This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft File: JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft (raw, json) Hash identifier: XRa1yNmxECbTE6qlf+As0/nzdv0zRqR2TFLMNeJ8g50= Subject key identifier: E0:B9:2F:BD:9A:18:04:8F:22:25:E6:4E:87:34:FA:AF:FB:06:03:CC Authority key identifier: 25:B1:A2:23:B7:E7:3F:D2:34:62:C2:04:E6:0E:9D:48:15:CF:76:3F Certificate issuer: /CN=25b1a223b7e73fd23462c204e60e9d4815cf763f Certificate serial: 019B3D91218ADACB2997408F94E1783AD98A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft Manifest number: 0370 Signing time: Sat 20 Dec 2025 21:01:20 +0000 Manifest this update: Sat 20 Dec 2025 21:01:20 +0000 Manifest next update: Sun 21 Dec 2025 21:01:20 +0000 Files and hashes: 1: 1-nkTyOMqH94a8OlfukcDf7YbkNc.roa (hash: Z6uvUYmhirGQlJwClrs+HtNhQJGa2PNo7VCbu68pXz8=) 2: JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl (hash: 9QwuLViHTAFAxxqnvK3u7Bw3fIcEAO9uHj2uv4x8gHM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:91:21:8a:da:cb:29:97:40:8f:94:e1:78:3a:d9:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25b1a223b7e73fd23462c204e60e9d4815cf763f Validity Not Before: Dec 20 21:01:20 2025 GMT Not After : Dec 21 21:01:20 2025 GMT Subject: CN=e0b92fbd9a18048f2225e64e8734faaffb0603cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b2:9d:0d:c0:33:97:3f:d9:da:83:00:aa:40: 1a:45:22:98:ac:0e:fe:b0:82:ef:64:76:ab:49:c1: 2d:dc:f4:76:8a:5e:0c:8b:ba:ba:8c:85:d5:0a:38: 7e:40:73:1a:24:63:3f:b4:c1:ae:80:95:89:7d:19: db:b4:73:26:f8:e6:10:2e:08:60:2d:ea:ab:35:1d: ed:98:27:10:e6:bb:76:b7:4e:b9:3c:a9:4c:43:b9: 08:e1:92:bf:10:89:7d:68:18:6e:0e:3c:d6:6d:b7: 3e:20:32:20:8f:87:f3:c3:1f:ea:35:53:05:df:3c: 5a:86:59:c5:9c:65:12:08:50:97:d8:f6:5c:2c:ba: e3:00:09:9e:b8:38:7e:2c:1e:cc:f3:2f:4c:59:fc: e3:7a:21:6c:66:44:f4:25:89:97:a4:c1:45:8f:f8: 87:5f:ea:2c:4f:90:42:f5:b3:95:f0:69:99:b9:74: 2b:5a:eb:6a:59:5b:fa:1e:ac:7e:42:42:3d:63:bc: d0:28:23:f1:e5:1c:ad:52:2a:fd:7e:61:d3:e5:ef: 16:1e:dc:00:b4:51:44:2f:a7:21:a3:64:9a:d8:fb: bd:db:a1:e8:5d:c0:11:16:93:73:d0:f4:9a:5d:df: a6:5c:a3:51:e4:f5:7e:5b:39:58:92:c2:77:14:3a: 55:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B9:2F:BD:9A:18:04:8F:22:25:E6:4E:87:34:FA:AF:FB:06:03:CC X509v3 Authority Key Identifier: keyid:25:B1:A2:23:B7:E7:3F:D2:34:62:C2:04:E6:0E:9D:48:15:CF:76:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbGiI7fnP9I0YsIE5g6dSBXPdj8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e90c8-2b83-4715-9933-a73f0b7418ab/1/JbGiI7fnP9I0YsIE5g6dSBXPdj8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:6b:e3:7a:e3:c7:c1:5a:66:d5:55:d2:fa:49:d1:36:70:6a: