This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft File: jh_mbZ9htuZFpEe28GvUm9PgC84.mft (raw, json) Hash identifier: HY93Swm5PDKw//5W1lkZjLtUdgeroAkyJN7IhlfU8hQ= Subject key identifier: 31:C6:59:E3:F9:DB:20:35:7A:12:A1:E4:0B:53:C2:87:9E:9E:D0:A6 Authority key identifier: 8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE Certificate issuer: /CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Certificate serial: 019B3232178DFB7A9B11EAE37F41D6541669 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft Manifest number: 1414 Signing time: Thu 18 Dec 2025 16:01:42 +0000 Manifest this update: Thu 18 Dec 2025 16:01:42 +0000 Manifest next update: Fri 19 Dec 2025 16:01:42 +0000 Files and hashes: 1: jh_mbZ9htuZFpEe28GvUm9PgC84.crl (hash: 40Mb+iTdcYiUeGMfKSg9SF+svpRXqAaRZFJyZHvIh7Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:32:17:8d:fb:7a:9b:11:ea:e3:7f:41:d6:54:16:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e1fe66d9f61b6e645a447b6f06bd49bd3e00bce Validity Not Before: Dec 18 16:01:42 2025 GMT Not After : Dec 19 16:01:42 2025 GMT Subject: CN=31c659e3f9db20357a12a1e40b53c2879e9ed0a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:d7:47:53:75:66:b6:23:ad:08:d4:26:1a:81: a1:1a:76:2a:b6:1f:a5:84:e7:51:60:7a:96:92:60: cd:29:6d:f5:e5:4d:f6:29:39:cb:6c:d7:4d:61:89: c8:6e:26:39:6c:6b:65:ba:48:a3:83:3f:37:7d:f7: 6d:23:65:90:81:70:2a:8b:83:e3:ce:e8:51:46:ee: e9:05:0c:37:36:de:63:87:dc:04:72:41:10:f7:4e: 79:59:be:de:2b:b6:e4:40:50:43:2a:66:be:cb:48: b8:d6:64:ec:80:08:bc:92:37:75:70:f4:85:98:a9: f8:a2:3e:9e:43:9c:11:f8:c8:b9:b6:e8:6f:bd:56: b9:36:ee:80:22:6d:c1:01:52:5c:b5:32:18:91:8e: b8:bf:75:01:42:86:2a:69:d4:2e:90:bf:92:d4:67: 8f:01:bd:ab:39:9b:aa:3a:19:03:f9:84:77:8b:eb: a5:1f:6a:13:12:18:ef:c6:5d:a0:53:ed:75:22:8e: 9e:c0:36:bc:d8:e2:ef:3c:c1:f5:1b:b7:7a:0f:30: de:15:47:2f:12:dc:54:6b:a1:80:70:50:66:a2:a6: 87:25:26:88:dd:59:2b:84:8b:35:63:8f:ec:db:f8: 07:8f:18:96:95:65:2f:3e:5f:2f:26:a9:07:3b:d2: 80:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C6:59:E3:F9:DB:20:35:7A:12:A1:E4:0B:53:C2:87:9E:9E:D0:A6 X509v3 Authority Key Identifier: keyid:8E:1F:E6:6D:9F:61:B6:E6:45:A4:47:B6:F0:6B:D4:9B:D3:E0:0B:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_mbZ9htuZFpEe28GvUm9PgC84.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d20ed-3d4a-44d3-a2d7-d64d70612a17/1/jh_mbZ9htuZFpEe28GvUm9PgC84.