This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json) Hash identifier: MRbenmGhFA7t2PXRi51o+vnQ0QVCdEcTTMMcPGH7aCc= Subject key identifier: BA:7D:12:F0:CB:2F:F1:8F:1B:91:E7:0F:A6:23:32:BD:63:D6:BB:12 Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb Certificate serial: 019AF577BAE8F30534FD608C058D32C9679D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft Manifest number: 16C9 Signing time: Sat 06 Dec 2025 21:00:55 +0000 Manifest this update: Sat 06 Dec 2025 21:00:55 +0000 Manifest next update: Sun 07 Dec 2025 21:00:55 +0000 Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=) 2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: 8hCmLT41uZURwKiPJvw3izNEc1F0tCVu3z7NNRsEaFw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:ba:e8:f3:05:34:fd:60:8c:05:8d:32:c9:67:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb Validity Not Before: Dec 6 21:00:55 2025 GMT Not After : Dec 7 21:00:55 2025 GMT Subject: CN=ba7d12f0cb2ff18f1b91e70fa62332bd63d6bb12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:4d:8c:7d:e2:94:82:52:f9:ce:0c:49:ef:31: 80:cf:9c:e1:8f:03:ff:83:f7:96:69:8c:86:e1:f5: 8a:0b:d4:8f:ca:b7:46:97:44:25:44:88:5c:65:f5: 2a:1d:66:a3:7d:52:be:c0:23:4a:b2:c6:1b:a2:5d: f7:ba:e3:15:9e:66:2e:f4:e4:10:97:4a:e0:8b:19: ae:19:3a:11:9f:7b:72:21:2d:ce:29:2d:c4:6a:37: 08:a3:d6:8f:40:e3:13:14:f7:4b:28:64:a8:f5:bf: 0e:b7:44:a2:06:7b:ff:00:dd:3d:bc:97:96:30:c7: 21:88:00:5f:a0:54:9f:d9:97:0d:b6:c9:7c:1a:b8: a8:fc:dc:3f:49:2f:1d:b0:00:b4:5f:d1:ba:d1:bb: c7:aa:ff:63:e1:df:e3:71:27:32:95:e1:54:2e:41: ff:71:9c:9b:0a:6d:4e:90:f8:bb:32:67:b0:5e:56: 45:cd:06:7d:2e:55:fd:df:8a:44:aa:c1:63:30:d8: 15:d5:e7:03:3a:66:02:31:b7:60:a8:df:aa:15:d4: e7:5e:95:26:cc:6e:68:82:29:45:c8:87:46:79:08: a6:cd:fd:d1:23:95:86:a7:03:08:86:82:97:b5:0d: bd:c0:d3:d7:bc:45:c9:70:d4:92:13:19:17:69:67: 01:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:7D:12:F0:CB:2F:F1:8F:1B:91:E7:0F:A6:23:32:BD:63:D6:BB:12 X509v3 Authority Key Identifier: keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:fb:d4:6b:78:9e:c1:b7:db:d7:23:ec:70:fe:6a:75:07:2d: 1c:0a:62:59:47:b0:93:8b:ba:dc:30:e3:e0:5f:0f:a4:bd:82: fb:12:73:c4:f4:ed:8f:d6:5f:43:79:5d:62:4e:58:d6:c5:ef: 0f:1b:a9:b2:a8:54:4a:4c:81:3b:db:39:b2:3d:1a:8f:1e:60: b9:42:42:47:40:75:79:d9:56:1d:b0:c3:7a:2b:1d:15:90:ac: e9:8f:62:4d:1f:9c:57:d5:03:f9:de:29:c7:b3:a5:8e:91:b3: 55:e9:62:59:7d:5d:99:dd:e9:61:20:e5:92:5f:0a:6e:13:70: 6f:ea:ba:d6:34:d6:29:4a:e8:9b:4c:ec:f5:94:3f:61:df:85: cb:b7:e6:f9:52:c1:e4:57:35:90:98:1c:83:a5:61:94:5f:eb: f4:c3:39:45:79:e7:9e:ca:b2:a3:b2:57:00:0e:56:1f:76:45: 67:94:b3:9b:a1:6c:ec:4c:11:c4:5d:a2:6d:12:c1:70:bc:4d: 22:e8:83:b7:7d:06:8e:12:a8:ad:0d:c3:e7:96:fb:a3:03:c7: d1:95:09:5e:27:1e:67:be:b9:ad:76:e1:ed:da:cf:f0:3e:19: e9:04:27:57:5e:14:cc:73:44:70:09:b6:15:f8:89:5d:b5:4a: 83:54:5c:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d7ro8wU0/WCMBY0yyWedMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3 OTE5ZmIwHhcNMjUxMjA2MjEwMDU1WhcNMjUxMjA3MjEwMDU1WjAzMTEwLwYDVQQD EyhiYTdkMTJmMGNiMmZmMThmMWI5MWU3MGZhNjIzMzJiZDYzZDZiYjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk02MfeKUglL5zgxJ7zGAz5zhjwP/ g/eWaYyG4fWKC9SPyrdGl0QlRIhcZfUqHWajfVK+wCNKssYbol33uuMVnmYu9OQQ l0rgixmuGToRn3tyIS3OKS3EajcIo9aPQOMTFPdLKGSo9b8Ot0SiBnv/AN09vJeW MMchiABfoFSf2ZcNtsl8Grio/Nw/SS8dsAC0X9G60bvHqv9j4d/jcScyleFULkH/ cZybCm1OkPi7MmewXlZFzQZ9LlX934pEqsFjMNgV1ecDOmYCMbdgqN+qFdTnXpUm zG5ogilFyIdGeQimzf3RI5WGpwMIhoKXtQ29wNPXvEXJcNSSExkXaWcB5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLp9EvDLL/GPG5HnD6YjMr1j1rsSMB8GA1UdIwQY MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvvUa3ie wbfb1yPscP5qdQctHApiWUewk4u63DDj4F8PpL2C+xJzxPTtj9ZfQ3ldYk5Y1sXv DxupsqhUSkyBO9s5sj0ajx5guUJCR0B1edlWHbDDeisdFZCs6Y9iTR+cV9UD+d4p x7OljpGzVeliWX1dmd3pYSDlkl8KbhNwb+q61jTWKUrom0zs9ZQ/Yd+Fy7fm+VLB 5Fc1kJgcg6VhlF/r9MM5RXnnnsqyo7JXAA5WH3ZFZ5Szm6Fs7EwRxF2ibRLBcLxN IuiDt30GjhKorQ3D55b7owPH0ZUJXiceZ765rXbh7drP8D4Z6QQnV14UzHNEcAm2 FfiJXbVKg1RcFQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:30:50 2025 by rpki-client