This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft File: 0jtkd-HIT1KQfNYMY-qD715Kx4I.mft (raw, json) Hash identifier: +9laZbe/LVAgY6Fiqt5f2jCdmjF4iDFdKi7D5IIHetA= Subject key identifier: CB:B6:1B:58:49:0B:8C:6E:F6:0E:1B:1D:C9:34:7B:83:43:EF:A6:20 Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 Certificate issuer: /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Certificate serial: 019B687B21015420F06671807F60CE605FFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft Manifest number: 0AEB Signing time: Mon 29 Dec 2025 05:00:58 +0000 Manifest this update: Mon 29 Dec 2025 05:00:58 +0000 Manifest next update: Tue 30 Dec 2025 05:00:58 +0000 Files and hashes: 1: 0jtkd-HIT1KQfNYMY-qD715Kx4I.crl (hash: 9HZO0xjftlDPCnI0GVoUw7Qs80HcENTxGYuAlBivBE0=) 2: 99RaY9xH4qOYuC0KdiJQrFMbC5E.roa (hash: TZUHN/mcHmz7AzTn504QkH94CMbEPlnfBvzJqjhXWtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 21:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:7b:21:01:54:20:f0:66:71:80:7f:60:ce:60:5f:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Validity Not Before: Dec 29 05:00:58 2025 GMT Not After : Dec 30 05:00:58 2025 GMT Subject: CN=cbb61b58490b8c6ef60e1b1dc9347b8343efa620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ac:58:ac:dc:75:b3:ad:77:92:88:ea:b6:02: ee:e8:6c:1c:97:70:3a:77:0b:57:f7:dd:1a:1a:e3: 59:e4:d1:99:19:d5:4a:ae:9c:21:5e:78:e8:18:09: 0d:1e:f6:01:e2:03:c2:ed:25:cd:5d:a5:8b:b7:76: bd:d4:8e:a3:bb:c1:da:46:3b:03:d5:a7:20:73:f4: 87:1f:49:be:55:e4:f1:e5:e1:1f:7c:36:c8:dc:ea: 64:10:e1:fc:d7:84:ca:f2:98:ee:e2:13:2c:fb:02: e9:57:11:92:80:d9:a3:1a:30:2e:24:f8:b4:6c:ca: 28:bf:a8:7f:0b:15:4d:b4:a3:8e:52:01:26:6b:19: b7:f9:45:84:a5:b7:e4:61:d0:cb:62:08:99:1c:1a: 4d:3c:d2:31:4a:fc:e6:79:97:c7:ad:68:1e:e3:7f: 7d:5b:72:58:e2:95:87:b2:86:21:5f:68:cc:0a:27: f3:ac:69:00:ae:34:54:0e:de:d7:1c:ac:c8:1c:74: 39:cc:83:2b:fa:5e:90:3d:87:b7:75:f3:70:43:24: 58:69:fd:85:b1:5a:ef:90:51:a3:0d:6f:5b:fe:f8: 8a:14:6f:82:fb:fa:a1:87:00:84:5f:2b:19:47:19: 33:90:e6:2b:84:49:a5:e2:f1:64:13:2f:be:9f:95: 7f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:B6:1B:58:49:0B:8C:6E:F6:0E:1B:1D:C9:34:7B:83:43:EF:A6:20 X509v3 Authority Key Identifier: keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:22:2a:dc:f1:bb:a6:ad:ab:29:7d:e5:03:fe:d8:72:98:76: 5b:d2:8c:9b:da:3c:94:80:fe:cc:ae:0f:b1:b7:20:24:2c:38: 43:f2:8f:04:7e:11:e9:3b:5f:e4:51:4d:b3:b9:d2:51:14:d3: 47:f4:3e:6f:0b:e6:19:1d:3d:84:42:a6:d7:77:4f:b6:62:ba: 71:aa:a8:f5:9a:99:92:02:31:01:fa:8d:0f:74:c7:57:c4:c1: 76:fa:09:95:dd:8b:a6:ba:95:33:72:6d:f6:d3:19:30:29:e0: b0:0f:fe:c9:c0:81:0a:bf:e7:c3:4b:de:d0:61:14:96:91:53: 86:e5:b2:74:1a:30:ba:c6:0d:00:b6:65:5e:9b:73:fa:f0:b9: 72:5e:04:ec:69:ab:03:7e:25:25:4d:6f:a2:6d:1f:5b:3c:3d: 8b:38:0d:88:8c:16:65:02:f6:1f:95:94:bb:37:9a:ac:99:c9: 11:34:20:bb:74:c0:06:e3:e3:02:41:ab:3e:11:45:b3:3e:e7: ce:33:71:63:81:4c:53:46:42:1c:b0:40:ed:b1:ad:9d:2d:39: b1:6d:66:5e:c8:25:82:d5:8b:fb:76:68:59:9b:4a:a8:84:ad: 7a:c5:30:b2:24:ea:3e:b6:09:d7:85:00:41:a0:19:ce:6f:cf: a0:d5:4f:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtoeyEBVCDwZnGAf2DOYF/7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0 YWM3ODIwHhcNMjUxMjI5MDUwMDU4WhcNMjUxMjMwMDUwMDU4WjAzMTEwLwYDVQQD EyhjYmI2MWI1ODQ5MGI4YzZlZjYwZTFiMWRjOTM0N2I4MzQzZWZhNjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqxYrNx1s613kojqtgLu6Gwcl3A6 dwtX990aGuNZ5NGZGdVKrpwhXnjoGAkNHvYB4gPC7SXNXaWLt3a91I6ju8HaRjsD 1acgc/SHH0m+VeTx5eEffDbI3OpkEOH814TK8pju4hMs+wLpVxGSgNmjGjAuJPi0 bMoov6h/CxVNtKOOUgEmaxm3+UWEpbfkYdDLYgiZHBpNPNIxSvzmeZfHrWge4399 W3JY4pWHsoYhX2jMCifzrGkArjRUDt7XHKzIHHQ5zIMr+l6QPYe3dfNwQyRYaf2F sVrvkFGjDW9b/viKFG+C+/qhhwCEXysZRxkzkOYrhEml4vFkEy++n5V/rwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMu2G1hJC4xu9g4bHck0e4ND76YgMB8GA1UdIwQY MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt MjI1NTU4NWRkZWNiLzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCIq3PG7 pq2rKX3lA/7Ycph2W9KMm9o8lID+zK4PsbcgJCw4Q/KPBH4R6Ttf5FFNs7nSURTT R/Q+bwvmGR09hEKm13dPtmK6caqo9ZqZkgIxAfqND3THV8TBdvoJld2LprqVM3Jt 9tMZMCngsA/+ycCBCr/nw0ve0GEUlpFThuWydBowusYNALZlXptz+vC5cl4E7Gmr A34lJU1vom0fWzw9izgNiIwWZQL2H5WUuzearJnJETQgu3TABuPjAkGrPhFFsz7n zjNxY4FMU0ZCHLBA7bGtnS05sW1mXsglgtWL+3ZoWZtKqIStesUwsiTqPrYJ14UA QaAZzm/PoNVP/g== -----END CERTIFICATE-----Generated at Mon Dec 29 06:49:27 2025 by rpki-client