This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft File: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json) Hash identifier: FfrekN58Q8bsvp6xdp7B70S8fDGGQ3JmolxtgbvPa78= Subject key identifier: 53:DA:04:27:B0:56:6F:CE:8E:8B:73:37:FB:59:45:CE:4A:DB:80:C6 Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1 Certificate issuer: /CN=38a19e640de1f452a7dc4abe786aa581342927b1 Certificate serial: 019AF12DDEBD0C851B9420579A5300C17337 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft Manifest number: 06A1 Signing time: Sat 06 Dec 2025 01:01:46 +0000 Manifest this update: Sat 06 Dec 2025 01:01:46 +0000 Manifest next update: Sun 07 Dec 2025 01:01:46 +0000 Files and hashes: 1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: g4v+wKMpUCyjID9cWJP3pZ6rBKtmj+YTJuGKcDUnQL4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:de:bd:0c:85:1b:94:20:57:9a:53:00:c1:73:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1 Validity Not Before: Dec 6 01:01:46 2025 GMT Not After : Dec 7 01:01:46 2025 GMT Subject: CN=53da0427b0566fce8e8b7337fb5945ce4adb80c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e5:a6:52:be:bc:99:3a:20:0d:c3:b1:da:16: b6:a7:00:a5:db:86:fc:b6:5c:5d:23:99:5b:4a:18: 90:93:c0:7c:89:47:74:8b:84:73:5e:97:1c:cb:53: a4:d5:9e:7f:4d:34:53:91:af:91:89:e0:05:59:88: 7d:58:bd:33:88:2b:f4:e3:89:71:5b:db:72:31:23: 3a:fb:83:e6:36:78:6a:f7:c3:40:ea:75:85:70:07: e0:54:ce:8c:94:ff:b3:a2:b9:4e:8a:1c:3f:26:e5: 5e:fb:f2:b7:73:1a:af:da:37:d8:a7:1b:b7:2f:a3: 58:ab:13:d2:cb:86:f1:91:7e:13:03:6c:66:33:d6: 6f:aa:12:79:ef:cb:2c:c0:3f:b6:ac:6f:32:8a:f6: b7:43:54:3c:50:df:4f:c1:f4:7f:d7:02:9a:12:0d: 56:55:2a:f3:f5:a7:d3:25:0e:ec:48:0b:73:d7:f8: be:b3:1a:3e:e9:d4:32:df:c4:e0:c6:30:3a:3a:2a: 7f:34:fc:45:08:fa:74:c2:12:4b:58:65:23:28:4f: 05:6c:6d:93:bb:15:42:8d:31:e3:79:6c:a5:55:72: 25:4d:9c:b2:c4:90:69:30:71:19:bd:0b:cb:25:03: 82:2a:ee:e1:bf:ae:d8:35:09:ab:00:d6:6c:3d:80: ac:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:DA:04:27:B0:56:6F:CE:8E:8B:73:37:FB:59:45:CE:4A:DB:80:C6 X509v3 Authority Key Identifier: keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:ba:2b:1c:34:91:7d:47:88:fb:eb:ca:5b:6d:1a:4f:60:1b: ef:5a:64:6f:89:70:40:3e:82:90:2c:87:a6:5d:d4:38:11:fc: 4a:0b:33:02:67:86:15:d9:dd:60:41:c1:7a:8d:46:c9:c3:f8: 06:5b:66:6c:c1:d8:6b:06:dd:e6:9d:b3:3a:f8:cf:e8:68:de: 84:10:38:f3:4a:3d:9e:f0:c8:d8:a1:88:4e:a1:9d:39:7a:c5: cc:4d:41:46:8e:4a:46:f4:d6:55:fc:3e:47:d7:53:5a:87:fb: 77:33:2c:fd:b6:37:a6:5f:ca:86:45:38:c2:b0:1f:1a:b6:3f: b8:d3:a5:29:a2:a2:db:00:88:6f:f7:94:54:01:40:a5:f1:14: af:1c:24:d8:0d:e7:ff:11:12:b2:2a:23:12:3f:3f:c2:71:c5: eb:5a:62:ee:e8:7c:76:9e:24:2f:8b:a6:08:b1:eb:f1:8f:64: 60:0a:d1:34:d3:ac:94:93:63:c0:81:43:ca:f2:a0:e2:f5:86: 92:6a:b4:8d:e1:02:ef:6f:c8:af:3d:ff:ac:a6:11:5c:2b:d4: da:b1:7c:9e:50:61:4d:6b:00:3e:65:79:29:dd:b9:bc:88:53: 64:24:11:d8:27:21:d6:ce:42:a2:50:3e:7b:b7:c5:67:b6:c5: b3:5e:3a:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLd69DIUblCBXmlMAwXM3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy OTI3YjEwHhcNMjUxMjA2MDEwMTQ2WhcNMjUxMjA3MDEwMTQ2WjAzMTEwLwYDVQQD Eyg1M2RhMDQyN2IwNTY2ZmNlOGU4YjczMzdmYjU5NDVjZTRhZGI4MGM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquWmUr68mTogDcOx2ha2pwCl24b8 tlxdI5lbShiQk8B8iUd0i4RzXpccy1Ok1Z5/TTRTka+RieAFWYh9WL0ziCv044lx W9tyMSM6+4PmNnhq98NA6nWFcAfgVM6MlP+zorlOihw/JuVe+/K3cxqv2jfYpxu3 L6NYqxPSy4bxkX4TA2xmM9ZvqhJ578sswD+2rG8yiva3Q1Q8UN9PwfR/1wKaEg1W VSrz9afTJQ7sSAtz1/i+sxo+6dQy38TgxjA6Oip/NPxFCPp0whJLWGUjKE8FbG2T uxVCjTHjeWylVXIlTZyyxJBpMHEZvQvLJQOCKu7hv67YNQmrANZsPYCsGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFPaBCewVm/OjotzN/tZRc5K24DGMB8GA1UdIwQY MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApborHDSR fUeI++vKW20aT2Ab71pkb4lwQD6CkCyHpl3UOBH8SgszAmeGFdndYEHBeo1GycP4 BltmbMHYawbd5p2zOvjP6GjehBA480o9nvDI2KGITqGdOXrFzE1BRo5KRvTWVfw+ R9dTWof7dzMs/bY3pl/KhkU4wrAfGrY/uNOlKaKi2wCIb/eUVAFApfEUrxwk2A3n /xESsiojEj8/wnHF61pi7uh8dp4kL4umCLHr8Y9kYArRNNOslJNjwIFDyvKg4vWG kmq0jeEC72/Irz3/rKYRXCvU2rF8nlBhTWsAPmV5Kd25vIhTZCQR2Cch1s5ColA+ e7fFZ7bFs146QA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:46:56 2025 by rpki-client