This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft File: jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json) Hash identifier: OolrRwWU/VWK9jxpX0diZaA5MdVP94gzjYD5lE+igYI= Subject key identifier: 1D:E8:B5:B1:D2:39:CD:6F:FE:06:08:B3:36:C6:99:28:40:94:81:70 Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36 Certificate issuer: /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36 Certificate serial: 019AF12EEC8F2BC1C7F3A8FB3D4E38048CA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft Manifest number: 0C3B Signing time: Sat 06 Dec 2025 01:02:55 +0000 Manifest this update: Sat 06 Dec 2025 01:02:55 +0000 Manifest next update: Sun 07 Dec 2025 01:02:55 +0000 Files and hashes: 1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: kvAZZuMA/rXlQEKCZRuRwuRx/D63aD4NBPK9hm/p5+g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:ec:8f:2b:c1:c7:f3:a8:fb:3d:4e:38:04:8c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36 Validity Not Before: Dec 6 01:02:55 2025 GMT Not After : Dec 7 01:02:55 2025 GMT Subject: CN=1de8b5b1d239cd6ffe0608b336c6992840948170 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4f:87:8d:78:b0:97:e0:6d:98:51:99:74:4e: db:4b:2a:39:0f:e7:69:a0:ff:79:3e:b3:c7:e6:0a: 99:ac:93:9d:ea:0e:64:48:8c:2d:0b:f3:7b:d8:ef: ac:26:ef:4e:81:1f:94:70:c2:16:63:b0:c3:83:19: 75:fe:64:8d:21:43:98:9b:05:8d:1a:da:4e:85:e1: e4:96:c3:d7:4b:d3:9c:55:1e:85:c9:5e:c0:cc:4e: f7:a6:10:00:7e:f0:7d:77:27:78:41:0b:03:8e:ef: da:89:e3:a4:80:92:2e:00:89:45:00:71:5a:30:e7: 11:2e:cb:7a:41:b7:6c:cc:be:d2:34:53:16:bf:11: b4:32:5b:95:17:fe:8e:a8:14:3d:0c:83:77:82:01: 64:c9:cb:06:72:9f:53:45:e8:f1:4a:a4:9f:31:50: da:1b:b0:41:e7:30:0a:34:36:e1:a5:9e:b3:fe:f8: 52:6f:74:05:f4:29:c2:3d:70:f4:83:0f:88:52:2a: 1c:43:a7:5b:a9:c6:ec:35:96:7a:0d:17:28:00:64: da:99:0c:97:89:d4:d8:e2:f5:b7:8d:87:34:22:b2: 1e:dc:a0:d6:00:8e:85:b6:b8:83:79:7d:e5:ac:6a: e4:26:31:0e:ba:33:92:bb:09:4e:75:44:72:fa:02: 8e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:E8:B5:B1:D2:39:CD:6F:FE:06:08:B3:36:C6:99:28:40:94:81:70 X509v3 Authority Key Identifier: keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:c7:3e:e3:48:ea:79:5a:f6:af:7b:26:8a:5b:90:22:7a:e6: 8b:a3:71:d0:ef:0e:05:9b:80:48:c9:18:98:d1:2b:1b:3b:47: b4:ae:35:bd:26:50:3f:bf:16:0f:fa:52:7a:5b:02:1e:c4:98: ac:08:f5:1b:5e:17:05:2e:83:f9:d8:87:82:67:97:9b:c2:4c: 85:03:87:d3:5f:15:9f:0b:31:28:80:eb:11:76:fe:de:d5:92: fb:98:00:22:46:ab:2b:84:3c:5d:51:31:21:ef:22:26:78:85: 09:ed:ce:0a:12:fc:5b:fa:77:6f:3b:55:a1:30:90:6f:cd:59: f7:d4:2f:15:18:27:ce:97:1f:f6:e5:9d:47:0c:7a:b3:bc:83: 17:46:b0:8e:5a:fc:27:d4:a7:2b:5c:d8:c4:b6:71:7c:c4:ab: ea:7d:58:2f:17:a4:49:2b:92:78:4f:6d:2c:7b:12:0e:0a:b5: d4:99:61:80:95:0f:87:74:b3:92:c5:2b:20:1f:85:6c:cf:35: 74:9a:a1:33:aa:dc:34:4c:42:c8:b9:05:af:90:5c:36:36:e1: 11:68:4e:1e:7e:20:53:80:94:c7:56:d8:fd:9a:ce:e3:75:9b: 03:6a:dc:3d:38:75:60:b5:d5:91:db:86:81:76:76:1f:64:72: 14:7b:2f:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLuyPK8HH86j7PU44BIyhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz ODFkMzYwHhcNMjUxMjA2MDEwMjU1WhcNMjUxMjA3MDEwMjU1WjAzMTEwLwYDVQQD EygxZGU4YjViMWQyMzljZDZmZmUwNjA4YjMzNmM2OTkyODQwOTQ4MTcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0+HjXiwl+BtmFGZdE7bSyo5D+dp oP95PrPH5gqZrJOd6g5kSIwtC/N72O+sJu9OgR+UcMIWY7DDgxl1/mSNIUOYmwWN GtpOheHklsPXS9OcVR6FyV7AzE73phAAfvB9dyd4QQsDju/aieOkgJIuAIlFAHFa MOcRLst6QbdszL7SNFMWvxG0MluVF/6OqBQ9DIN3ggFkycsGcp9TRejxSqSfMVDa G7BB5zAKNDbhpZ6z/vhSb3QF9CnCPXD0gw+IUiocQ6dbqcbsNZZ6DRcoAGTamQyX idTY4vW3jYc0IrIe3KDWAI6FtriDeX3lrGrkJjEOujOSuwlOdURy+gKOEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3otbHSOc1v/gYIszbGmShAlIFwMB8GA1UdIwQY MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIsc+40jq eVr2r3smiluQInrmi6Nx0O8OBZuASMkYmNErGztHtK41vSZQP78WD/pSelsCHsSY rAj1G14XBS6D+diHgmeXm8JMhQOH018VnwsxKIDrEXb+3tWS+5gAIkarK4Q8XVEx Ie8iJniFCe3OChL8W/p3bztVoTCQb81Z99QvFRgnzpcf9uWdRwx6s7yDF0awjlr8 J9SnK1zYxLZxfMSr6n1YLxekSSuSeE9tLHsSDgq11JlhgJUPh3SzksUrIB+FbM81 dJqhM6rcNExCyLkFr5BcNjbhEWhOHn4gU4CUx1bY/ZrO43WbA2rcPTh1YLXVkduG gXZ2H2RyFHsveg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:26:25 2025 by rpki-client