This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft File: JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft (raw, json) Hash identifier: gWx0XpdxqLDiZbEa3m+tNzPoOo9oJ6O+smzaTBmrwE0= Subject key identifier: 5F:3B:44:69:82:7F:9D:6E:7D:AC:31:F8:1D:15:D0:0D:6C:D1:D8:82 Authority key identifier: 24:E1:C5:11:0E:0E:90:30:2E:47:01:2F:F5:C8:23:03:A4:66:1A:DE Certificate issuer: /CN=24e1c5110e0e90302e47012ff5c82303a4661ade Certificate serial: 019AF61C6056F4E2DE399335F0FFF0628688 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft Manifest number: 0562 Signing time: Sun 07 Dec 2025 00:00:45 +0000 Manifest this update: Sun 07 Dec 2025 00:00:45 +0000 Manifest next update: Mon 08 Dec 2025 00:00:45 +0000 Files and hashes: 1: JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl (hash: WYAAq2uky3BBHqR+yd2+1pNihvhBB2YTSpmZvKxDsfQ=) 2: Q9WbsU5WLEBh2f38P2PGkPWP_HU.roa (hash: WTO6N136wAT9bdE+8AHFBftVkmxQHl/oBzZ0du4NvZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:60:56:f4:e2:de:39:93:35:f0:ff:f0:62:86:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24e1c5110e0e90302e47012ff5c82303a4661ade Validity Not Before: Dec 7 00:00:45 2025 GMT Not After : Dec 8 00:00:45 2025 GMT Subject: CN=5f3b4469827f9d6e7dac31f81d15d00d6cd1d882 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:20:0e:d6:b3:1a:bb:d4:08:25:3d:b4:84:40: 66:e9:26:64:25:e7:00:bf:93:45:04:d3:6e:06:b1: a9:d8:8d:54:a8:ec:c6:33:8b:f6:55:8b:25:1e:47: 25:57:cd:e1:7e:56:91:1a:23:f1:67:66:80:eb:67: c7:9b:21:1a:e6:89:8a:84:13:b2:a7:8d:18:78:be: 99:34:d6:25:85:fb:e4:f8:d9:e8:a6:b7:c2:6a:6b: 00:95:20:db:46:dc:dd:bc:b6:c1:38:56:f8:57:4a: 49:f7:99:f2:88:2f:c1:1d:e2:67:94:c4:a3:a5:b1: 1d:78:59:7a:81:bf:7e:53:6c:f2:ce:be:bf:d9:46: 95:c0:3f:2c:36:65:f6:54:b1:d2:8e:70:f3:0b:fc: b2:bf:3f:ed:15:87:13:55:0f:b4:5c:62:b5:27:03: f2:c4:c1:80:2e:a8:79:bb:6b:cd:d3:66:e6:07:fa: da:3d:e8:16:80:ac:74:20:b4:26:00:bc:11:7b:9f: 96:06:61:db:48:61:f8:17:c4:29:1f:eb:42:31:53: 00:ad:89:73:f7:cc:8a:a2:7f:f5:3c:1b:3d:be:26: 2c:d3:b2:74:45:4b:a2:b3:df:d3:e4:61:bf:a3:2a: cb:df:04:f4:7f:03:72:9c:b0:53:8c:19:92:8b:47: 01:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:3B:44:69:82:7F:9D:6E:7D:AC:31:F8:1D:15:D0:0D:6C:D1:D8:82 X509v3 Authority Key Identifier: