This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft File: jolfHicMY17GHfmpf8D2aMCo9Ug.mft (raw, json) Hash identifier: 3lwF9UG82tS9OiRCkSLTdhk5gihKTi5vANA+jkRK/mc= Subject key identifier: 89:C5:B7:75:46:59:93:18:9C:24:42:13:66:2D:D0:D3:B0:08:2B:2D Authority key identifier: 8E:89:5F:1E:27:0C:63:5E:C6:1D:F9:A9:7F:C0:F6:68:C0:A8:F5:48 Certificate issuer: /CN=8e895f1e270c635ec61df9a97fc0f668c0a8f548 Certificate serial: 019B3C7EA16F8488F9FE887CBDD93A599625 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft Manifest number: 127C Signing time: Sat 20 Dec 2025 16:01:30 +0000 Manifest this update: Sat 20 Dec 2025 16:01:30 +0000 Manifest next update: Sun 21 Dec 2025 16:01:30 +0000 Files and hashes: 1: ExwmpmCoQJo2OxTGvS9tBUVoCTI.roa (hash: 5uKveASNNkoz3m6Z/IoI5wPaRI1/s/iR92XdJr3b/vs=) 2: jolfHicMY17GHfmpf8D2aMCo9Ug.crl (hash: K8OPPwgND/VQuGvoUZaS1aUcBRKR4Y4oiof8y011Y8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.crl rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:a1:6f:84:88:f9:fe:88:7c:bd:d9:3a:59:96:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e895f1e270c635ec61df9a97fc0f668c0a8f548 Validity Not Before: Dec 20 16:01:30 2025 GMT Not After : Dec 21 16:01:30 2025 GMT Subject: CN=89c5b775465993189c244213662dd0d3b0082b2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:33:00:79:e2:16:43:80:b5:c7:4d:94:fe:e3: f3:cb:6b:1d:00:47:52:f0:09:d6:81:67:af:58:be: 52:ed:d4:71:2f:00:0f:b2:ba:57:b4:55:00:59:29: aa:90:d6:87:a5:5b:4d:63:b7:4e:a3:37:12:4e:d7: 54:9d:72:ef:35:a9:e4:e0:94:d1:4b:c5:1a:f9:91: 7d:fa:f2:f0:03:d1:6a:0f:44:c8:58:29:2d:e2:e2: 81:58:87:2f:1b:8a:ff:99:89:0c:f3:15:9c:14:05: c3:68:14:bc:5c:7f:41:b1:02:ca:d0:be:6d:2f:dc: 10:6d:45:bd:98:65:f1:aa:90:8e:28:6b:28:c4:59: c2:3b:8c:b4:37:4e:54:7e:28:20:2b:0d:ad:02:2a: a2:52:1a:af:20:a6:13:52:ec:c5:bd:78:47:99:b1: 4a:aa:2d:2a:bb:26:c3:d6:30:8f:1b:d9:72:08:70: aa:42:ba:32:f6:47:bf:7d:1f:eb:ea:b7:f6:19:79: 80:55:07:b7:29:ca:65:91:04:d8:f9:17:b7:0b:05: 4e:e6:10:6d:e5:b3:cd:16:67:a4:93:56:a8:2a:f7: 18:72:8e:92:f7:00:12:e4:4e:cf:35:82:1a:cc:38: 82:a3:75:97:65:a0:38:44:c5:08:bd:89:9a:bf:3b: 74:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C5:B7:75:46:59:93:18:9C:24:42:13:66:2D:D0:D3:B0:08:2B:2D X509v3 Authority Key Identifier: