This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json) Hash identifier: Tpug1q9w8ELZB1PA5jqH3Ge5TvjSoQXgQmabXORLbwg= Subject key identifier: 07:1B:9E:E7:FA:DA:1A:B3:79:11:99:5F:90:7E:EC:97:DB:E3:93:D3 Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100 Certificate serial: 019AF0514C155B3EDB2F3318C41A7B75C645 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft Manifest number: 0CA7 Signing time: Fri 05 Dec 2025 21:00:50 +0000 Manifest this update: Fri 05 Dec 2025 21:00:50 +0000 Manifest next update: Sat 06 Dec 2025 21:00:50 +0000 Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=) 2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=) 3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: VoTGf0QYIHDTQ6DbDXDTHg7oftf5p2EZ5IEkxc3bCjU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:4c:15:5b:3e:db:2f:33:18:c4:1a:7b:75:c6:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27c641b530a7c6ba234022e3327246232367100 Validity Not Before: Dec 5 21:00:50 2025 GMT Not After : Dec 6 21:00:50 2025 GMT Subject: CN=071b9ee7fada1ab37911995f907eec97dbe393d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:b1:53:82:93:32:73:ed:fb:5f:89:bf:1b:04: 10:5b:db:ba:4e:ff:58:1e:86:17:8d:40:23:f6:67: e6:ae:16:f9:28:b6:5c:9e:98:fe:af:f9:5e:4a:f7: dc:42:58:3a:b4:e2:12:e2:d3:33:c7:88:ae:61:ea: 44:42:ef:98:69:fa:61:0f:7d:65:8d:d2:73:0a:9f: 51:9c:d0:fb:06:c5:08:4b:ee:5f:aa:c8:8a:43:84: 68:d9:1f:a0:31:07:92:27:0a:5e:0c:de:1a:5a:0f: 64:73:3a:d7:f7:19:08:fb:e8:f0:36:75:c1:06:c8: f3:a8:71:59:90:84:36:5d:73:68:87:1f:c9:6d:77: 33:30:66:74:0d:bf:a1:3d:d0:d8:b4:74:73:59:c6: b9:bb:75:02:22:31:fe:d4:bb:20:79:74:c6:53:f6: 65:b6:68:f5:36:21:16:42:43:92:ba:ff:e6:1e:d0: 24:78:60:7a:bb:be:ed:35:70:2f:b6:c8:e6:a5:f3: bf:1b:b5:2b:6a:06:95:cd:a4:f6:7e:97:63:b9:13: 47:fe:12:28:96:db:7e:11:43:95:66:6e:aa:35:61: 69:31:8a:93:79:01:02:3e:17:df:4b:b9:16:9d:a0: b8:91:23:35:ed:09:05:6b:66:d6:d9:40:dd:99:92: 8e:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:1B:9E:E7:FA:DA:1A:B3:79:11:99:5F:90:7E:EC:97:DB:E3:93:D3 X509v3 Authority Key Identifier: keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:cd:9b:aa:3c:f6:22:a5:35:ff:57:cf:c4:88:4c:e1:54:97: 2f:5f:bd:6f:74:ca:fb:fe:00:4d:ae:4d:c7:1a:5d:36:68:a8: 7d:ea:5d:b7:b7:40:b4:47:04:69:b8:ec:08:83:4b:67:b9:5b: 5d:58:ac:60:9c:78:2d:9d:5d:1b:1c:49:54:50:7f:14:70:74: 96:b9:4c:03:67:4a:32:10:f3:4a:9a:82:86:06:4e:3a:80:3b: f8:84:99:bc:d3:0a:78:80:fe:41:51:99:99:b3:99:e7:29:1f: 78:36:8e:2b:27:fd:5a:c0:57:1a:2a:1d:36:f4:90:77:00:a1: ab:d5:a5:99:0c:6b:f7:b8:f5:13:31:a1:f7:86:ff:30:b2:66: 10:d7:93:f4:40:90:2a:aa:e6:4d:67:2e:b9:de:6c:7d:c8:84: fa:d8:79:95:8a:01:d0:16:f6:6d:0a:5a:43:0b:6b:2a:42:a9: 8d:dd:28:e6:35:58:ec:a1:0a:f4:08:78:38:6e:e5:33:3e:67: 1f:32:61:fa:f4:ce:37:24:ea:68:10:c6:e6:33:b0:7f:fd:46: 4e:27:bf:47:07:eb:c1:ed:93:c7:01:45:53:e4:3b:9a:68:9b: 66:77:71:c1:1e:5b:9f:4b:c9:39:bc:50:6b:65:dd:96:32:4f: a2:8b:c7:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUUwVWz7bLzMYxBp7dcZFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz NjcxMDAwHhcNMjUxMjA1MjEwMDUwWhcNMjUxMjA2MjEwMDUwWjAzMTEwLwYDVQQD EygwNzFiOWVlN2ZhZGExYWIzNzkxMTk5NWY5MDdlZWM5N2RiZTM5M2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bFTgpMyc+37X4m/GwQQW9u6Tv9Y HoYXjUAj9mfmrhb5KLZcnpj+r/leSvfcQlg6tOIS4tMzx4iuYepEQu+YafphD31l jdJzCp9RnND7BsUIS+5fqsiKQ4Ro2R+gMQeSJwpeDN4aWg9kczrX9xkI++jwNnXB BsjzqHFZkIQ2XXNohx/JbXczMGZ0Db+hPdDYtHRzWca5u3UCIjH+1LsgeXTGU/Zl tmj1NiEWQkOSuv/mHtAkeGB6u77tNXAvtsjmpfO/G7UragaVzaT2fpdjuRNH/hIo ltt+EUOVZm6qNWFpMYqTeQECPhffS7kWnaC4kSM17QkFa2bW2UDdmZKO3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAcbnuf62hqzeRGZX5B+7Jfb45PTMB8GA1UdIwQY MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1 LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT82bqjz2 IqU1/1fPxIhM4VSXL1+9b3TK+/4ATa5NxxpdNmiofepdt7dAtEcEabjsCINLZ7lb XVisYJx4LZ1dGxxJVFB/FHB0lrlMA2dKMhDzSpqChgZOOoA7+ISZvNMKeID+QVGZ mbOZ5ykfeDaOKyf9WsBXGiodNvSQdwChq9WlmQxr97j1EzGh94b/MLJmENeT9ECQ KqrmTWcuud5sfciE+th5lYoB0Bb2bQpaQwtrKkKpjd0o5jVY7KEK9Ah4OG7lMz5n HzJh+vTONyTqaBDG5jOwf/1GTie/Rwfrwe2TxwFFU+Q7mmibZndxwR5bn0vJObxQ a2XdljJPoovHJA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:31 2025 by rpki-client