This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft File: oE3odQHH0wgsdmWfTevZQohDtMs.mft (raw, json) Hash identifier: 7zz1zrUjYbIqG2w2dfJGyZQxSFtZTCOtsk9LXfT9fn8= Subject key identifier: 20:EA:A4:23:DE:CD:5A:01:E1:CC:72:D3:DC:0F:26:31:81:76:0B:13 Authority key identifier: A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB Certificate issuer: /CN=a04de87501c7d3082c76659f4debd9428843b4cb Certificate serial: 019B3F48B38A4D9764FE120094D691F7F6B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft Manifest number: 136C Signing time: Sun 21 Dec 2025 05:01:27 +0000 Manifest this update: Sun 21 Dec 2025 05:01:27 +0000 Manifest next update: Mon 22 Dec 2025 05:01:27 +0000 Files and hashes: 1: 3oKx6h0eBr3yZ2nfockvN65K1_o.roa (hash: geWao+6sgTP3cLFpfRuFIKY1lyLCLqYJA9Pcg4p46Gs=) 2: oE3odQHH0wgsdmWfTevZQohDtMs.crl (hash: jJSjyVTghx79KZmL5mUf4bPks7QgO8kYm7YIj0MIHxQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:b3:8a:4d:97:64:fe:12:00:94:d6:91:f7:f6:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a04de87501c7d3082c76659f4debd9428843b4cb Validity Not Before: Dec 21 05:01:27 2025 GMT Not After : Dec 22 05:01:27 2025 GMT Subject: CN=20eaa423decd5a01e1cc72d3dc0f263181760b13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a4:e2:90:8b:37:02:d6:e9:47:97:19:18:9d: 23:c5:56:fa:63:06:32:90:72:85:90:7b:5d:29:3d: 82:3e:bf:5a:32:02:eb:c2:6f:84:b8:ab:e3:79:c3: 95:fa:54:0c:d7:67:40:37:80:0b:fc:f1:2f:0e:ce: 87:19:25:fb:8b:aa:ee:c6:7e:5f:29:bf:7e:a9:a4: 6d:4e:8c:22:c5:26:9e:36:60:49:78:95:39:75:71: d9:96:2f:63:84:6c:dd:dc:fb:6a:93:c9:fb:76:06: 95:93:4e:07:6a:0d:78:3a:d7:b7:63:84:4d:67:72: 1a:79:bf:84:d2:38:23:54:d4:d2:41:c3:dd:73:eb: 83:00:11:61:f0:4b:18:9b:2b:47:1f:f7:78:b8:ef: 9d:89:2d:e8:a8:a9:dc:d9:49:63:76:f5:c2:6c:2d: 62:7b:fe:a4:08:4e:fb:db:f8:73:0b:f4:fc:5a:27: 6d:d0:88:ea:a1:e4:98:dd:1c:96:1d:e1:b4:a4:40: cf:48:00:82:22:d1:ea:20:25:73:30:fc:f7:63:81: d0:68:05:e7:a2:01:3e:98:5f:b4:a9:ae:b8:d5:b4: ae:86:5d:e6:30:4e:33:66:a8:29:b0:a6:d5:db:1b: d5:0b:11:19:5d:d7:fe:02:d3:6a:6a:05:6f:9a:74: 7b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:EA:A4:23:DE:CD:5A:01:E1:CC:72:D3:DC:0F:26:31:81:76:0B:13 X509v3 Authority Key Identifier: keyid:A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:4c:73:3b:3a:e1:c5:c3:85:48:3d:f8:ac:4a:2b:ce:a6:84: c4:24:9a:af:77:e3:ad:d4:aa:bb:58:f5:74:08:e6:d1:2b:59: b6:58:77:08:71:76:00:52:ad:41:3e:0b:89:cb:ce:1c:f2:6c: d6:f8:7f:cc:81:6a:a7:33:0d:9b:fb:00:b3:f4:60:fa:f6:1f: 82:04:72:aa:05:2b:dc:53:90:2a:12:e3:d4:ba:c4:09:dc:ea: 23:7e:24:58:91:01:13:da:24:74:cc:c2:98:87:36:d6:6f:94: 5c:fb:a4:0c:f9:e0:fd:ed:af:1f:42:e6:0a:90:29:08:44:06: 18:cd:cc:c3:0b:2a:a6:fd:4f:aa:83:00:f3:fe:b1:b9:79:a6: 0c:db:70:97:c5:76:1a:92:e6:6f:3b:20:47:b7:ab:8a:ff:f0: e9:8d:05:da:73:c0:2e:51:26:25:62:6c:29:91:c2:38:24:82: 2e:89:5e:06:23:ad:9b:69:16:ca:61:8a:e4:90:0e:90:01:92: b5:95:bd:63:6f:04:ac:0a:7b:e1:b2:e5:d6:84:f3:2d:43:fd: 6b:71:1d:10:8f:18:62:31:06:eb:00:1a:7e:5f:3c:f2:05:42: 71:ec:90:09:66:15:cf:a2:44:be:dd:4e:a6:18:0c:08:f9:40: 7d:0f:2e:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SLOKTZdk/hIAlNaR9/azMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwNGRlODc1MDFjN2QzMDgyYzc2NjU5ZjRkZWJkOTQyODg0 M2I0Y2IwHhcNMjUxMjIxMDUwMTI3WhcNMjUxMjIyMDUwMTI3WjAzMTEwLwYDVQQD EygyMGVhYTQyM2RlY2Q1YTAxZTFjYzcyZDNkYzBmMjYzMTgxNzYwYjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qTikIs3AtbpR5cZGJ0jxVb6YwYy kHKFkHtdKT2CPr9aMgLrwm+EuKvjecOV+lQM12dAN4AL/PEvDs6HGSX7i6ruxn5f Kb9+qaRtTowixSaeNmBJeJU5dXHZli9jhGzd3Ptqk8n7dgaVk04Hag14Ote3Y4RN Z3Iaeb+E0jgjVNTSQcPdc+uDABFh8EsYmytHH/d4uO+diS3oqKnc2UljdvXCbC1i e/6kCE772/hzC/T8Widt0IjqoeSY3RyWHeG0pEDPSACCItHqICVzMPz3Y4HQaAXn ogE+mF+0qa641bSuhl3mME4zZqgpsKbV2xvVCxEZXdf+AtNqagVvmnR7NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCDqpCPezVoB4cxy09wPJjGBdgsTMB8GA1UdIwQY MBaAFKBN6HUBx9MILHZln03r2UKIQ7TLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5Njkt NzQ4Zjc4NzgzODhhLzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5NjktNzQ4Zjc4NzgzODhh LzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUExzOzrh xcOFSD34rEorzqaExCSar3fjrdSqu1j1dAjm0StZtlh3CHF2AFKtQT4LicvOHPJs 1vh/zIFqpzMNm/sAs/Rg+vYfggRyqgUr3FOQKhLj1LrECdzqI34kWJEBE9okdMzC mIc21m+UXPukDPng/e2vH0LmCpApCEQGGM3Mwwsqpv1PqoMA8/6xuXmmDNtwl8V2 GpLmbzsgR7eriv/w6Y0F2nPALlEmJWJsKZHCOCSCLoleBiOtm2kWymGK5JAOkAGS tZW9Y28ErAp74bLl1oTzLUP9a3EdEI8YYjEG6wAafl888gVCceyQCWYVz6JEvt1O phgMCPlAfQ8uBA== -----END CERTIFICATE-----Generated at Sun Dec 21 10:20:55 2025 by rpki-client