This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft File: JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json) Hash identifier: udGkiffsGfjyPv4REyTEC8cpk958UXpHj28CuAF1Ruw= Subject key identifier: 74:EB:1C:79:CB:CC:4C:E5:A5:DF:21:1E:65:80:20:A5:48:D6:AF:56 Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F Certificate issuer: /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f Certificate serial: 019AF464DCBC494921E4FA08A98F79FB33CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft Manifest number: 0DF6 Signing time: Sat 06 Dec 2025 16:00:42 +0000 Manifest this update: Sat 06 Dec 2025 16:00:42 +0000 Manifest next update: Sun 07 Dec 2025 16:00:42 +0000 Files and hashes: 1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: Y/ImhgEqqkzHXPQdwY6d5NFUAvRPvOK1A3/gp6Hultk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:dc:bc:49:49:21:e4:fa:08:a9:8f:79:fb:33:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f Validity Not Before: Dec 6 16:00:42 2025 GMT Not After : Dec 7 16:00:42 2025 GMT Subject: CN=74eb1c79cbcc4ce5a5df211e658020a548d6af56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:73:63:1c:7b:92:33:e0:f0:74:b7:8f:7d:fe: de:8f:70:73:bd:8d:1d:9c:fd:81:9f:d6:b8:38:93: 9f:67:50:88:aa:e9:e1:87:14:f0:96:ce:ac:ed:23: 2e:90:0c:d3:26:5f:46:e3:79:6e:46:6d:7d:4a:9c: 7c:bf:86:5a:ba:b1:e8:0d:22:7a:69:67:2d:00:fa: 32:be:e9:96:6c:19:cf:d8:9f:2d:d7:b4:4a:a2:14: 7a:8f:de:4e:fa:8b:32:a5:cd:22:e0:1e:c6:3f:5a: 31:b4:2a:63:56:4d:48:9d:31:9c:c3:dd:21:6a:50: 0e:1a:a0:ba:34:43:a1:22:7f:b8:f5:81:7c:bc:b1: ac:5e:6c:d7:3a:32:3b:9a:eb:51:a8:42:22:0a:ff: fa:bb:d5:10:28:c0:b0:f2:08:95:3c:d1:3f:f8:5b: 5d:f2:8c:e0:43:f1:ad:68:5d:6f:ac:e5:11:e6:7a: 9e:e5:f8:70:92:6e:86:54:8c:84:b0:24:16:4e:ed: df:95:8a:ff:51:99:7e:d5:40:92:b8:8a:16:e7:21: 6c:6c:c4:8e:6d:89:4a:57:67:54:7b:8d:a2:c8:50: 30:35:26:aa:8e:da:4e:75:b6:f2:de:82:4b:9b:6c: df:09:2b:81:ca:6a:bd:37:99:c0:af:9c:cc:27:d3: 3a:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:EB:1C:79:CB:CC:4C:E5:A5:DF:21:1E:65:80:20:A5:48:D6:AF:56 X509v3 Authority Key Identifier: keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:f3:33:ff:b9:2e:7d:2c:ef:63:e2:0d:7c:9e:e7:3d:1e:c6: 0e:11:40:ad:71:c2:e6:88:ca:8d:ad:58:7c:4a:ac:0b:07:12: 29:fb:38:01:7d:6f:70:54:08:d3:0a:bd:22:15:9a:ea:81:58: b7:5b:1b:a0:e8:a0:1f:bd:ee:41:ac:fe:cf:3c:cd:2f:eb:df: a5:4c:04:9e:d7:06:d5:ed:21:ff:b6:ed:ef:f3:d9:10:d9:7a: 96:c1:85:04:50:fc:66:6b:fe:02:bb:7e:12:61:47:8c:b0:2b: 4a:48:41:12:1e:d5:4e:f5:f3:a1:5f:fe:14:6f:9b:01:94:c5: 34:3e:f9:30:53:dc:7a:dc:58:04:de:8f:9e:05:68:df:bb:e7: 22:54:f5:18:40:a5:6c:17:80:9f:99:64:1f:8f:aa:96:1e:97: 86:8b:a9:b5:0a:d7:5b:64:40:a4:77:1c:82:c6:18:0d:94:32: bd:a8:4c:66:3a:81:02:e7:6b:c0:21:a0:44:e8:96:dc:96:a9: 31:db:cc:7a:23:26:ac:92:98:78:26:38:7e:06:04:70:67:ba: fc:d9:cd:8e:6a:b8:35:38:03:45:aa:ca:a7:53:1b:4b:c8:34: 3e:2f:01:44:4f:9f:0b:ec:c3:25:b5:d1:af:4d:8d:a8:a6:e5: dd:94:0b:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZNy8SUkh5PoIqY95+zPMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1 MTE2OWYwHhcNMjUxMjA2MTYwMDQyWhcNMjUxMjA3MTYwMDQyWjAzMTEwLwYDVQQD Eyg3NGViMWM3OWNiY2M0Y2U1YTVkZjIxMWU2NTgwMjBhNTQ4ZDZhZjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXNjHHuSM+DwdLePff7ej3BzvY0d nP2Bn9a4OJOfZ1CIqunhhxTwls6s7SMukAzTJl9G43luRm19Spx8v4ZaurHoDSJ6 aWctAPoyvumWbBnP2J8t17RKohR6j95O+osypc0i4B7GP1oxtCpjVk1InTGcw90h alAOGqC6NEOhIn+49YF8vLGsXmzXOjI7mutRqEIiCv/6u9UQKMCw8giVPNE/+Ftd 8ozgQ/GtaF1vrOUR5nqe5fhwkm6GVIyEsCQWTu3flYr/UZl+1UCSuIoW5yFsbMSO bYlKV2dUe42iyFAwNSaqjtpOdbby3oJLm2zfCSuBymq9N5nAr5zMJ9M6xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHTrHHnLzEzlpd8hHmWAIKVI1q9WMB8GA1UdIwQY MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPMz/7ku fSzvY+INfJ7nPR7GDhFArXHC5ojKja1YfEqsCwcSKfs4AX1vcFQI0wq9IhWa6oFY t1sboOigH73uQaz+zzzNL+vfpUwEntcG1e0h/7bt7/PZENl6lsGFBFD8Zmv+Art+ EmFHjLArSkhBEh7VTvXzoV/+FG+bAZTFND75MFPcetxYBN6PngVo37vnIlT1GECl bBeAn5lkH4+qlh6XhouptQrXW2RApHccgsYYDZQyvahMZjqBAudrwCGgROiW3Jap MdvMeiMmrJKYeCY4fgYEcGe6/NnNjmq4NTgDRarKp1MbS8g0Pi8BRE+fC+zDJbXR r02NqKbl3ZQL1w== -----END CERTIFICATE-----Generated at Sat Dec 6 19:12:03 2025 by rpki-client