This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft File: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft (raw, json) Hash identifier: 5w9S4Wjg5/XggQ1kBfiKPm7xFOS4RoqLutuwCCmauZA= Subject key identifier: CD:DE:DD:EB:08:B5:94:13:0B:C2:FC:48:C5:4C:44:EB:A2:1C:70:8E Authority key identifier: 38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2 Certificate issuer: /CN=38227a96fa64ad95240f0aee0bd374646c6bbee2 Certificate serial: 019AF6FA0B8EAD36E041FE797227AFFE24B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft Manifest number: 12E1 Signing time: Sun 07 Dec 2025 04:02:53 +0000 Manifest this update: Sun 07 Dec 2025 04:02:53 +0000 Manifest next update: Mon 08 Dec 2025 04:02:53 +0000 Files and hashes: 1: OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl (hash: Ae0xrIznbcym0CVD45poq7UueHFxJKyVvtps3OL9We8=) 2: hbt7WcwBqBoPW6rBuDIQ3SNZmzc.roa (hash: gFxs6hHw3FxfMImk+yNCzFI6L94MQhx1psEtxtAsjbw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:fa:0b:8e:ad:36:e0:41:fe:79:72:27:af:fe:24:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38227a96fa64ad95240f0aee0bd374646c6bbee2 Validity Not Before: Dec 7 04:02:53 2025 GMT Not After : Dec 8 04:02:53 2025 GMT Subject: CN=cddeddeb08b594130bc2fc48c54c44eba21c708e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:24:6e:2d:e2:03:53:9a:b6:6a:b9:c2:e8:cb: a8:df:39:5b:5a:08:48:be:11:1b:4f:f7:df:a9:78: a6:03:03:a8:1d:cb:74:f2:34:d5:f8:6b:15:45:53: f1:cf:56:f9:e3:42:ec:63:f3:8b:a0:bf:c3:9e:48: 6e:42:da:8e:fa:7c:fa:75:04:e8:b4:7a:05:0a:35: 15:a2:57:5e:81:a9:66:68:16:60:ca:84:58:bc:71: 60:b8:7f:75:0d:71:7a:37:a4:b7:42:a2:17:8c:d6: a7:31:76:83:5d:37:28:0f:3d:ae:02:9e:f2:9a:30: b8:b3:d4:2d:c7:a5:01:fc:60:6a:24:59:40:b7:ca: 98:e0:0e:2d:25:4b:c2:a9:9e:26:29:96:29:b1:f5: ce:2a:47:2c:05:29:3e:93:e1:77:e3:f2:5c:da:18: 67:cb:1b:fe:5d:63:37:eb:66:e1:7d:f5:62:85:b7: 63:bb:d8:56:4b:b9:1e:06:9e:4e:24:a9:6f:4e:a2: 79:ba:7b:19:92:1d:d2:73:8b:84:c0:41:f2:7e:d3: 19:04:8b:d0:6b:09:48:cc:6b:14:c8:f8:ec:7d:bf: 66:12:dc:0a:5b:89:dd:98:7a:c6:41:b4:1a:d5:14: dc:93:fd:7a:36:fb:ae:fc:79:d7:16:50:48:8d:9f: 34:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:DE:DD:EB:08:B5:94:13:0B:C2:FC:48:C5:4C:44:EB:A2:1C:70:8E X509v3 Authority Key Identifier: keyid:38:22:7A:96:FA:64:AD:95:24:0F:0A:EE:0B:D3:74:64:6C:6B:BE:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1cf9ac-10d4-4a5e-a706-d1c9ba08f559/1/OCJ6lvpkrZUkDwruC9N0ZGxrvuI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:83:0f:c1:12:83:94:ef:10:83:cf:19:4d:3a:a3:32:94:f4: 