This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft File: JUIq59QSPce_KI8TeeQ39uHLKpo.mft (raw, json) Hash identifier: IaMp2F8bwN6L2xrOMeu8ooRLl0p6rBrV+atKPoKUESA= Subject key identifier: C2:E6:2C:02:30:CE:5A:03:3C:BE:EC:10:BB:0B:41:C6:7F:B3:51:76 Authority key identifier: 25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A Certificate issuer: /CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a Certificate serial: 019AF19B4EF017D1F9E9581716A83EA0CFD6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft Manifest number: 10DD Signing time: Sat 06 Dec 2025 03:01:18 +0000 Manifest this update: Sat 06 Dec 2025 03:01:18 +0000 Manifest next update: Sun 07 Dec 2025 03:01:18 +0000 Files and hashes: 1: JUIq59QSPce_KI8TeeQ39uHLKpo.crl (hash: JAul2jdSh1jUMZZLxSSA9hj+kLw6tjbpv49af7AeOX4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:4e:f0:17:d1:f9:e9:58:17:16:a8:3e:a0:cf:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a Validity Not Before: Dec 6 03:01:18 2025 GMT Not After : Dec 7 03:01:18 2025 GMT Subject: CN=c2e62c0230ce5a033cbeec10bb0b41c67fb35176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4b:88:4d:39:34:db:c6:a9:3f:69:fe:74:44: 06:e2:83:ac:3b:13:2c:0c:f3:72:d4:35:8f:24:3b: 9a:9e:c6:89:9c:e1:8a:77:ec:7b:98:b2:82:1a:88: aa:31:8e:53:f3:ed:e7:dc:cd:c2:69:69:07:a6:22: 14:1d:95:1f:76:00:ce:fa:9f:e5:b5:76:d4:98:e0: e8:76:0b:85:4e:eb:57:12:f6:c8:0a:20:6a:b1:31: da:02:48:00:e8:45:05:3d:ac:4a:1c:68:31:6a:cc: 6f:76:37:a9:44:1b:b3:11:db:3e:65:9e:6a:18:c6: aa:2a:3c:cc:e9:6d:76:60:27:ea:c7:73:c0:2c:be: ba:83:6f:4c:5a:34:4b:b6:be:c2:dd:da:2e:93:94: b0:52:6b:3c:53:21:e8:c5:d1:bf:cd:50:b2:09:2d: 6e:64:a2:b3:f8:a5:e3:ca:fd:c5:e0:ce:02:39:ac: 18:8a:d4:32:0e:ae:f3:c2:6c:61:73:0f:dd:af:3a: 75:65:72:76:33:f0:b3:d6:2b:d9:91:92:d8:06:eb: 9c:8d:e3:2f:d8:f1:4f:8c:59:02:1d:9c:f8:1c:9c: 84:24:5c:cb:59:1f:43:20:b1:91:18:7f:10:ab:77: 06:d0:01:b8:49:fa:6f:54:44:bd:d8:be:e4:c6:b9: 3d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E6:2C:02:30:CE:5A:03:3C:BE:EC:10:BB:0B:41:C6:7F:B3:51:76 X509v3 Authority Key Identifier: keyid:25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:5d:65:dc:54:76:6f:19:7e:93:6f:2f:f7:aa:3c:13:1f:6b: dc:4a:0c:78:5c:f8:d2:dd:a8:98:43:e2:92:6f:72:12:80:3b: f1:52:7f:2d:e7:58:bf:d2:75:bf:eb:08:21:00:b1:10:67:9d: 15:e4:c7:c8:87:00:7c:6b:b8:8b:f0:e8:d6:f5:ff:5b:f2:8e: 0d:d7:fb:cf:23:23:f4:4a:e6:44:e1:a4:94:3d:f5:76:fc:b3: 5d:dc:ca:f5:34:35:23:af:d7:f0:17:28:dd:b4:44:64:91:a7: fc:b9:ec:07:82:2a:fa:e9:ca:80:b2:07:08:a0:a3:b6:89:8e: 47:91:5f:f6:3c:d5:8d:ac:5e:4b:8c:ab:8f:33:47:56:cb:7e: 99:e6:e8:46:04:89:0b:5b:41:8c:2e:6e:3f:3d:34:8f:7e:d7: b0:9f:10:94:dc:5f:fe:95:d9:a4:74:c5:d5:21:8d:22:46:b2: e0:66:e0:cd:96:0b:3f:bc:6f:7f:6e:8d:34:9d:11:f1:b9:8b: cb:b5:82:15:a4:1c:fb:c7:1e:2f:d5:7c:de:e8:c5:90:3e:bf: 7b:a7:48:40:14:69:8f:bb:41:b1:9c:f2:c5:ef:64:f5:b3:e6: bf:fa:ee:6a:80:2b:a5:fe:4e:83:2a:cd:b5:4f:da:c0:91:b1: 52:42:bf:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm07wF9H56VgXFqg+oM/WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1NDIyYWU3ZDQxMjNkYzdiZjI4OGYxMzc5ZTQzN2Y2ZTFj YjJhOWEwHhcNMjUxMjA2MDMwMTE4WhcNMjUxMjA3MDMwMTE4WjAzMTEwLwYDVQQD EyhjMmU2MmMwMjMwY2U1YTAzM2NiZWVjMTBiYjBiNDFjNjdmYjM1MTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUuITTk028apP2n+dEQG4oOsOxMs DPNy1DWPJDuansaJnOGKd+x7mLKCGoiqMY5T8+3n3M3CaWkHpiIUHZUfdgDO+p/l tXbUmODodguFTutXEvbICiBqsTHaAkgA6EUFPaxKHGgxasxvdjepRBuzEds+ZZ5q GMaqKjzM6W12YCfqx3PALL66g29MWjRLtr7C3douk5SwUms8UyHoxdG/zVCyCS1u ZKKz+KXjyv3F4M4COawYitQyDq7zwmxhcw/drzp1ZXJ2M/Cz1ivZkZLYBuucjeMv 2PFPjFkCHZz4HJyEJFzLWR9DILGRGH8Qq3cG0AG4SfpvVES92L7kxrk9TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMLmLAIwzloDPL7sELsLQcZ/s1F2MB8GA1UdIwQY MBaAFCVCKufUEj3HvyiPE3nkN/bhyyqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAt ZmFhNmJlY2RhZjA1LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAtZmFhNmJlY2RhZjA1 LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGF1l3FR2 bxl+k28v96o8Ex9r3EoMeFz40t2omEPikm9yEoA78VJ/LedYv9J1v+sIIQCxEGed FeTHyIcAfGu4i/Do1vX/W/KODdf7zyMj9ErmROGklD31dvyzXdzK9TQ1I6/X8Bco 3bREZJGn/LnsB4Iq+unKgLIHCKCjtomOR5Ff9jzVjaxeS4yrjzNHVst+meboRgSJ C1tBjC5uPz00j37XsJ8QlNxf/pXZpHTF1SGNIkay4GbgzZYLP7xvf26NNJ0R8bmL y7WCFaQc+8ceL9V83ujFkD6/e6dIQBRpj7tBsZzyxe9k9bPmv/ruaoArpf5OgyrN tU/awJGxUkK/gw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:29 2025 by rpki-client