This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: ojFCqqSghlldAQnAPEly3eY/4VU2bEgUnAVgjkwCMEE= Subject key identifier: C7:6D:42:D4:07:15:29:4F:73:D7:A6:FF:D5:71:44:0A:0C:E0:8D:CF Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019AF57832503F2EEE9B7951D8418201C999 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0E4A Signing time: Sat 06 Dec 2025 21:01:26 +0000 Manifest this update: Sat 06 Dec 2025 21:01:26 +0000 Manifest next update: Sun 07 Dec 2025 21:01:26 +0000 Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: TTjMqtGGOUVY/CCQmEBZfn3Avn74VbCxgCgT08zOg0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:32:50:3f:2e:ee:9b:79:51:d8:41:82:01:c9:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Dec 6 21:01:26 2025 GMT Not After : Dec 7 21:01:26 2025 GMT Subject: CN=c76d42d40715294f73d7a6ffd571440a0ce08dcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:cb:a8:6e:99:d1:57:1b:2d:ea:58:0a:7d:e3: 6f:ae:af:b7:d4:48:7b:49:92:07:b8:b8:6a:b8:1e: c5:fc:0b:0d:cb:57:5d:0c:f5:da:e9:22:f8:5c:81: 60:e7:ec:a8:12:51:33:ac:05:5a:ed:a9:1b:34:ab: b7:ad:bb:63:63:bc:3d:a9:27:ba:6f:01:85:53:05: d7:60:d9:d9:a6:a1:f7:fe:b4:86:b0:5a:17:19:08: 20:46:f6:33:c1:a9:d8:33:f9:d4:dd:a3:10:2c:e4: 76:8e:3a:f8:c3:e3:fa:4e:14:3a:e6:85:40:f8:7a: db:48:94:40:29:6a:08:09:e2:69:8e:a5:bd:ca:37: fe:3d:da:ed:ed:97:4a:12:98:9e:3e:d7:eb:7f:49: 82:75:6c:61:5f:24:5c:ad:ca:e5:83:85:fc:15:cb: c5:9e:69:ed:4c:ca:2f:98:e1:9f:70:0e:b6:1c:50: 8f:5d:cf:60:43:f6:e6:ab:68:de:03:df:22:8b:bc: ab:01:f1:1d:3a:1e:2f:f1:55:de:be:f7:0d:9f:95: a1:3b:c7:b7:1c:7a:fd:70:2d:b9:23:38:91:be:a3: 07:bf:be:a5:a6:fe:2a:ee:44:2f:ae:82:cc:87:c1: a9:a9:17:d9:ad:02:5e:88:77:01:a3:b8:5e:b4:4d: 25:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:6D:42:D4:07:15:29:4F:73:D7:A6:FF:D5:71:44:0A:0C:E0:8D:CF X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:b9:dd:20:d8:8a:3c:49:37:ef:f7:1d:a0:c9:3f:5d:86:f3: 35:97:a9:94:20:8a:9c:ee:a9:a2:5d:0b:09:06:ed:90:f1:e2: fe:07:b6:80:37:1b:ad:d8:a6:14:e1:0c:24:c6:14:a7:0c:b4: 26:02:16:7f:c1:c2:01:af:1b:b6:ba:cb:73:6d:7e:88:c2:70: 3d:8c:09:0d:98:91:19:05:f9:53:02:89:8b:f4:67:3a:d0:fd: 10:a7:9b:90:f7:2a:45:7b:b5:ef:c1:2b:cb:b8:fa:83:3d:94: 0b:84:9e:37:1f:d3:ba:a2:77:b4:cc:05:dd:e3:d9:93:f9:c9: c6:66:ba:00:b6:e5:a9:14:10:01:0f:72:ee:ce:48:2e:c7:28: bd:ff:d4:3e:ef:55:e6:00:7f:94:38:52:1b:3e:b4:b2:a6:94: 60:d0:a9:b0:4f:11:02:f5:83:a6:38:47:bc:d4:84:1f:e8:ea: 97:3e:6b:4b:29:2e:5c:7f:d3:23:2a:99:79:0a:34:27:13:dd: 4d:84:cf:67:02:84:42:e7:77:6b:80:be:68:79:53:af:ba:69: 82:d2:f9:de:6f:c4:ce:bc:c1:47:ec:3c:86:6a:1d:5e:fd:4d: 36:9b:80:e8:0a:c3:dd:8d:14:c4:3e:92:0a:67:ea:95:b1:a6: ed:69:ec:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eDJQPy7um3lR2EGCAcmZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjUxMjA2MjEwMTI2WhcNMjUxMjA3MjEwMTI2WjAzMTEwLwYDVQQD EyhjNzZkNDJkNDA3MTUyOTRmNzNkN2E2ZmZkNTcxNDQwYTBjZTA4ZGNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcuobpnRVxst6lgKfeNvrq+31Eh7 SZIHuLhquB7F/AsNy1ddDPXa6SL4XIFg5+yoElEzrAVa7akbNKu3rbtjY7w9qSe6 bwGFUwXXYNnZpqH3/rSGsFoXGQggRvYzwanYM/nU3aMQLOR2jjr4w+P6ThQ65oVA +HrbSJRAKWoICeJpjqW9yjf+Pdrt7ZdKEpiePtfrf0mCdWxhXyRcrcrlg4X8FcvF nmntTMovmOGfcA62HFCPXc9gQ/bmq2jeA98ii7yrAfEdOh4v8VXevvcNn5WhO8e3 HHr9cC25IziRvqMHv76lpv4q7kQvroLMh8GpqRfZrQJeiHcBo7hetE0lEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMdtQtQHFSlPc9em/9VxRAoM4I3PMB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKbndINiK PEk37/cdoMk/XYbzNZeplCCKnO6pol0LCQbtkPHi/ge2gDcbrdimFOEMJMYUpwy0 JgIWf8HCAa8btrrLc21+iMJwPYwJDZiRGQX5UwKJi/RnOtD9EKebkPcqRXu178Er y7j6gz2UC4SeNx/TuqJ3tMwF3ePZk/nJxma6ALblqRQQAQ9y7s5ILscovf/UPu9V 5gB/lDhSGz60sqaUYNCpsE8RAvWDpjhHvNSEH+jqlz5rSykuXH/TIyqZeQo0JxPd TYTPZwKEQud3a4C+aHlTr7ppgtL53m/EzrzBR+w8hmodXv1NNpuA6ArD3Y0UxD6S CmfqlbGm7WnsSg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:55:14 2025 by rpki-client