This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json) Hash identifier: iiqX7Ldd2yBHiBYvBvwXM3NT1SCcrq5xhOFsLmZBr8I= Subject key identifier: 98:CF:4E:6C:65:0D:C7:9E:72:9F:D1:20:AA:84:D0:C1:DA:F2:2B:36 Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Certificate serial: 019AF0BF3D419E1833A0EA19614F40E565DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft Manifest number: 0A57 Signing time: Fri 05 Dec 2025 23:00:56 +0000 Manifest this update: Fri 05 Dec 2025 23:00:56 +0000 Manifest next update: Sat 06 Dec 2025 23:00:56 +0000 Files and hashes: 1: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: 88lwWCf2M1YSer0xmkczgJUDLTFV7is2k3f6pZlNpts=) 2: vPivcilO-E_vThnuw1Jbeo7vl7Q.roa (hash: ue62obgrVIotq1vJM56av/nq50vzkGkDbEL5zd0kvpg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:3d:41:9e:18:33:a0:ea:19:61:4f:40:e5:65:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Validity Not Before: Dec 5 23:00:56 2025 GMT Not After : Dec 6 23:00:56 2025 GMT Subject: CN=98cf4e6c650dc79e729fd120aa84d0c1daf22b36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:b0:ba:80:60:50:9a:43:31:66:cb:f7:75:01: 48:92:ba:59:0c:88:fc:f8:b4:4a:36:0f:83:2b:35: eb:58:ae:4a:6e:81:9e:56:31:65:57:66:c1:da:59: 9b:cb:5f:18:62:c7:bf:a2:21:d9:ba:96:e3:57:04: cf:d1:e2:8e:29:97:6f:d0:19:bd:6a:33:f3:62:39: dc:d0:97:a4:09:b5:59:c6:c4:2a:c5:a3:59:22:e9: 7f:64:79:d0:be:47:0c:7f:06:83:b0:02:9f:26:35: fc:2c:cf:c4:12:a7:61:07:44:b3:ac:15:8f:a7:12: 21:ad:33:6a:00:dc:0a:89:ec:be:52:6e:03:8a:3c: 62:6a:6c:8b:af:f8:c0:0a:cc:04:b6:56:07:70:78: 6d:2f:28:ad:34:02:42:37:21:dc:f9:27:dc:11:e4: 7d:7d:d8:78:24:b0:e6:04:31:d0:da:36:0d:0c:de: e9:6e:06:eb:99:51:c2:5e:3e:88:a4:c6:21:55:1e: f5:98:0b:7e:e4:aa:f5:3f:6f:e5:bc:31:3d:dd:8c: 63:4e:6c:ec:75:65:1f:8b:af:21:12:01:b3:62:ba: 52:f4:67:f4:e3:bc:ff:4f:aa:4d:34:c9:0b:3e:99: 26:fd:0a:8f:45:ba:c3:46:f1:d3:32:5c:c0:f1:20: a2:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:CF:4E:6C:65:0D:C7:9E:72:9F:D1:20:AA:84:D0:C1:DA:F2:2B:36 X509v3 Authority Key Identifier: keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:ef:d9:fe:c5:dd:37:77:45:32:b3:37:17:cd:64:be:c0:51: 00:5e:1a:a1:c9:19:3b:85:a9:e0:50:30:24:48:22:3f:d3:45: 2a:2b:41:2f:43:81:67:21:04:68:9d:63:d7:aa:da:89:c9:07: b2:14:ec:1f:40:e0:49:42:04:15:99:d9:08:3f:a1:d7:7f:35: 27:2c:ba:6d:06:b8:36:7e:ea:66:8a:6d:41:88:fd:87:89:6c: 04:8b:5d:57:bf:32:9e:c5:e9:6a:ff:57:3b:6a:c7:c2:09:00: fa:db:ad:75:3a:b2:06:23:68:de:68:b7:3d:ba:b0:e3:e2:52: 16:45:08:f9:4f:32:01:fe:c4:0a:f5:4f:7a:3c:5e:23:7d:77: ee:16:93:e8:70:a9:c7:1f:6d:af:db:58:6e:90:00:50:b6:d4: 83:c7:60:07:ed:02:5f:5c:8c:a7:d6:c3:2e:9d:2f:c1:9d:e1: 8d:00:31:85:a4:9a:3e:4a:1f:f7:99:d6:66:7f:36:fc:6e:ff: 08:2c:e0:33:8d:aa:1e:67:a5:50:00:32:85:7b:e3:e2:a8:ba: 6a:cb:09:c9:8b:cd:ad:c3:a3:2c:2c:07:d4:df:1c:d1:bc:98: b1:95:00:4f:74:7a:99:74:33:81:10:75:2d:b3:28:59:e1:3b: b8:d0:fb:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvz1BnhgzoOoZYU9A5WXfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw N2VlZjIwHhcNMjUxMjA1MjMwMDU2WhcNMjUxMjA2MjMwMDU2WjAzMTEwLwYDVQQD Eyg5OGNmNGU2YzY1MGRjNzllNzI5ZmQxMjBhYTg0ZDBjMWRhZjIyYjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbC6gGBQmkMxZsv3dQFIkrpZDIj8 +LRKNg+DKzXrWK5KboGeVjFlV2bB2lmby18YYse/oiHZupbjVwTP0eKOKZdv0Bm9 ajPzYjnc0JekCbVZxsQqxaNZIul/ZHnQvkcMfwaDsAKfJjX8LM/EEqdhB0SzrBWP pxIhrTNqANwKiey+Um4DijxiamyLr/jACswEtlYHcHhtLyitNAJCNyHc+SfcEeR9 fdh4JLDmBDHQ2jYNDN7pbgbrmVHCXj6IpMYhVR71mAt+5Kr1P2/lvDE93YxjTmzs dWUfi68hEgGzYrpS9Gf047z/T6pNNMkLPpkm/QqPRbrDRvHTMlzA8SCi4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJjPTmxlDceecp/RIKqE0MHa8is2MB8GA1UdIwQY MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhO/Z/sXd N3dFMrM3F81kvsBRAF4aockZO4Wp4FAwJEgiP9NFKitBL0OBZyEEaJ1j16raickH shTsH0DgSUIEFZnZCD+h1381Jyy6bQa4Nn7qZoptQYj9h4lsBItdV78ynsXpav9X O2rHwgkA+tutdTqyBiNo3mi3Pbqw4+JSFkUI+U8yAf7ECvVPejxeI3137haT6HCp xx9tr9tYbpAAULbUg8dgB+0CX1yMp9bDLp0vwZ3hjQAxhaSaPkof95nWZn82/G7/ CCzgM42qHmelUAAyhXvj4qi6assJyYvNrcOjLCwH1N8c0byYsZUAT3R6mXQzgRB1 LbMoWeE7uND7Eg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:53:26 2025 by rpki-client