This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft File: jDJOtM17M3hJro0yb8iZAvUDpMY.mft (raw, json) Hash identifier: DoT8ohSw/3usQsIX3Np6TqBlIKwkP0LUWl3ikd/UTPE= Subject key identifier: 55:23:F7:72:4D:C2:36:56:E5:0F:FA:6D:B0:7B:07:BB:57:63:AC:29 Authority key identifier: 8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6 Certificate issuer: /CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6 Certificate serial: 019AF2ADA12C4FA4705EE9A20A0C1CD2524D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft Manifest number: 0218 Signing time: Sat 06 Dec 2025 08:00:56 +0000 Manifest this update: Sat 06 Dec 2025 08:00:56 +0000 Manifest next update: Sun 07 Dec 2025 08:00:56 +0000 Files and hashes: 1: jDJOtM17M3hJro0yb8iZAvUDpMY.crl (hash: cIsQptr5aOhumxOdVKEv5eUmaJHLALYQcDb8trDHMp0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:a1:2c:4f:a4:70:5e:e9:a2:0a:0c:1c:d2:52:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6 Validity Not Before: Dec 6 08:00:56 2025 GMT Not After : Dec 7 08:00:56 2025 GMT Subject: CN=5523f7724dc23656e50ffa6db07b07bb5763ac29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b6:1e:56:ce:a7:2b:eb:3d:47:6c:4d:1d:c9: 12:1b:27:be:77:76:79:dc:d2:ae:a6:9f:7a:ab:55: 99:45:b2:40:be:73:cd:64:6c:2f:a9:1d:68:24:1d: 77:cc:35:8a:9e:08:f0:a7:b9:a7:a1:46:89:5f:3b: 20:33:00:ed:21:26:66:7b:3b:f6:70:8d:59:1f:58: 4f:26:fc:ac:c6:64:f5:fb:fa:ef:d9:86:83:5b:a9: 77:01:b9:12:3a:a7:0c:e7:a5:04:7f:b5:fb:85:b8: 4f:72:c1:47:73:7b:b0:ae:2a:70:d2:e4:2f:17:1e: d4:38:e6:7e:bf:4d:3f:f2:63:87:c7:9c:e1:f5:3f: 58:ff:e9:7a:80:45:1d:a4:57:9b:24:e3:97:74:61: 47:32:fa:c3:c5:78:31:86:ed:ac:af:ad:cf:d6:b0: 82:ab:a1:8f:30:d9:2d:71:ea:21:f3:1f:3c:99:9d: 6c:4c:8e:88:45:28:e6:6d:ec:54:e8:a7:db:df:d5: e4:30:61:c2:b9:a3:4b:02:48:c7:51:50:f8:4f:88: ea:d1:13:38:c2:ae:a5:4f:0c:59:33:3a:ab:b5:65: 2a:5f:b2:a2:28:2a:1d:b8:6f:b5:e8:1d:45:cc:dc: 4e:41:12:44:e7:bf:0e:a3:79:e7:a3:02:0f:09:66: 5f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:23:F7:72:4D:C2:36:56:E5:0F:FA:6D:B0:7B:07:BB:57:63:AC:29 X509v3 Authority Key Identifier: keyid:8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:a5:6d:20:e2:4f:5f:a0:26:29:51:d1:5c:92:5c:c2:68:f7: 0c:a7:12:06:65:e3:1c:8f:14:c8:61:9e:58:64:e3:a8:25:ea: af:43:1a:bc:70:83:92:3d:56:8b:c0:32:7e:04:fa:f9:3a:50: e4:3c:76:30:69:59:c3:ac:d0:27:4d:38:3f:56:a9:4e:c5:61: 1c:81:be:80:9d:87:45:8f:03:c4:90:e0:bd:f5:b5:3a:04:cb: c5:73:0e:47:88:3b:f5:03:ce:4a:be:2e:55:e1:a8:56:a2:2a: 75:1c:0e:0b:1f:10:36:09:95:fc:f2:f0:37:ec:17:5f:22:fc: 81:48:a0:0e:80:4e:b0:fb:06:e9:6f:af:27:d7:d9:5b:51:60: ad:ab:54:07:a2:9a:fd:6e:d9:09:bd:86:80:d6:7b:2d:96:c3: ad:69:99:ad:59:69:9c:eb:97:52:37:f5:60:66:86:49:85:21: 33:d8:9a:ed:31:a6:e1:33:51:f9:2f:18:7a:ea:00:b5:c5:c7: 29:26:c2:4e:49:35:03:b5:15:42:bc:dc:29:05:90:6e:93:79: cf:6c:1f:6b:73:64:34:29:e7:87:9c:7c:32:76:19:3f:b7:47: 6a:c7:a9:7d:98:51:4d:7f:f8:a5:05:bd:9e:1d:d6:76:c5:52: 66:fa:11:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryraEsT6RwXumiCgwc0lJNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjMzI0ZWI0Y2Q3YjMzNzg0OWFlOGQzMjZmYzg5OTAyZjUw M2E0YzYwHhcNMjUxMjA2MDgwMDU2WhcNMjUxMjA3MDgwMDU2WjAzMTEwLwYDVQQD Eyg1NTIzZjc3MjRkYzIzNjU2ZTUwZmZhNmRiMDdiMDdiYjU3NjNhYzI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLYeVs6nK+s9R2xNHckSGye+d3Z5 3NKupp96q1WZRbJAvnPNZGwvqR1oJB13zDWKngjwp7mnoUaJXzsgMwDtISZmezv2 cI1ZH1hPJvysxmT1+/rv2YaDW6l3AbkSOqcM56UEf7X7hbhPcsFHc3uwripw0uQv Fx7UOOZ+v00/8mOHx5zh9T9Y/+l6gEUdpFebJOOXdGFHMvrDxXgxhu2sr63P1rCC q6GPMNktceoh8x88mZ1sTI6IRSjmbexU6Kfb39XkMGHCuaNLAkjHUVD4T4jq0RM4 wq6lTwxZMzqrtWUqX7KiKCoduG+16B1FzNxOQRJE578Oo3nnowIPCWZfLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFUj93JNwjZW5Q/6bbB7B7tXY6wpMB8GA1UdIwQY MBaAFIwyTrTNezN4Sa6NMm/ImQL1A6TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQt MTM5NjM2YjFlMjYzLzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQtMTM5NjM2YjFlMjYz LzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqVtIOJP X6AmKVHRXJJcwmj3DKcSBmXjHI8UyGGeWGTjqCXqr0MavHCDkj1Wi8AyfgT6+TpQ 5Dx2MGlZw6zQJ004P1apTsVhHIG+gJ2HRY8DxJDgvfW1OgTLxXMOR4g79QPOSr4u VeGoVqIqdRwOCx8QNgmV/PLwN+wXXyL8gUigDoBOsPsG6W+vJ9fZW1FgratUB6Ka /W7ZCb2GgNZ7LZbDrWmZrVlpnOuXUjf1YGaGSYUhM9ia7TGm4TNR+S8YeuoAtcXH KSbCTkk1A7UVQrzcKQWQbpN5z2wfa3NkNCnnh5x8MnYZP7dHasepfZhRTX/4pQW9 nh3WdsVSZvoRyQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:59:27 2025 by rpki-client