db:26:72:6f:6d:20:d1:e7:31:ee:bb:9b:77:5e:66:2d:a2:c4: 7f:6d:e7:48:f7:88:f6:90:ed:26:20:cb:ad:f7:68:96:6b:b3: b4:56:10:54:86:ac:49:28:95:41:b0:a6:3f:1d:14:56:56:9a: 0a:57:e2:46:c7:9a:af:a9:69:b2:bb:e0:fd:57:09:a1:ca:73: aa:f1:a6:48:c8:83:25:d5:82:1d:e8:5a:1d:98:2a:28:22:1a: be:d1:66:f2:f7:58:05:cb:79:71:55:0a:63:51:95:86:90:ba: 80:15:7e:d7:9a:0d:86:95:2c:91:7b:63:5d:ad:e7:25:87:22: c9:e8:63:99:29:10:dd:25:f2:ad:72:e3:dd:fc:0e:38:f4:0a: 28:d9:48:6c:7a:a0:0e:26:dc:e5:42:97:fd:15:b4:a0:4b:33: dc:22:45:c8:c6:8e:d8:23:6d:bc:4e:18:34:37:59:54:58:c4: 25:9b:e3:b1:0c:c8:9b:8e:23:d6:f1:38:da:8d:58:57:d1:d9: 5c:61:44:c1:52:91:30:11:f9:ff:9f:ed:74:ea:a4:8e:c5:2f: bb:91:72:0b:77:e3:3f:c6:fc:bd:22:f9:4f:03:e2:c7:4f:14: 5e:0f:c0:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kSGK2sspl0CPlOF4OtmKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1YjFhMjIzYjdlNzNmZDIzNDYyYzIwNGU2MGU5ZDQ4MTVj Zjc2M2YwHhcNMjUxMjIwMjEwMTIwWhcNMjUxMjIxMjEwMTIwWjAzMTEwLwYDVQQD EyhlMGI5MmZiZDlhMTgwNDhmMjIyNWU2NGU4NzM0ZmFhZmZiMDYwM2NjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLKdDcAzlz/Z2oMAqkAaRSKYrA7+ sILvZHarScEt3PR2il4Mi7q6jIXVCjh+QHMaJGM/tMGugJWJfRnbtHMm+OYQLghg LeqrNR3tmCcQ5rt2t065PKlMQ7kI4ZK/EIl9aBhuDjzWbbc+IDIgj4fzwx/qNVMF 3zxahlnFnGUSCFCX2PZcLLrjAAmeuDh+LB7M8y9MWfzjeiFsZkT0JYmXpMFFj/iH X+osT5BC9bOV8GmZuXQrWutqWVv6Hqx+QkI9Y7zQKCPx5RytUir9fmHT5e8WHtwA tFFEL6cho2Sa2Pu926HoXcARFpNz0PSaXd+mXKNR5PV+WzlYksJ3FDpVswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOC5L72aGASPIiXmToc0+q/7BgPMMB8GA1UdIwQY MBaAFCWxoiO35z/SNGLCBOYOnUgVz3Y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTkwYzgtMmI4My00NzE1LTk5MzMt YTczZjBiNzQxOGFiLzEvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8wZTkwYzgtMmI4My00NzE1LTk5MzMtYTczZjBiNzQxOGFi LzEvSmJHaUk3Zm5QOUkwWXNJRTVnNmRTQlhQZGo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGvjeuPH wVpm1VXS+knRNnBq2yZyb20g0ecx7rubd15mLaLEf23nSPeI9pDtJiDLrfdolmuz tFYQVIasSSiVQbCmPx0UVlaaClfiRsear6lpsrvg/VcJocpzqvGmSMiDJdWCHeha HZgqKCIavtFm8vdYBct5cVUKY1GVhpC6gBV+15oNhpUskXtjXa3nJYciyehjmSkQ 3SXyrXLj3fwOOPQKKNlIbHqgDibc5UKX/RW0oEsz3CJFyMaO2CNtvE4YNDdZVFjE JZvjsQzIm44j1vE42o1YV9HZXGFEwVKRMBH5/5/tdOqkjsUvu5FyC3fjP8b8vSL5 TwPix08UXg/AFA== -----END CERTIFICATE-----Generated at Sat Dec 20 22:43:59 2025 by rpki-client