This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft File: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft (raw, json) Hash identifier: NasPrdJV9PL6UAE/YGgvFTCKO0hVOjU/lVKPZ4mTtKE= Subject key identifier: A7:FC:7A:D9:E7:F4:04:0D:A0:EF:63:C7:AF:4F:61:81:79:6F:B1:33 Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4 Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4 Certificate serial: 019B6B7BAD8342B1EADFED1181E7BE2D5D0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft Manifest number: 0B52 Signing time: Mon 29 Dec 2025 19:00:25 +0000 Manifest this update: Mon 29 Dec 2025 19:00:25 +0000 Manifest next update: Tue 30 Dec 2025 19:00:25 +0000 Files and hashes: 1: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl (hash: FnmTW5p5HhnumYOZ69rPsHsAw1F8vjG4uVEo4yKam1I=) 2: sEY4t-bPe6btAR7wv3UJWwU-X2E.roa (hash: aU4yEzDR1E1BJAYcSFYYldSWQZ2ELBxfjYhJldcUrMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 19:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:7b:ad:83:42:b1:ea:df:ed:11:81:e7:be:2d:5d:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4 Validity Not Before: Dec 29 19:00:25 2025 GMT Not After : Dec 30 19:00:25 2025 GMT Subject: CN=a7fc7ad9e7f4040da0ef63c7af4f6181796fb133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:e5:fa:5d:e3:a6:ec:98:5b:44:07:9c:1d:6d: cc:da:56:19:2f:67:84:df:3a:4e:0c:a7:1d:25:02: 2c:ff:84:9a:56:52:5c:9b:4c:8a:12:ce:09:d9:ca: e8:63:8b:e5:f4:0d:ad:b1:76:ba:e0:ae:47:54:3b: 12:28:87:64:7f:b2:7f:12:93:5c:ea:4f:b8:d6:ab: 93:72:d6:71:39:65:37:4e:66:13:6c:de:18:c0:b7: 28:ff:94:f4:75:62:9e:9b:f8:19:ac:f3:7c:9f:09: 90:f1:3a:90:cc:1d:1e:19:bb:a4:a3:a3:93:08:58: e7:a3:30:50:29:ee:be:29:8d:a1:80:9e:6b:b8:17: 55:f4:f6:2a:27:a1:01:ce:18:b1:c3:4e:e7:3d:f6: bc:12:ed:40:9a:a6:b5:29:f6:72:22:df:9c:cf:32: ad:d3:69:02:3b:84:51:bc:5b:83:50:e8:6a:55:1b: 4d:cd:0d:b7:94:8d:96:c9:65:95:29:b1:6e:ee:93: e3:c6:e9:49:30:39:26:63:b5:87:fc:8b:ac:de:23: b3:4b:8a:34:9f:6a:5c:2b:e9:cb:ac:00:e4:08:28: 6b:0b:95:f5:43:cf:9a:b0:31:81:5a:e4:38:c3:bf: 11:d9:9f:c0:03:1a:2c:d2:04:99:43:a8:af:f4:d7: 88:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:FC:7A:D9:E7:F4:04:0D:A0:EF:63:C7:AF:4F:61:81:79:6F:B1:33 X509v3 Authority Key Identifier: keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:8b:25:e5:0c:30:eb:7d:58:7d:ac:44:19:c8:ae:47:75:7f: 3b:f2:cb:5a:ad:e0:29:ad:51:89:56:e9:74:26:be:ca:ce:f0: 3f:5a:31:d1:db:d2:20:1f:34:4a:ad:f8:96:ac:17:a7:3f:74: a8:a5:02:56:c5:e1:3d:f3:6a:b5:c6:8d:18:c7:0e:9c:cb:22: e8:8b:a9:a6:2a:b4:c7:92:6b:d9:cc:98:fd:31:7b:95:60:14: c6:ce:b0:d7:f4:03:47:4c:78:dd:5c:89:b3:cd:30:c9:a7:f3: 57:97:19:8c:70:3b:3d:1c:fd:2d:38:c7:e4:eb:f8:0a:89:e0: 15:30:9e:e9:9f:01:b3:1d:e0:38:05:16:5b:7c:55:93:47:41: b5:38:13:5e:db:dd:c1:a3:14:44:0c:db:d5:c7:01:2d:11:6d: 51:9d:44:15:dc:0b:ab:69:00:03:74:6f:ab:21:7e:b6:bc:2d: 72:e6:67:3b:0e:17:31:7f:64:42:37:a9:1d:4d:25:31:42:fa: 50:72:ca:10:7f:2a:c0:91:94:69:28:10:82:a8:aa:9e:d2:8d: 9e:64:92:24:ef:aa:9d:52:35:92:5a:46:98:b4:30:da:9e:d2: 6b:30:bd:0d:f2:22:e2:98:c0:7c:8c:78:60:b0:29:03:b4:ef: 46:cc:ed:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtre62DQrHq3+0Rgee+LV0NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0 NDhmZTQwHhcNMjUxMjI5MTkwMDI1WhcNMjUxMjMwMTkwMDI1WjAzMTEwLwYDVQQD EyhhN2ZjN2FkOWU3ZjQwNDBkYTBlZjYzYzdhZjRmNjE4MTc5NmZiMTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+X6XeOm7JhbRAecHW3M2lYZL2eE 3zpODKcdJQIs/4SaVlJcm0yKEs4J2croY4vl9A2tsXa64K5HVDsSKIdkf7J/EpNc 6k+41quTctZxOWU3TmYTbN4YwLco/5T0dWKem/gZrPN8nwmQ8TqQzB0eGbuko6OT CFjnozBQKe6+KY2hgJ5ruBdV9PYqJ6EBzhixw07nPfa8Eu1Amqa1KfZyIt+czzKt 02kCO4RRvFuDUOhqVRtNzQ23lI2WyWWVKbFu7pPjxulJMDkmY7WH/Ius3iOzS4o0 n2pcK+nLrADkCChrC5X1Q8+asDGBWuQ4w78R2Z/AAxos0gSZQ6iv9NeI/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKf8etnn9AQNoO9jx69PYYF5b7EzMB8GA1UdIwQY MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt NDVhNTM0ZjIyMmY0LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0 LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqYsl5Qww 631YfaxEGciuR3V/O/LLWq3gKa1RiVbpdCa+ys7wP1ox0dvSIB80Sq34lqwXpz90 qKUCVsXhPfNqtcaNGMcOnMsi6Iuppiq0x5Jr2cyY/TF7lWAUxs6w1/QDR0x43VyJ s80wyafzV5cZjHA7PRz9LTjH5Ov4CongFTCe6Z8Bsx3gOAUWW3xVk0dBtTgTXtvd waMURAzb1ccBLRFtUZ1EFdwLq2kAA3RvqyF+trwtcuZnOw4XMX9kQjepHU0lMUL6 UHLKEH8qwJGUaSgQgqiqntKNnmSSJO+qnVI1klpGmLQw2p7SazC9DfIi4pjAfIx4 YLApA7TvRsztIQ== -----END CERTIFICATE-----Generated at Tue Dec 30 04:32:56 2025 by rpki-client