This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft File: j39d3CK0NKz6QNZ-5QsEKQxw27M.mft (raw, json) Hash identifier: 2QOyvnzUgEvOBPl3nSr730cQUEm9Pxbyxfn6us8MXA0= Subject key identifier: D3:6B:EC:57:3C:B9:87:C5:A6:11:54:A5:DB:19:AF:C9:79:F3:B5:9C Authority key identifier: 8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3 Certificate issuer: /CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3 Certificate serial: 019B51BCEF6C8A569BF3DC7797DE1CC7C13E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft Manifest number: 0929 Signing time: Wed 24 Dec 2025 19:01:35 +0000 Manifest this update: Wed 24 Dec 2025 19:01:35 +0000 Manifest next update: Thu 25 Dec 2025 19:01:35 +0000 Files and hashes: 1: j39d3CK0NKz6QNZ-5QsEKQxw27M.crl (hash: 80oiy3MX5K8dh6jjB1nMpgsdooV0sImRUsZ1AWVxtMw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:ef:6c:8a:56:9b:f3:dc:77:97:de:1c:c7:c1:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3 Validity Not Before: Dec 24 19:01:35 2025 GMT Not After : Dec 25 19:01:35 2025 GMT Subject: CN=d36bec573cb987c5a61154a5db19afc979f3b59c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:5b:b2:40:72:18:9e:4d:4e:6f:8a:83:3f:51: cf:fd:6c:2b:9d:cc:2b:b1:0f:bb:c0:5f:4f:14:b3: d2:63:71:8c:b7:5f:f5:30:81:24:70:ae:dd:51:cb: f6:c1:73:19:b1:96:8a:05:27:76:cd:3c:5b:97:d9: 8c:35:2a:a8:78:bc:d2:af:3f:7c:5d:58:02:b9:21: 08:6d:3b:f0:f9:20:1e:5a:09:ee:80:95:1b:12:fe: 16:8e:14:8a:75:0f:02:d6:6e:e9:a0:99:e4:60:21: 2d:92:7e:d0:10:be:95:7d:62:d9:9e:0e:cf:33:23: 7a:db:81:7b:fa:a9:2e:2c:58:f5:5f:33:9a:b6:ba: fe:6f:81:c6:3c:45:76:50:12:4e:b0:9a:da:a0:00: c3:0f:26:5c:15:8c:bd:ac:1f:61:4f:64:bc:16:cc: 2d:98:64:6f:48:df:ff:93:d8:5c:9c:85:5f:4d:94: f0:98:7a:35:50:ca:ea:43:8d:0f:3e:e3:43:84:fe: 36:79:37:15:5f:ee:8e:bc:1c:c5:bd:55:1b:dd:f6: 02:97:1c:d2:f6:2c:d1:d5:99:84:b0:1e:e0:80:8c: 40:35:48:08:f2:c6:eb:4c:65:30:5c:c0:b0:7b:d2: ce:7d:84:7f:b1:9f:fa:34:65:08:87:4a:e3:e8:ea: 5d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:6B:EC:57:3C:B9:87:C5:A6:11:54:A5:DB:19:AF:C9:79:F3:B5:9C X509v3 Authority Key Identifier: keyid:8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:52:42:50:86:2c:e9:4e:e4:a9:0f:cb:ee:46:0f:db:22:9d: ed:79:ef:5c:05:e7:f9:7d:2e:fe:a6:99:3e:fe:64:c7:1f:f6: f1:d7:04:46:d1:a6:13:21:66:d5:67:3f:ad:dd:81:f6:fd:10: 1d:53:9d:4c:58:f5:fc:58:37:7f:bb:da:f5:d6:80:52:54:11: 70:5f:7c:c0:18:52:6e:34:db:5b:81:10:e5:94:8f:72:92:18: d1:21:15:d4:51:d0:11:a6:51:c6:a0:34:4d:4e:5b:d0:9c:7a: e9:31:4e:0f:f3:58:a4:6d:ab:09:cf:11:50:40:0e:ca:ef:60: 3f:9d:ae:e4:35:54:1b:ae:48:d2:f7:0a:57:8f:44:60:72:30: 30:f3:bc:ea:f6:bd:c3:1e:e9:71:91:a7:4c:a8:2c:da:0b:86: 62:ba:88:9d:62:3a:3c:d5:38:59:3c:c0:5f:bd:e6:76:6b:47: 8e:fc:ae:ab:ef:70:3a:0f:a9:44:ff:c9:50:be:ec:a4:58:89: 4a:a7:2b:50:b6:8d:bd:26:ef:66:8b:af:f2:e7:1e:35:5a:49: 74:5e:01:3a:32:ba:b5:81:0e:12:37:50:8a:0c:f3:68:11:2f: 90:f0:7e:e9:97:a6:9f:1e:f2:ed:dd:80:c0:e7:f9:ab:58:6a: da:2f:df:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvO9silab89x3l94cx8E+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmN2Y1ZGRjMjJiNDM0YWNmYTQwZDY3ZWU1MGIwNDI5MGM3 MGRiYjMwHhcNMjUxMjI0MTkwMTM1WhcNMjUxMjI1MTkwMTM1WjAzMTEwLwYDVQQD EyhkMzZiZWM1NzNjYjk4N2M1YTYxMTU0YTVkYjE5YWZjOTc5ZjNiNTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FuyQHIYnk1Ob4qDP1HP/Wwrncwr sQ+7wF9PFLPSY3GMt1/1MIEkcK7dUcv2wXMZsZaKBSd2zTxbl9mMNSqoeLzSrz98 XVgCuSEIbTvw+SAeWgnugJUbEv4WjhSKdQ8C1m7poJnkYCEtkn7QEL6VfWLZng7P MyN624F7+qkuLFj1XzOatrr+b4HGPEV2UBJOsJraoADDDyZcFYy9rB9hT2S8Fswt mGRvSN//k9hcnIVfTZTwmHo1UMrqQ40PPuNDhP42eTcVX+6OvBzFvVUb3fYClxzS 9izR1ZmEsB7ggIxANUgI8sbrTGUwXMCwe9LOfYR/sZ/6NGUIh0rj6OpdCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNNr7Fc8uYfFphFUpdsZr8l587WcMB8GA1UdIwQY MBaAFI9/XdwitDSs+kDWfuULBCkMcNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzkt MzJkYWM0YjE0MGVkLzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzktMzJkYWM0YjE0MGVk LzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHlJCUIYs 6U7kqQ/L7kYP2yKd7XnvXAXn+X0u/qaZPv5kxx/28dcERtGmEyFm1Wc/rd2B9v0Q HVOdTFj1/Fg3f7va9daAUlQRcF98wBhSbjTbW4EQ5ZSPcpIY0SEV1FHQEaZRxqA0 TU5b0Jx66TFOD/NYpG2rCc8RUEAOyu9gP52u5DVUG65I0vcKV49EYHIwMPO86va9 wx7pcZGnTKgs2guGYrqInWI6PNU4WTzAX73mdmtHjvyuq+9wOg+pRP/JUL7spFiJ SqcrULaNvSbvZouv8uceNVpJdF4BOjK6tYEOEjdQigzzaBEvkPB+6Zemnx7y7d2A wOf5q1hq2i/fcw== -----END CERTIFICATE-----Generated at Thu Dec 25 02:42:49 2025 by rpki-client