This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft File: oED5aPpS5ssv5lcQlwD6B0wZC4U.mft (raw, json) Hash identifier: YPhzYjTKr1c+6Hj1bDIxp9K8QjhW8F3ScCQ3+3tY8Dg= Subject key identifier: 76:DD:EA:4E:AF:A6:3E:52:3A:DE:42:B4:39:68:E8:D4:75:C6:0E:31 Authority key identifier: A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85 Certificate issuer: /CN=a040f968fa52e6cb2fe657109700fa074c190b85 Certificate serial: 019AF3526E29D7598FCFFFD4B9E7BD76B60A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft Manifest number: 070D Signing time: Sat 06 Dec 2025 11:00:56 +0000 Manifest this update: Sat 06 Dec 2025 11:00:56 +0000 Manifest next update: Sun 07 Dec 2025 11:00:56 +0000 Files and hashes: 1: lG9M0ytelOsltsM45OHzpDj8VA0.roa (hash: NbXxBP1wpUJzGfc6WpWH6JS4IiG1rIjC9o+D9ASG5hQ=) 2: oED5aPpS5ssv5lcQlwD6B0wZC4U.crl (hash: luQAq99VZ0q42Ed/exvnGwEK1rVD5P7GHYKvkqjBo08=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:6e:29:d7:59:8f:cf:ff:d4:b9:e7:bd:76:b6:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a040f968fa52e6cb2fe657109700fa074c190b85 Validity Not Before: Dec 6 11:00:56 2025 GMT Not After : Dec 7 11:00:56 2025 GMT Subject: CN=76ddea4eafa63e523ade42b43968e8d475c60e31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ff:8a:0f:b2:4f:52:be:c6:fd:1f:73:9c:1a: 8f:d7:58:f9:79:da:0f:50:6e:8d:3f:bd:0c:31:ad: 65:c8:12:00:86:5a:5f:cc:ce:51:c7:ff:d3:98:0b: 5a:d3:3c:ce:99:3f:a3:36:75:22:30:69:42:18:79: 6e:82:98:6d:63:de:2c:0e:21:f4:de:a8:49:34:97: 1f:8a:c0:fe:3e:b5:f4:db:b4:41:f1:a1:95:66:73: 32:a8:0b:70:90:cd:15:a7:60:76:fe:4a:11:b1:11: f0:6b:9b:42:54:5c:a4:15:b7:17:25:d2:f6:f9:ab: 07:21:57:6f:17:fc:e5:3d:8f:38:62:c0:fd:2a:59: e2:9b:e2:6c:0f:65:86:d3:1c:0e:63:f4:dc:7b:d8: 44:dc:e7:bf:60:50:65:84:c8:d2:54:16:d3:92:e4: ab:33:db:c9:5a:97:95:11:a4:52:07:f9:3f:50:e4: d5:84:4d:6a:eb:2c:05:95:1f:78:f2:7d:dd:c2:5e: 0c:d3:65:35:85:3e:48:01:5d:11:8f:6e:7c:19:6e: 6b:d8:46:2e:09:c9:d5:5e:59:ee:f5:4f:73:1b:02: 58:d8:00:e4:21:af:79:aa:db:e6:69:3e:57:34:c2: 94:b8:c1:d2:62:c4:7b:b9:f5:67:29:0c:d8:0e:7a: f4:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:DD:EA:4E:AF:A6:3E:52:3A:DE:42:B4:39:68:E8:D4:75:C6:0E:31 X509v3 Authority Key Identifier: keyid:A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:fa:a2:93:27:1a:0f:f8:e8:9c:9a:b2:d6:7d:4c:85:45:96: 00:ff:55:a8:4a:53:74:8c:c7:23:40:38:f2:84:47:fe:55:8d: 5a:f6:0d:d3:13:08:6a:4a:3a:cf:c9:ea:1b:74:9f:45:09:c6: f1:4c:0c:7e:8d:ae:76:da:ee:81:cc:2a:3d:18:5a:4a:b0:95: 43:ea:2c:66:3a:49:2b:5c:7f:0b:fb:8d:c1:ef:63:d2:21:fc: 25:c7:06:14:7a:fe:e4:fc:a1:8d:8e:0c:14:bc:aa:3e:ec:10: 52:8a:81:f3:d3:63:87:5a:14:4c:a6:aa:0d:95:4d:3a:a4:f2: b4:c4:88:2f:0e:af:7d:43:fa:dc:90:e8:56:1d:6f:91:48:2f: 14:c8:38:91:4e:01:98:c8:f6:21:c4:c8:e0:4a:5f:ec:7f:6a: 0c:e7:08:8e:a3:6c:ad:e1:e0:14:09:a5:c0:43:c2:a9:90:f8: bf:e9:cc:6b:e9:e8:af:5e:a1:8b:96:bb:ab:33:9b:30:43:b5: 75:dc:44:53:c7:46:54:bb:e7:b3:44:e5:c5:ec:dc:61:7c:ff: 2f:1f:11:cb:cb:5a:13:8b:b1:43:62:c8:e0:3d:b9:df:f7:57: 78:d2:ed:7a:e3:d5:e7:4f:7c:9b:aa:af:e3:f8:3d:75:df:9d: ea:95:76:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUm4p11mPz//Uuee9drYKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwNDBmOTY4ZmE1MmU2Y2IyZmU2NTcxMDk3MDBmYTA3NGMx OTBiODUwHhcNMjUxMjA2MTEwMDU2WhcNMjUxMjA3MTEwMDU2WjAzMTEwLwYDVQQD Eyg3NmRkZWE0ZWFmYTYzZTUyM2FkZTQyYjQzOTY4ZThkNDc1YzYwZTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP+KD7JPUr7G/R9znBqP11j5edoP UG6NP70MMa1lyBIAhlpfzM5Rx//TmAta0zzOmT+jNnUiMGlCGHlugphtY94sDiH0 3qhJNJcfisD+PrX027RB8aGVZnMyqAtwkM0Vp2B2/koRsRHwa5tCVFykFbcXJdL2 +asHIVdvF/zlPY84YsD9Klnim+JsD2WG0xwOY/Tce9hE3Oe/YFBlhMjSVBbTkuSr M9vJWpeVEaRSB/k/UOTVhE1q6ywFlR948n3dwl4M02U1hT5IAV0Rj258GW5r2EYu CcnVXlnu9U9zGwJY2ADkIa95qtvmaT5XNMKUuMHSYsR7ufVnKQzYDnr0pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHbd6k6vpj5SOt5CtDlo6NR1xg4xMB8GA1UdIwQY MBaAFKBA+Wj6UubLL+ZXEJcA+gdMGQuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUt M2I2YjBhNTU1NWVmLzEvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUtM2I2YjBhNTU1NWVm LzEvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlfqikyca D/jonJqy1n1MhUWWAP9VqEpTdIzHI0A48oRH/lWNWvYN0xMIako6z8nqG3SfRQnG 8UwMfo2udtrugcwqPRhaSrCVQ+osZjpJK1x/C/uNwe9j0iH8JccGFHr+5PyhjY4M FLyqPuwQUoqB89Njh1oUTKaqDZVNOqTytMSILw6vfUP63JDoVh1vkUgvFMg4kU4B mMj2IcTI4Epf7H9qDOcIjqNsreHgFAmlwEPCqZD4v+nMa+nor16hi5a7qzObMEO1 ddxEU8dGVLvns0TlxezcYXz/Lx8Ry8taE4uxQ2LI4D253/dXeNLteuPV5098m6qv 4/g9dd+d6pV2wQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:55:57 2025 by rpki-client