65:dd:e9:40:1c:6b:1b:ad:d8:bf:42:a0:3e:44:86:58:a4:83: b4:bf:33:ee:02:75:25:05:ee:ab:bf:1c:9b:a9:a8:2c:41:8c: 41:b6:4f:76:f9:b1:bf:5b:83:31:85:a5:44:4e:11:73:e9:9b: c4:56:f0:00:78:8b:8f:6f:8c:8f:c7:8a:09:b8:42:4f:e8:3a: 3f:17:4f:e6:c7:dc:c8:b3:ac:84:8c:37:52:ce:cf:a3:4d:91: 02:9c:ea:8b:18:34:d4:27:54:bf:96:6a:55:81:9c:84:90:5b: 7b:4d:11:6d:89:6b:e5:ea:78:f2:20:51:4f:81:8f:d7:07:40: eb:2a:2a:84:52:a6:fc:b1:39:1c:07:b2:49:56:78:97:04:85: cf:7e:9d:1f:83:da:00:92:e4:91:cc:13:0c:14:a1:01:cc:3a: 9b:c3:48:70:cb:5f:9f:3b:18:f1:68:c4:b5:02:ee:97:4d:6c: 04:d5:8d:a2:df:53:8d:ee:86:19:f7:a8:dc:07:03:cb:b6:cd: df:68:4a:c0:e8:fd:3f:bf:46:6a:81:07:0a:15:3d:48:5a:b5: f0:be:be:ca:b6:12:a2:f9:f3:1a:0a:d2:6f:b4:d0:ff:bf:e8: 01:35:2d:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+guOrTbgQf55ciev/iSxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MjI3YTk2ZmE2NGFkOTUyNDBmMGFlZTBiZDM3NDY0NmM2 YmJlZTIwHhcNMjUxMjA3MDQwMjUzWhcNMjUxMjA4MDQwMjUzWjAzMTEwLwYDVQQD EyhjZGRlZGRlYjA4YjU5NDEzMGJjMmZjNDhjNTRjNDRlYmEyMWM3MDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiRuLeIDU5q2arnC6Muo3zlbWghI vhEbT/ffqXimAwOoHct08jTV+GsVRVPxz1b540LsY/OLoL/DnkhuQtqO+nz6dQTo tHoFCjUVoldegalmaBZgyoRYvHFguH91DXF6N6S3QqIXjNanMXaDXTcoDz2uAp7y mjC4s9Qtx6UB/GBqJFlAt8qY4A4tJUvCqZ4mKZYpsfXOKkcsBSk+k+F34/Jc2hhn yxv+XWM362bhffVihbdju9hWS7keBp5OJKlvTqJ5unsZkh3Sc4uEwEHyftMZBIvQ awlIzGsUyPjsfb9mEtwKW4ndmHrGQbQa1RTck/16Nvuu/HnXFlBIjZ80hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM3e3esItZQTC8L8SMVMROuiHHCOMB8GA1UdIwQY MBaAFDgiepb6ZK2VJA8K7gvTdGRsa77iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYt ZDFjOWJhMDhmNTU5LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xY2Y5YWMtMTBkNC00YTVlLWE3MDYtZDFjOWJhMDhmNTU5 LzEvT0NKNmx2cGtyWlVrRHdydUM5TjBaR3hydnVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYMPwRKD lO8Qg88ZTTqjMpT0Zd3pQBxrG63Yv0KgPkSGWKSDtL8z7gJ1JQXuq78cm6moLEGM QbZPdvmxv1uDMYWlRE4Rc+mbxFbwAHiLj2+Mj8eKCbhCT+g6PxdP5sfcyLOshIw3 Us7Po02RApzqixg01CdUv5ZqVYGchJBbe00RbYlr5ep48iBRT4GP1wdA6yoqhFKm /LE5HAeySVZ4lwSFz36dH4PaAJLkkcwTDBShAcw6m8NIcMtfnzsY8WjEtQLul01s BNWNot9Tje6GGfeo3AcDy7bN32hKwOj9P79GaoEHChU9SFq18L6+yrYSovnzGgrS b7TQ/7/oATUtkg== -----END CERTIFICATE-----Generated at Sun Dec 7 07:03:06 2025 by rpki-client