This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft File: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft (raw, json) Hash identifier: 2YsWkoKZYD/VGYYcmwkGS46cdlC3Z5VTgf5ctVEncsk= Subject key identifier: BB:78:1A:A9:D5:3D:33:5D:AE:A2:32:54:70:F5:BE:11:F9:32:7F:F3 Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4 Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4 Certificate serial: 019AF1D1D3C92BF3A98E4FB4591D212199FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft Manifest number: 0B13 Signing time: Sat 06 Dec 2025 04:00:51 +0000 Manifest this update: Sat 06 Dec 2025 04:00:51 +0000 Manifest next update: Sun 07 Dec 2025 04:00:51 +0000 Files and hashes: 1: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl (hash: FJ7w80xBxpHP4eIGaRabCROs8d/n2xiEGZSmrZs7S6M=) 2: sEY4t-bPe6btAR7wv3UJWwU-X2E.roa (hash: aU4yEzDR1E1BJAYcSFYYldSWQZ2ELBxfjYhJldcUrMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:d3:c9:2b:f3:a9:8e:4f:b4:59:1d:21:21:99:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4 Validity Not Before: Dec 6 04:00:51 2025 GMT Not After : Dec 7 04:00:51 2025 GMT Subject: CN=bb781aa9d53d335daea2325470f5be11f9327ff3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a0:1d:26:b3:cb:95:b0:19:30:0b:a9:e5:f6: 7d:75:ba:74:22:a5:a5:d0:76:21:74:e5:c8:47:3d: 17:c7:d8:26:1b:45:26:14:bc:34:9c:26:4d:52:2e: 3a:cf:fc:3c:e7:65:03:99:2c:c1:0a:3e:8e:e6:7b: 37:e6:40:b2:cd:9b:82:f4:13:e9:ee:84:e5:6e:f4: 53:81:dd:bf:f8:e0:fb:ab:ce:bd:aa:23:02:40:96: 20:22:e8:32:96:c9:92:c8:8c:76:7b:1e:18:8d:43: 7f:73:68:a0:ff:6d:00:f4:19:37:97:7a:e5:49:76: c0:27:ab:32:f4:10:60:02:f2:b5:21:10:04:1f:31: 2b:eb:7d:2b:89:0e:d6:25:02:8b:55:c1:46:dd:34: 62:5a:ed:16:d9:21:70:56:49:b4:07:9b:94:7a:2e: b0:f6:5c:88:6d:ac:e5:a4:6b:d7:fd:76:76:10:4e: 1a:a4:34:52:08:5c:25:f2:43:df:c6:00:34:c8:a1: f1:71:b9:ee:bf:34:34:e2:c5:5f:f2:92:e8:39:48: 7c:0d:dd:28:21:1e:c5:4c:ad:ee:d5:6c:8c:c0:a1: 69:33:ef:97:6e:3f:a0:f9:3e:56:d8:d2:84:f1:02: e8:1c:da:83:6d:28:37:ad:b0:5e:da:9f:c5:cd:0b: e9:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:78:1A:A9:D5:3D:33:5D:AE:A2:32:54:70:F5:BE:11:F9:32:7F:F3 X509v3 Authority Key Identifier: keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:bd:90:d6:ab:7f:2e:c6:80:e6:ca:ff:62:7f:16:ee:fe:ea: aa:13:7e:5d:b4:eb:34:99:96:4f:71:94:4e:92:c6:93:0d:c0: dc:c2:22:10:4b:7e:43:50:39:fc:67:5c:e1:9a:5a:b4:31:58: d7:9b:17:6e:f0:8d:47:90:9e:58:b7:d1:c7:6c:82:d1:6f:09: eb:7a:8f:f7:63:67:9c:8a:32:51:49:66:d9:0a:15:ec:6d:f3: ab:28:59:01:bd:5c:99:ef:54:86:a6:1a:23:62:6c:1a:d6:94: 3a:ae:b9:4e:24:e9:fd:8f:d8:d2:76:7e:8c:df:26:7a:8d:a2: b8:c5:f6:17:35:d8:a0:c8:11:a6:60:d2:1b:8a:b2:a1:2d:8e: 0b:4c:e0:d8:8d:ef:aa:98:5d:8e:a3:91:93:57:ba:94:09:45: e0:62:49:3b:1a:df:ed:e5:6f:ce:35:e6:c8:68:41:4f:e5:a9: 43:c8:5b:ac:b8:f0:31:86:aa:a5:47:c8:f7:09:33:78:86:2b: 36:43:c3:34:62:42:29:65:6b:0f:0b:3d:11:46:2c:f4:df:7a: 7b:05:9d:7a:02:ad:a7:51:d4:a1:a1:53:34:82:8a:e4:5f:4f: a9:28:cf:ef:9e:a5:14:0a:34:53:0f:24:42:76:d2:6f:f8:fa: 59:7d:9a:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0dPJK/Opjk+0WR0hIZn6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0 NDhmZTQwHhcNMjUxMjA2MDQwMDUxWhcNMjUxMjA3MDQwMDUxWjAzMTEwLwYDVQQD EyhiYjc4MWFhOWQ1M2QzMzVkYWVhMjMyNTQ3MGY1YmUxMWY5MzI3ZmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqAdJrPLlbAZMAup5fZ9dbp0IqWl 0HYhdOXIRz0Xx9gmG0UmFLw0nCZNUi46z/w852UDmSzBCj6O5ns35kCyzZuC9BPp 7oTlbvRTgd2/+OD7q869qiMCQJYgIugylsmSyIx2ex4YjUN/c2ig/20A9Bk3l3rl SXbAJ6sy9BBgAvK1IRAEHzEr630riQ7WJQKLVcFG3TRiWu0W2SFwVkm0B5uUei6w 9lyIbazlpGvX/XZ2EE4apDRSCFwl8kPfxgA0yKHxcbnuvzQ04sVf8pLoOUh8Dd0o IR7FTK3u1WyMwKFpM++Xbj+g+T5W2NKE8QLoHNqDbSg3rbBe2p/FzQvpfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLt4GqnVPTNdrqIyVHD1vhH5Mn/zMB8GA1UdIwQY MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt NDVhNTM0ZjIyMmY0LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0 LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGr2Q1qt/ LsaA5sr/Yn8W7v7qqhN+XbTrNJmWT3GUTpLGkw3A3MIiEEt+Q1A5/Gdc4ZpatDFY 15sXbvCNR5CeWLfRx2yC0W8J63qP92NnnIoyUUlm2QoV7G3zqyhZAb1cme9UhqYa I2JsGtaUOq65TiTp/Y/Y0nZ+jN8meo2iuMX2FzXYoMgRpmDSG4qyoS2OC0zg2I3v qphdjqORk1e6lAlF4GJJOxrf7eVvzjXmyGhBT+WpQ8hbrLjwMYaqpUfI9wkzeIYr NkPDNGJCKWVrDws9EUYs9N96ewWdegKtp1HUoaFTNIKK5F9PqSjP756lFAo0Uw8k QnbSb/j6WX2ahA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:34 2025 by rpki-client