This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft File: oqodRGKTg8rfx1F9733ikpWuObQ.mft (raw, json) Hash identifier: dxmPAZH73bEFpQrG6xAuD5dz85UcH8fB0oAirka09Nk= Subject key identifier: 92:07:D4:EF:7A:40:56:AB:7D:A9:6E:7A:CC:D2:2E:72:F6:B5:86:63 Authority key identifier: A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4 Certificate issuer: /CN=a2aa1d44629383cadfc7517def7de29295ae39b4 Certificate serial: 019AF3C09B35D0C5B609247586F8B7814A26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft Manifest number: 0ED8 Signing time: Sat 06 Dec 2025 13:01:17 +0000 Manifest this update: Sat 06 Dec 2025 13:01:17 +0000 Manifest next update: Sun 07 Dec 2025 13:01:17 +0000 Files and hashes: 1: oqodRGKTg8rfx1F9733ikpWuObQ.crl (hash: CqnhKxkh8Ka5jELcCfWIgKi7RJonC6w8boMJ7glrsbc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:9b:35:d0:c5:b6:09:24:75:86:f8:b7:81:4a:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2aa1d44629383cadfc7517def7de29295ae39b4 Validity Not Before: Dec 6 13:01:17 2025 GMT Not After : Dec 7 13:01:17 2025 GMT Subject: CN=9207d4ef7a4056ab7da96e7accd22e72f6b58663 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:66:7f:8b:70:c2:86:5d:1d:df:12:e2:a2:7a: 30:bb:be:72:ae:20:62:05:96:ff:8a:39:99:35:dc: c9:ed:1e:c7:cc:bf:37:78:ce:f4:ba:9e:0b:f8:db: c2:1a:95:8b:ff:12:6c:57:0d:bf:ae:eb:c2:dc:de: dd:c2:bd:83:62:18:7f:b1:21:6f:23:07:15:bd:22: 5f:99:e3:5c:67:81:a2:38:44:77:55:01:c8:87:eb: c7:30:54:f9:c0:04:cf:53:62:b4:80:85:59:03:03: 3d:41:f3:30:d5:f9:fb:d2:bd:2d:1d:27:be:34:b8: 8b:cf:05:4a:45:97:34:29:22:6a:34:eb:18:92:8f: cd:81:fe:42:4c:f2:52:f2:68:7c:cd:85:9b:8e:e7: 06:6f:93:0d:76:11:89:39:ca:d2:5b:10:9a:a8:35: 65:c6:43:cb:31:4e:4a:32:80:d0:a5:5d:dd:7c:c1: ee:72:0d:b0:ec:32:a1:5f:4f:e4:32:a1:01:cd:a0: 4b:cf:38:3c:90:ce:1f:95:71:33:09:c0:3a:f3:7a: 63:2e:a2:ed:6b:fa:04:59:7e:a8:b5:e5:4c:d7:fc: 62:03:b7:2b:09:33:89:c5:49:56:8f:f2:5b:df:a5: a3:9d:93:d7:23:4f:17:32:80:13:18:b3:0d:0c:11: 8e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:07:D4:EF:7A:40:56:AB:7D:A9:6E:7A:CC:D2:2E:72:F6:B5:86:63 X509v3 Authority Key Identifier: keyid:A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:5d:d6:ad:a1:94:61:dc:74:f7:22:6a:d3:1a:18:06:d7:3c: 55:23:82:5d:5d:a5:9b:59:c0:56:40:8d:b3:96:28:ea:69:28: a2:2a:de:75:f2:a8:1f:c8:bb:73:cd:4c:2f:92:02:3b:c9:b7: 70:19:13:b9:d5:e9:be:9a:38:c9:96:12:29:ce:21:23:4a:f1: 07:43:61:6d:a4:f4:67:f8:8c:c9:25:87:91:0e:6d:cd:23:08: c8:fb:b3:26:37:c9:d9:1d:82:68:cd:95:0b:7d:5a:02:6d:b1: 66:2e:42:c4:dc:42:0c:08:32:a6:a1:b5:a9:3b:77:99:2b:87: 5e:b9:58:67:41:8b:d5:ea:ee:16:8b:74:5b:6a:e0:1d:99:9b: d2:e9:f9:b3:fe:e8:94:07:81:2c:b4:e2:79:38:9b:b0:e8:6f: 37:fd:92:5c:b6:ec:7b:c4:76:bc:82:6d:15:52:ef:87:f5:89: cb:2b:57:87:0a:13:22:6b:27:04:cf:21:8a:34:4e:59:8a:17: b0:3b:ef:e4:58:9d:2d:01:aa:c3:a5:3f:3f:56:59:13:58:18: 83:4d:c2:da:55:64:fa:99:3a:bb:e9:6a:e9:1c:2b:ec:eb:28: f2:26:34:68:6b:27:84:47:4d:d7:60:b2:84:e9:f0:ef:c1:ef: 0b:97:36:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwJs10MW2CSR1hvi3gUomMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYWExZDQ0NjI5MzgzY2FkZmM3NTE3ZGVmN2RlMjkyOTVh ZTM5YjQwHhcNMjUxMjA2MTMwMTE3WhcNMjUxMjA3MTMwMTE3WjAzMTEwLwYDVQQD Eyg5MjA3ZDRlZjdhNDA1NmFiN2RhOTZlN2FjY2QyMmU3MmY2YjU4NjYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGZ/i3DChl0d3xLionowu75yriBi BZb/ijmZNdzJ7R7HzL83eM70up4L+NvCGpWL/xJsVw2/ruvC3N7dwr2DYhh/sSFv IwcVvSJfmeNcZ4GiOER3VQHIh+vHMFT5wATPU2K0gIVZAwM9QfMw1fn70r0tHSe+ NLiLzwVKRZc0KSJqNOsYko/Ngf5CTPJS8mh8zYWbjucGb5MNdhGJOcrSWxCaqDVl xkPLMU5KMoDQpV3dfMHucg2w7DKhX0/kMqEBzaBLzzg8kM4flXEzCcA683pjLqLt a/oEWX6oteVM1/xiA7crCTOJxUlWj/Jb36WjnZPXI08XMoATGLMNDBGOwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJIH1O96QFarfalueszSLnL2tYZjMB8GA1UdIwQY MBaAFKKqHURik4PK38dRfe994pKVrjm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUt NzQ5MTc1YjE3OGYxLzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUtNzQ5MTc1YjE3OGYx LzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgV3WraGU Ydx09yJq0xoYBtc8VSOCXV2lm1nAVkCNs5Yo6mkooiredfKoH8i7c81ML5ICO8m3 cBkTudXpvpo4yZYSKc4hI0rxB0NhbaT0Z/iMySWHkQ5tzSMIyPuzJjfJ2R2CaM2V C31aAm2xZi5CxNxCDAgypqG1qTt3mSuHXrlYZ0GL1eruFot0W2rgHZmb0un5s/7o lAeBLLTieTibsOhvN/2SXLbse8R2vIJtFVLvh/WJyytXhwoTImsnBM8hijROWYoX sDvv5FidLQGqw6U/P1ZZE1gYg03C2lVk+pk6u+lq6Rwr7Oso8iY0aGsnhEdN12Cy hOnw78HvC5c2iQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:50:20 2025 by rpki-client