keyid:24:E1:C5:11:0E:0E:90:30:2E:47:01:2F:F5:C8:23:03:A4:66:1A:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:56:4a:8e:05:46:3a:c4:60:eb:fe:cc:7a:45:52:78:4a:52: a9:c5:c0:c0:68:ed:23:bc:4a:8c:d9:10:94:57:63:77:9e:84: 1c:e7:c5:d0:a0:2b:ee:5f:34:ae:86:26:0a:b5:74:6b:2d:7e: f9:e9:0c:fc:77:e7:db:91:c5:5e:35:13:32:08:92:01:26:2c: ab:58:a9:92:df:2c:a1:04:44:31:70:82:a3:e7:8f:aa:37:e3: 0f:6c:39:2f:e8:65:3b:18:a8:c6:6f:2a:bd:b9:5d:be:71:11: 09:4b:54:a4:3b:7b:08:88:e7:01:49:46:93:03:cc:e5:56:0c: 6c:42:2c:0c:de:39:dc:d3:e5:49:fa:0c:8c:db:f2:ca:79:3a: 5c:53:37:20:5c:51:54:79:88:45:f6:64:4b:47:cd:f9:40:47: b8:ed:a8:6e:22:34:b9:57:7a:41:31:c9:ed:d4:e7:e6:13:0e: 42:ce:b8:f6:17:87:7d:2b:55:50:82:7b:d9:66:52:23:b1:e2: b0:83:ea:15:1a:a8:ec:b8:33:1e:76:b7:fc:a4:aa:75:b4:c8: 57:97:89:e4:4b:dd:6b:1b:d9:40:6e:73:17:e4:bc:20:08:22: be:37:ac:8a:73:a4:13:6f:a5:54:e4:fb:2c:55:36:cf:e6:9b: 42:4e:d0:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HGBW9OLeOZM18P/wYoaIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0ZTFjNTExMGUwZTkwMzAyZTQ3MDEyZmY1YzgyMzAzYTQ2 NjFhZGUwHhcNMjUxMjA3MDAwMDQ1WhcNMjUxMjA4MDAwMDQ1WjAzMTEwLwYDVQQD Eyg1ZjNiNDQ2OTgyN2Y5ZDZlN2RhYzMxZjgxZDE1ZDAwZDZjZDFkODgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CAO1rMau9QIJT20hEBm6SZkJecA v5NFBNNuBrGp2I1UqOzGM4v2VYslHkclV83hflaRGiPxZ2aA62fHmyEa5omKhBOy p40YeL6ZNNYlhfvk+NnoprfCamsAlSDbRtzdvLbBOFb4V0pJ95nyiC/BHeJnlMSj pbEdeFl6gb9+U2zyzr6/2UaVwD8sNmX2VLHSjnDzC/yyvz/tFYcTVQ+0XGK1JwPy xMGALqh5u2vN02bmB/raPegWgKx0ILQmALwRe5+WBmHbSGH4F8QpH+tCMVMArYlz 98yKon/1PBs9viYs07J0RUuis9/T5GG/oyrL3wT0fwNynLBTjBmSi0cBDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF87RGmCf51ufawx+B0V0A1s0diCMB8GA1UdIwQY MBaAFCThxREODpAwLkcBL/XIIwOkZhreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iM2JjNzAtNWRiMC00N2I5LWI2OTYt NjdkYTU0MDkxMTZmLzEvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC9iM2JjNzAtNWRiMC00N2I5LWI2OTYtNjdkYTU0MDkxMTZm LzEvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG1ZKjgVG OsRg6/7MekVSeEpSqcXAwGjtI7xKjNkQlFdjd56EHOfF0KAr7l80roYmCrV0ay1+ +ekM/Hfn25HFXjUTMgiSASYsq1ipkt8soQREMXCCo+ePqjfjD2w5L+hlOxioxm8q vbldvnERCUtUpDt7CIjnAUlGkwPM5VYMbEIsDN453NPlSfoMjNvyynk6XFM3IFxR VHmIRfZkS0fN+UBHuO2obiI0uVd6QTHJ7dTn5hMOQs649heHfStVUIJ72WZSI7Hi sIPqFRqo7LgzHna3/KSqdbTIV5eJ5EvdaxvZQG5zF+S8IAgivjesinOkE2+lVOT7 LFU2z+abQk7QQQ== -----END CERTIFICATE-----Generated at Sun Dec 7 03:48:46 2025 by rpki-client