keyid:8E:89:5F:1E:27:0C:63:5E:C6:1D:F9:A9:7F:C0:F6:68:C0:A8:F5:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:96:25:e6:22:ba:9d:e2:f0:3a:c3:72:31:99:7c:8c:fc:71: fa:9e:bd:32:83:d7:8f:d7:7b:1e:0f:b0:7f:cb:55:04:a9:70: 23:ff:91:97:33:b0:42:4e:2d:d0:2a:d9:70:0b:51:53:04:50: 58:55:73:d4:33:1a:72:9a:0b:5e:8e:02:39:12:a6:ab:d1:ad: 04:71:8a:fb:78:ff:84:60:09:dd:31:58:dc:78:06:f3:7c:f7: 62:aa:fa:27:9b:fe:2b:7f:c6:61:dd:f2:3f:75:98:a6:3e:b8: 1a:49:a9:91:a9:c9:5b:b3:5e:8c:9f:a2:9f:34:a2:bc:d3:01: 7f:8d:62:e0:c2:83:fb:bd:1a:7f:6d:c1:dd:8f:de:d7:db:61: a9:61:14:35:d1:00:87:98:d3:9c:ca:3d:8f:66:fb:a1:83:0f: 88:cb:38:ad:69:20:24:32:83:03:59:90:19:f1:9d:34:f2:6a: f5:38:c0:7e:13:e2:2d:bc:7a:0c:73:80:1e:7e:80:70:46:02: 7f:3e:67:fe:bb:21:bb:45:aa:39:d2:27:f7:b1:6a:48:ce:0a: 37:27:e1:1a:c6:39:c5:09:27:4f:e2:82:54:9f:08:69:44:8b: d3:ec:8a:ba:77:9f:7d:63:fc:1f:a6:eb:5a:39:f1:3c:ec:10: fc:7d:9b:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fqFvhIj5/oh8vdk6WZYlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlODk1ZjFlMjcwYzYzNWVjNjFkZjlhOTdmYzBmNjY4YzBh OGY1NDgwHhcNMjUxMjIwMTYwMTMwWhcNMjUxMjIxMTYwMTMwWjAzMTEwLwYDVQQD Eyg4OWM1Yjc3NTQ2NTk5MzE4OWMyNDQyMTM2NjJkZDBkM2IwMDgyYjJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzMAeeIWQ4C1x02U/uPzy2sdAEdS 8AnWgWevWL5S7dRxLwAPsrpXtFUAWSmqkNaHpVtNY7dOozcSTtdUnXLvNank4JTR S8Ua+ZF9+vLwA9FqD0TIWCkt4uKBWIcvG4r/mYkM8xWcFAXDaBS8XH9BsQLK0L5t L9wQbUW9mGXxqpCOKGsoxFnCO4y0N05UfiggKw2tAiqiUhqvIKYTUuzFvXhHmbFK qi0quybD1jCPG9lyCHCqQroy9ke/fR/r6rf2GXmAVQe3KcplkQTY+Re3CwVO5hBt 5bPNFmekk1aoKvcYco6S9wAS5E7PNYIazDiCo3WXZaA4RMUIvYmavzt0dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFInFt3VGWZMYnCRCE2Yt0NOwCCstMB8GA1UdIwQY MBaAFI6JXx4nDGNexh35qX/A9mjAqPVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iYzUzZDItOTEzNy00Nzk5LTllNDEt ZTY5YTAxNzQ4NWZiLzEvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9iYzUzZDItOTEzNy00Nzk5LTllNDEtZTY5YTAxNzQ4NWZi LzEvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpYl5iK6 neLwOsNyMZl8jPxx+p69MoPXj9d7Hg+wf8tVBKlwI/+RlzOwQk4t0CrZcAtRUwRQ WFVz1DMacpoLXo4CORKmq9GtBHGK+3j/hGAJ3TFY3HgG83z3Yqr6J5v+K3/GYd3y P3WYpj64GkmpkanJW7NejJ+inzSivNMBf41i4MKD+70af23B3Y/e19thqWEUNdEA h5jTnMo9j2b7oYMPiMs4rWkgJDKDA1mQGfGdNPJq9TjAfhPiLbx6DHOAHn6AcEYC fz5n/rshu0WqOdIn97FqSM4KNyfhGsY5xQknT+KCVJ8IaUSL0+yKuneffWP8H6br WjnxPOwQ/H2buA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:30:09 2025 by rpki-client