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:0b:1f:69:51:ba:a9:e8:2b:dc:70:42:e6:66:ec:7c:d7:7a: 5a:68:f4:9c:39:c7:75:23:94:02:62:83:1c:ff:6b:bb:85:94: 7d:68:e9:ad:06:e1:f7:a6:4d:b5:6a:90:d3:4e:44:3f:ad:86: 84:b3:95:0e:68:34:c8:c7:bc:97:26:f8:6f:83:49:93:22:37: e8:7b:5a:3d:92:81:af:3a:59:45:87:50:52:c7:00:ec:4b:9e: f9:f9:b4:f6:9c:8c:47:b7:05:58:ea:43:6c:00:8e:c3:02:e8: 86:b9:f8:88:ec:50:52:0b:90:d2:05:ae:01:bb:ae:be:7a:7e: c7:f8:2c:87:81:7d:d0:65:bc:98:07:62:31:ba:aa:0f:0f:16: de:6d:e1:81:09:29:e6:ef:94:4e:df:db:90:fa:19:bb:4b:8f: a5:7a:3f:95:22:ec:bc:1a:71:93:96:d2:4c:63:be:d9:c7:27: 02:50:04:db:b8:71:f9:44:c7:90:c7:53:4a:bb:c3:b4:56:56: 51:0d:d9:df:3a:6e:b1:29:8a:fe:8a:37:2a:3d:d9:49:0a:b8: ad:04:56:70:a7:e3:22:fd:e3:8c:13:a7:c1:75:1e:5b:38:48: 27:27:ea:8f:5a:e5:e2:3b:a5:26:7b:97:a0:7d:f0:ce:bb:bd: 3b:0c:10:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMheN+3qbEerjf0HWVBZpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlMWZlNjZkOWY2MWI2ZTY0NWE0NDdiNmYwNmJkNDliZDNl MDBiY2UwHhcNMjUxMjE4MTYwMTQyWhcNMjUxMjE5MTYwMTQyWjAzMTEwLwYDVQQD EygzMWM2NTllM2Y5ZGIyMDM1N2ExMmExZTQwYjUzYzI4NzllOWVkMGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9dHU3VmtiOtCNQmGoGhGnYqth+l hOdRYHqWkmDNKW315U32KTnLbNdNYYnIbiY5bGtlukijgz83ffdtI2WQgXAqi4Pj zuhRRu7pBQw3Nt5jh9wEckEQ9055Wb7eK7bkQFBDKma+y0i41mTsgAi8kjd1cPSF mKn4oj6eQ5wR+Mi5tuhvvVa5Nu6AIm3BAVJctTIYkY64v3UBQoYqadQukL+S1GeP Ab2rOZuqOhkD+YR3i+ulH2oTEhjvxl2gU+11Io6ewDa82OLvPMH1G7d6DzDeFUcv EtxUa6GAcFBmoqaHJSaI3VkrhIs1Y4/s2/gHjxiWlWUvPl8vJqkHO9KA4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDHGWeP52yA1ehKh5AtTwoeentCmMB8GA1UdIwQY MBaAFI4f5m2fYbbmRaRHtvBr1JvT4AvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDct ZDY0ZDcwNjEyYTE3LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDIwZWQtM2Q0YS00NGQzLWEyZDctZDY0ZDcwNjEyYTE3 LzEvamhfbWJaOWh0dVpGcEVlMjhHdlVtOVBnQzg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbgsfaVG6 qegr3HBC5mbsfNd6Wmj0nDnHdSOUAmKDHP9ru4WUfWjprQbh96ZNtWqQ005EP62G hLOVDmg0yMe8lyb4b4NJkyI36HtaPZKBrzpZRYdQUscA7Eue+fm09pyMR7cFWOpD bACOwwLohrn4iOxQUguQ0gWuAbuuvnp+x/gsh4F90GW8mAdiMbqqDw8W3m3hgQkp 5u+UTt/bkPoZu0uPpXo/lSLsvBpxk5bSTGO+2ccnAlAE27hx+UTHkMdTSrvDtFZW UQ3Z3zpusSmK/oo3Kj3ZSQq4rQRWcKfjIv3jjBOnwXUeWzhIJyfqj1rl4julJnuX oH3wzru9OwwQNg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:47:44 2025 by rpki-client