This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft File: 0jtkd-HIT1KQfNYMY-qD715Kx4I.mft (raw, json) Hash identifier: IKHxRnOhcLe+edk44BTJexlk7xCFFvwwdO10R0aMZfY= Subject key identifier: 44:62:D6:D6:E4:C4:9C:04:C0:4A:82:F5:6A:E6:D0:70:51:B6:F7:2B Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 Certificate issuer: /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Certificate serial: 019B3C1057B98DAC6D1596A1F1444953D464 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft Manifest number: 0AD4 Signing time: Sat 20 Dec 2025 14:01:02 +0000 Manifest this update: Sat 20 Dec 2025 14:01:02 +0000 Manifest next update: Sun 21 Dec 2025 14:01:02 +0000 Files and hashes: 1: 0jtkd-HIT1KQfNYMY-qD715Kx4I.crl (hash: EkMZD/E81xRQjRVKAPXUcvNKQ0yZMlahbikqQXpPnW8=) 2: 99RaY9xH4qOYuC0KdiJQrFMbC5E.roa (hash: TZUHN/mcHmz7AzTn504QkH94CMbEPlnfBvzJqjhXWtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:57:b9:8d:ac:6d:15:96:a1:f1:44:49:53:d4:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782 Validity Not Before: Dec 20 14:01:02 2025 GMT Not After : Dec 21 14:01:02 2025 GMT Subject: CN=4462d6d6e4c49c04c04a82f56ae6d07051b6f72b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:d8:22:22:c8:43:94:09:aa:80:46:70:a1:67: 76:52:c3:0d:13:b1:5c:52:e2:50:24:1f:d8:ba:1d: aa:fa:16:ac:8c:28:ed:8f:b3:85:aa:77:05:0a:ef: e3:cc:61:a6:0a:5a:53:c9:df:d6:2a:dc:95:39:99: b2:d6:d6:38:18:18:60:08:4f:99:c2:66:10:5e:50: 0a:2f:79:09:fc:86:cd:33:ae:2c:16:c1:4d:72:6f: d6:b2:4f:ab:9f:56:9a:be:de:1f:5a:aa:2c:d7:ec: 23:18:5f:14:37:8f:96:6b:6e:d4:de:11:c7:d8:a7: 91:c3:92:42:b1:85:5f:2c:29:f9:94:e4:27:07:6d: 88:09:01:af:61:93:87:d7:67:62:f0:a7:fa:d2:ca: be:67:48:52:a9:3e:6b:1f:97:b2:0d:c0:42:3e:36: db:71:1d:6d:93:db:d2:38:5b:18:c7:db:f8:9b:5d: 71:60:64:27:a0:db:a6:08:c9:59:ac:ea:5b:58:ac: 97:17:d2:54:1e:53:94:f3:1e:a2:36:d2:f0:87:8f: 49:b5:e1:e5:ef:e1:44:09:1d:93:7e:ed:14:ef:83: 00:9c:9a:db:10:20:14:27:80:30:fc:c5:68:56:87: 16:bc:cf:7d:80:ea:15:a2:d7:de:ef:f5:6b:48:eb: 0f:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:62:D6:D6:E4:C4:9C:04:C0:4A:82:F5:6A:E6:D0:70:51:B6:F7:2B X509v3 Authority Key Identifier: keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:84:31:1a:e8:ec:b5:92:3b:2e:c2:01:34:6b:06:4f:cd:5d: 7e:85:02:22:c7:56:7a:c0:10:0b:d4:ce:66:f4:ed:5e:ee:4e: ed:83:c9:e5:16:45:81:4f:02:8b:ad:98:fe:99:db:7a:3a:9e: 77:65:8b:ec:42:70:83:a1:72:0f:45:c5:6d:bb:98:95:43:21: 6f:ad:fd:3a:b6:98:22:9f:16:15:d5:9b:78:79:e0:c8:cf:c3: 27:17:43:52:41:e0:8c:cf:9a:67:2e:dc:ef:cb:c7:31:dc:a2: 03:ef:e9:83:79:e9:4e:e7:fe:aa:e7:6d:a9:18:75:fe:25:bf: 83:b5:7f:b9:59:39:33:93:b4:0f:7a:f6:47:7b:ae:8c:90:8b: 2a:7c:e1:13:dd:8b:b1:6a:b9:bf:ea:ac:e6:61:b5:ad:13:6e: f8:17:e9:9d:12:f7:f1:e5:6e:9f:b3:83:fc:31:33:69:54:74: 63:21:56:93:7c:ea:7c:ed:a4:63:7e:34:6c:6d:22:f7:f4:5b: 83:35:9a:8c:b3:e9:66:ed:33:8b:51:3d:1e:a0:86:01:62:a2: 3d:2b:8f:c5:c8:e5:d2:e1:f1:43:09:f9:e0:e4:35:de:ff:14: 64:92:60:d6:69:db:1f:ca:ff:43:82:8e:e6:6b:b7:2d:fc:22: 4e:b9:3e:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EFe5jaxtFZah8URJU9RkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0 YWM3ODIwHhcNMjUxMjIwMTQwMTAyWhcNMjUxMjIxMTQwMTAyWjAzMTEwLwYDVQQD Eyg0NDYyZDZkNmU0YzQ5YzA0YzA0YTgyZjU2YWU2ZDA3MDUxYjZmNzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dgiIshDlAmqgEZwoWd2UsMNE7Fc UuJQJB/Yuh2q+hasjCjtj7OFqncFCu/jzGGmClpTyd/WKtyVOZmy1tY4GBhgCE+Z wmYQXlAKL3kJ/IbNM64sFsFNcm/Wsk+rn1aavt4fWqos1+wjGF8UN4+Wa27U3hHH 2KeRw5JCsYVfLCn5lOQnB22ICQGvYZOH12di8Kf60sq+Z0hSqT5rH5eyDcBCPjbb cR1tk9vSOFsYx9v4m11xYGQnoNumCMlZrOpbWKyXF9JUHlOU8x6iNtLwh49JteHl 7+FECR2Tfu0U74MAnJrbECAUJ4Aw/MVoVocWvM99gOoVotfe7/VrSOsPIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFERi1tbkxJwEwEqC9Wrm0HBRtvcrMB8GA1UdIwQY MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt MjI1NTU4NWRkZWNiLzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4QxGujs tZI7LsIBNGsGT81dfoUCIsdWesAQC9TOZvTtXu5O7YPJ5RZFgU8Ci62Y/pnbejqe d2WL7EJwg6FyD0XFbbuYlUMhb639OraYIp8WFdWbeHngyM/DJxdDUkHgjM+aZy7c 78vHMdyiA+/pg3npTuf+qudtqRh1/iW/g7V/uVk5M5O0D3r2R3uujJCLKnzhE92L sWq5v+qs5mG1rRNu+BfpnRL38eVun7OD/DEzaVR0YyFWk3zqfO2kY340bG0i9/Rb gzWajLPpZu0zi1E9HqCGAWKiPSuPxcjl0uHxQwn54OQ13v8UZJJg1mnbH8r/Q4KO 5mu3LfwiTrk+jA== -----END CERTIFICATE-----Generated at Sat Dec 20 21:19:47 2025 by rpki-client