This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json) Hash identifier: pPQyxZA6v3E5ONQwVbPmOkOsl1kw2HOFHapFPVWkQsc= Subject key identifier: DD:A3:56:8F:D9:6C:00:84:0E:6B:6D:CC:4A:65:33:A9:93:8E:5E:75 Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59 Certificate serial: 019AF540F7632E59EE0BA88A990D403430EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft Manifest number: 0CC5 Signing time: Sat 06 Dec 2025 20:01:06 +0000 Manifest this update: Sat 06 Dec 2025 20:01:06 +0000 Manifest next update: Sun 07 Dec 2025 20:01:06 +0000 Files and hashes: 1: Y2_roQOUIthtVw1QejxD0nB1Z6Y.roa (hash: stNdekHqHd38daoAs6CHIS4mgM26Z52wdTv8J9OHtKw=) 2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: 7+q4Tc7gjokTw8pSxt52pIiBvJlrFeGEmgSoHC0wTiE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 20:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:f7:63:2e:59:ee:0b:a8:8a:99:0d:40:34:30:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59 Validity Not Before: Dec 6 20:01:06 2025 GMT Not After : Dec 7 20:01:06 2025 GMT Subject: CN=dda3568fd96c00840e6b6dcc4a6533a9938e5e75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:18:55:23:d3:91:e6:d9:2e:9e:ae:bb:53:2a: 3c:fc:96:5a:51:ee:c1:1e:72:cd:13:19:00:11:8c: 05:99:a1:22:0e:a7:25:70:0c:fb:f9:82:d1:5a:6c: b9:34:f2:47:56:74:bb:aa:ba:04:2d:1b:c4:a1:90: e1:51:17:5e:29:76:91:b2:a1:aa:93:ed:7d:c7:61: 2d:fb:b8:21:a7:21:ce:8b:06:93:26:14:24:14:16: 3b:a9:2c:e3:73:33:a9:fc:ea:32:df:df:08:6e:bd: ad:f5:f2:fe:18:2a:0a:00:3c:50:d9:ca:e8:3e:c5: e4:31:95:ec:e9:7f:b3:2f:94:2e:37:1f:eb:f8:ce: ca:d1:15:aa:97:9d:8c:50:c4:ec:9f:e2:89:66:10: eb:e1:58:0b:e0:4c:27:8f:da:cf:e7:1d:0d:bb:2f: ef:7e:22:07:59:8b:51:0a:6d:f3:e6:c4:54:5e:6c: a7:43:a8:a4:e9:bc:ad:af:40:ec:e7:d9:4e:96:f7: f2:af:be:40:0e:97:ed:a6:ae:62:29:57:56:13:51: f3:02:3b:94:89:44:e7:30:5b:57:40:5e:78:c3:8b: 02:54:b8:ec:bc:64:52:72:9d:50:57:42:c1:77:1c: 41:17:5e:0d:41:53:32:e7:f4:45:af:3f:fe:7d:de: ea:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:A3:56:8F:D9:6C:00:84:0E:6B:6D:CC:4A:65:33:A9:93:8E:5E:75 X509v3 Authority Key Identifier: keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:05:b8:69:64:ea:f9:59:7a:cb:a2:fd:3e:a4:f2:14:e1:21: 08:95:c5:66:f5:a3:41:8c:71:c6:d0:32:56:ff:ab:b7:3f:d2: ab:04:14:df:8e:50:0c:d6:ec:71:85:f3:3e:d7:fd:8c:03:a0: 98:fd:59:f5:6a:ff:7b:6a:02:d5:38:88:22:5b:35:d6:ea:54: 87:a1:c4:98:a4:a1:49:d0:c7:ce:e5:00:28:0e:d0:37:e4:ce: d1:cf:5c:cc:47:23:4a:62:a8:12:f8:4b:d8:32:0b:a7:b3:61: 29:48:fc:3f:88:53:e0:9c:05:c0:9a:8b:26:11:d4:51:81:55: 06:3e:3d:a7:41:d6:89:e8:d1:81:ec:a8:a6:49:f6:d9:ba:cd: 93:63:71:a2:5b:aa:c5:19:44:f0:6f:a7:b1:4d:15:55:b2:1a: 06:13:8e:79:3c:81:99:51:f2:55:98:af:5e:af:11:44:db:29: 5b:ce:6d:f2:f2:c9:e9:c7:d4:e5:6a:77:7f:ad:ad:b1:7b:e6: 03:81:2e:8e:be:95:88:86:7a:17:2b:f8:4b:30:01:e4:80:15: 38:77:82:d6:78:e4:7c:d1:bf:5e:57:0f:3e:fc:b0:3d:f7:85: 8f:9e:0a:8e:b8:0f:ee:18:0d:db:33:29:b2:b2:35:98:8a:01: f9:1e:7c:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QPdjLlnuC6iKmQ1ANDDvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1 M2RjNTkwHhcNMjUxMjA2MjAwMTA2WhcNMjUxMjA3MjAwMTA2WjAzMTEwLwYDVQQD EyhkZGEzNTY4ZmQ5NmMwMDg0MGU2YjZkY2M0YTY1MzNhOTkzOGU1ZTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRhVI9OR5tkunq67Uyo8/JZaUe7B HnLNExkAEYwFmaEiDqclcAz7+YLRWmy5NPJHVnS7qroELRvEoZDhURdeKXaRsqGq k+19x2Et+7ghpyHOiwaTJhQkFBY7qSzjczOp/Ooy398Ibr2t9fL+GCoKADxQ2cro PsXkMZXs6X+zL5QuNx/r+M7K0RWql52MUMTsn+KJZhDr4VgL4Ewnj9rP5x0Nuy/v fiIHWYtRCm3z5sRUXmynQ6ik6bytr0Ds59lOlvfyr75ADpftpq5iKVdWE1HzAjuU iUTnMFtXQF54w4sCVLjsvGRScp1QV0LBdxxBF14NQVMy5/RFrz/+fd7qNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2jVo/ZbACEDmttzEplM6mTjl51MB8GA1UdIwQY MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAW4aWTq +Vl6y6L9PqTyFOEhCJXFZvWjQYxxxtAyVv+rtz/SqwQU345QDNbscYXzPtf9jAOg mP1Z9Wr/e2oC1TiIIls11upUh6HEmKShSdDHzuUAKA7QN+TO0c9czEcjSmKoEvhL 2DILp7NhKUj8P4hT4JwFwJqLJhHUUYFVBj49p0HWiejRgeyopkn22brNk2Nxoluq xRlE8G+nsU0VVbIaBhOOeTyBmVHyVZivXq8RRNspW85t8vLJ6cfU5Wp3f62tsXvm A4Eujr6ViIZ6Fyv4SzAB5IAVOHeC1njkfNG/XlcPPvywPfeFj54KjrgP7hgN2zMp srI1mIoB+R58LQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:55:30 2025 by rpki-client