5b:78:c1: 56:23:c9:2c:3d:f3:2c:03:4e:23:40:32:f3:e9:76: 88:a0:b8:47:3d:73:ae:35:b4:74:0a:0c:3a:02:c2: ba:99:9c:3c:c9:13:dc:82:82:c4:72:48:75:e7:15: 06:b4:17:11:55:2e:fa:66:e5:d2:97:50:a3:06:10: 38:a2:1b:da:03:fa:53:2c:63:f4:57:5b:40:26:ab: 9c:ef:ba:fb:64:45:0b:4a:27:63:d2:8a:fe:50:4e: a7:50:89:b0:2b:f7:8c:98:0a:cc:cc:4d:ca:93:d3: ff:18:dd:89:78:3d:3e:13:7f:ad:6f:1e:bc:54:03: 9d:f0:a2:37:a3:68:a2:3e:c8:19:af:02:df:10:e8: aa:3c:f7:08:f3:69:76:32:c4:0d:6a:cd:f9:ca:b1: a7:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:12:72:68:54:BD:3E:8C:88:79:86:17:E8:A7:D2:74:1D:0B:DD:C7 X509v3 Authority Key Identifier: keyid:24:E9:40:DB:19:0B:69:2C:D1:B0:D5:83:ED:B6:D8:C3:61:12:45:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOlA2xkLaSzRsNWD7bbYw2ESRWk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/75025d-061a-4d96-a7d2-f589f8c032ca/1/JOlA2xkLaSzRsNWD7bbYw2ESRWk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:46:9e:26:42:1a:ad:c8:5a:74:19:1c:59:09:5c:65:c6:ed: 5a:01:7b:c4:35:17:8a:64:2f:9d:8f:b1:e4:56:ed:ef:e1:9e: 7c:32:99:05:4a:93:dc:1c:f2:3f:9f:59:bd:b5:63:0a:36:6f: 26:3f:24:7b:9f:69:7f:8f:9f:05:42:eb:e0:17:0c:bf:de:6c: 01:6b:61:3d:16:9c:53:3d:d3:97:82:c2:ef:c4:3f:5b:b3:eb: e7:0b:a5:d2:d1:77:b4:11:12:9f:8b:62:6f:81:b7:ec:16:d7: e8:91:f3:6a:35:16:82:b0:14:87:1b:45:49:7f:d1:c2:14:0a: f1:25:40:a5:0a:ac:12:11:92:6f:ee:3f:90:3e:dc:d2:d2:59: 90:b5:18:e3:fd:38:e7:98:01:03:f1:a6:03:c1:50:82:64:2a: ab:f5:76:e2:bf:f3:d9:4e:06:ef:4d:0e:b1:8c:4f:8c:00:73: 14:28:38:40:2e:dc:91:59:3e:d7:fe:ab:04:29:c2:42:39:b4: 56:c8:ab:2c:d7:53:19:fd:eb:75:a0:77:f8:a2:99:2e:55:d9: dc:99:e2:b6:fb:e4:01:ae:d7:8b:2e:f7:0e:fd:09:77:fe:d7: 4d:dc:14:b0:ad:7a:de:c8:fc:38:41:9f:b0:f7:89:df:68:16: 98:f2:d0:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryremp/aucKGLKVbU4R6FKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0ZTk0MGRiMTkwYjY5MmNkMWIwZDU4M2VkYjZkOGMzNjEx MjQ1NjkwHhcNMjUxMjA2MDgwMTE0WhcNMjUxMjA3MDgwMTE0WjAzMTEwLwYDVQQD EyhiYTEyNzI2ODU0YmQzZThjODg3OTg2MTdlOGE3ZDI3NDFkMGJkZGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20XLaAmeCyaCYmgIbrii1vxQcn7c CoTl4b4+Ao0qL7OZb2VWCJ5DVdI4TJ5ftvAtbp9QbIGzR1IQ4tSBtG4fHi888Fku 66sl1s0erzEJ4nYZIHSFKoCAdE0SvWTWTMeBBrSEHyJbeMFWI8ksPfMsA04jQDLz 6XaIoLhHPXOuNbR0Cgw6AsK6mZw8yRPcgoLEckh15xUGtBcRVS76ZuXSl1CjBhA4 ohvaA/pTLGP0V1tAJquc77r7ZEULSidj0or+UE6nUImwK/eMmArMzE3Kk9P/GN2J eD0+E3+tbx68VAOd8KI3o2iiPsgZrwLfEOiqPPcI82l2MsQNas35yrGnlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLoScmhUvT6MiHmGF+in0nQdC93HMB8GA1UdIwQY MBaAFCTpQNsZC2ks0bDVg+222MNhEkVpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSk9sQTJ4a0xhU3pSc05XRDdiYll3MkVTUldrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NTAyNWQtMDYxYS00ZDk2LWE3ZDIt ZjU4OWY4YzAzMmNhLzEvSk9sQTJ4a0xhU3pSc05XRDdiYll3MkVTUldrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi83NTAyNWQtMDYxYS00ZDk2LWE3ZDItZjU4OWY4YzAzMmNh LzEvSk9sQTJ4a0xhU3pSc05XRDdiYll3MkVTUldrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUaeJkIa rchadBkcWQlcZcbtWgF7xDUXimQvnY+x5Fbt7+GefDKZBUqT3BzyP59ZvbVjCjZv Jj8ke59pf4+fBULr4BcMv95sAWthPRacUz3Tl4LC78Q/W7Pr5wul0tF3tBESn4ti b4G37BbX6JHzajUWgrAUhxtFSX/RwhQK8SVApQqsEhGSb+4/kD7c0tJZkLUY4/04 55gBA/GmA8FQgmQqq/V24r/z2U4G700OsYxPjABzFCg4QC7ckVk+1/6rBCnCQjm0 VsirLNdTGf3rdaB3+KKZLlXZ3JnitvvkAa7Xiy73Dv0Jd/7XTdwUsK163sj8OEGf sPeJ32gWmPLQzQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:58:25 2025 by rpki-client