This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft File: oUx52o8IwpnEYya3m55CTkmmh1s.mft (raw, json) Hash identifier: b0j4VEUcrSICicoeT/Sx1bMjCnLpkl/8fw8rrIGBjIo= Subject key identifier: 69:05:08:9D:75:D0:D8:31:F6:30:11:24:27:C3:00:78:FB:3B:25:B6 Authority key identifier: A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B Certificate issuer: /CN=a14c79da8f08c299c46326b79b9e424e49a6875b Certificate serial: 019AF50AE813EC870372E6F96ADC40F8BA53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft Manifest number: 16F3 Signing time: Sat 06 Dec 2025 19:02:03 +0000 Manifest this update: Sat 06 Dec 2025 19:02:03 +0000 Manifest next update: Sun 07 Dec 2025 19:02:03 +0000 Files and hashes: 1: oUx52o8IwpnEYya3m55CTkmmh1s.crl (hash: dOKEN+gQOIeOotSITFi3RjZV5dFhtXyir1D8rGLLkF0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:e8:13:ec:87:03:72:e6:f9:6a:dc:40:f8:ba:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a14c79da8f08c299c46326b79b9e424e49a6875b Validity Not Before: Dec 6 19:02:03 2025 GMT Not After : Dec 7 19:02:03 2025 GMT Subject: CN=6905089d75d0d831f630112427c30078fb3b25b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:16:82:7a:af:7d:ed:ef:02:70:a8:c5:da:8c: bb:d9:e5:dc:8c:cc:f0:fb:0d:16:d3:c4:08:bb:c6: b6:5f:64:f5:58:99:84:13:6a:1a:7c:9f:5e:e5:8c: 60:11:34:39:b1:85:75:fd:25:1c:c8:eb:83:21:c2: 14:08:b5:de:b0:62:e6:67:ba:8f:2c:50:67:2a:70: b6:2c:41:5c:b3:3c:c2:91:3c:bf:1b:c6:d1:79:38: fc:d8:60:ae:17:38:67:9d:3a:ea:b5:12:ad:cc:4f: ae:0b:0e:82:da:67:cd:4d:8f:28:61:45:5c:a7:90: 58:a8:25:6e:33:83:b6:1e:ab:62:92:19:2e:d1:be: 97:af:08:56:19:11:de:de:bf:02:0a:02:c6:d0:ad: ee:68:42:2c:72:c6:7d:91:c5:a3:b1:f5:88:ad:33: 2a:51:8c:26:19:5d:f0:8d:35:04:7e:60:2b:fa:9c: 36:51:be:ad:21:2c:19:32:a1:b9:f3:8b:47:c4:47: b0:8f:9d:86:56:5f:99:af:7c:16:ba:ac:f4:68:ee: 62:7c:4b:4b:30:07:56:a6:b6:a7:48:a8:89:72:91: f5:a4:9e:63:85:b6:8d:5e:a0:a0:4f:8e:18:fc:75: b7:11:46:80:44:36:68:7c:fd:c2:02:64:d8:74:92: e3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:05:08:9D:75:D0:D8:31:F6:30:11:24:27:C3:00:78:FB:3B:25:B6 X509v3 Authority Key Identifier: keyid:A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:a7:48:15:c6:ab:1b:81:d2:76:26:6c:65:9c:f0:86:eb:23: 17:4e:8d:3f:fb:04:60:55:3e:47:88:ea:19:31:b4:88:a4:24: 74:d6:be:d7:77:48:6b:db:63:7f:73:c1:12:34:18:a3:75:1c: 9e:7e:2c:57:27:2c:c9:fe:55:7d:fe:3b:ae:96:53:f2:0c:ab: 33:6d:10:16:1a:96:52:bf:0e:4c:a1:4a:51:7e:8b:6c:6a:af: 54:a7:3e:6f:45:3c:c1:49:b7:bf:39:09:c6:a4:c0:af:53:c9: 84:59:11:25:79:cf:00:cc:a8:0d:97:d4:b8:2e:7d:99:d2:74: 35:d6:d4:dd:90:89:c2:37:5b:66:8c:7e:0d:c2:cd:4f:d6:24: b3:71:13:b3:40:2a:bb:73:fd:94:a9:f9:88:67:9a:4b:ee:d5: c4:f2:15:69:69:35:d0:87:44:3a:ee:9b:b1:9a:57:5b:00:f2: aa:15:38:03:23:eb:99:7e:24:c5:1c:bd:10:eb:a6:65:f4:cb: 8a:b2:e6:7f:a6:ed:fe:74:42:a7:bd:b6:89:f3:0d:50:80:23: 9d:bb:3c:1e:ec:de:e2:0b:fc:b1:7e:a2:5f:4d:47:61:d5:f4: 79:f7:40:74:f0:65:e2:bd:10:35:fb:c5:6a:07:8e:a7:76:de: 67:08:3b:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CugT7IcDcub5atxA+LpTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNGM3OWRhOGYwOGMyOTljNDYzMjZiNzliOWU0MjRlNDlh Njg3NWIwHhcNMjUxMjA2MTkwMjAzWhcNMjUxMjA3MTkwMjAzWjAzMTEwLwYDVQQD Eyg2OTA1MDg5ZDc1ZDBkODMxZjYzMDExMjQyN2MzMDA3OGZiM2IyNWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BaCeq997e8CcKjF2oy72eXcjMzw +w0W08QIu8a2X2T1WJmEE2oafJ9e5YxgETQ5sYV1/SUcyOuDIcIUCLXesGLmZ7qP LFBnKnC2LEFcszzCkTy/G8bReTj82GCuFzhnnTrqtRKtzE+uCw6C2mfNTY8oYUVc p5BYqCVuM4O2Hqtikhku0b6XrwhWGRHe3r8CCgLG0K3uaEIscsZ9kcWjsfWIrTMq UYwmGV3wjTUEfmAr+pw2Ub6tISwZMqG584tHxEewj52GVl+Zr3wWuqz0aO5ifEtL MAdWpranSKiJcpH1pJ5jhbaNXqCgT44Y/HW3EUaARDZofP3CAmTYdJLjtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGkFCJ110Ngx9jARJCfDAHj7OyW2MB8GA1UdIwQY MBaAFKFMedqPCMKZxGMmt5ueQk5JpodbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDkt ZDRjOTdmZjZlMTFlLzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDktZDRjOTdmZjZlMTFl LzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiKdIFcar G4HSdiZsZZzwhusjF06NP/sEYFU+R4jqGTG0iKQkdNa+13dIa9tjf3PBEjQYo3Uc nn4sVycsyf5Vff47rpZT8gyrM20QFhqWUr8OTKFKUX6LbGqvVKc+b0U8wUm3vzkJ xqTAr1PJhFkRJXnPAMyoDZfUuC59mdJ0NdbU3ZCJwjdbZox+DcLNT9Yks3ETs0Aq u3P9lKn5iGeaS+7VxPIVaWk10IdEOu6bsZpXWwDyqhU4AyPrmX4kxRy9EOumZfTL irLmf6bt/nRCp722ifMNUIAjnbs8Huze4gv8sX6iX01HYdX0efdAdPBl4r0QNfvF ageOp3beZwg7fg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:34:25 2025 by rpki-client