This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json) Hash identifier: fpFX+L+0FGAYmEKqE8Z9+YE/4f2LdHTDj9i8erYqhH0= Subject key identifier: D3:91:87:1A:3B:05:69:46:92:8D:2E:CE:99:A2:C6:0F:CE:C5:45:6E Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11 Certificate serial: 019AF464CDD82256A5C6CAF6EDC57A95B077 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft Manifest number: 0A9A Signing time: Sat 06 Dec 2025 16:00:38 +0000 Manifest this update: Sat 06 Dec 2025 16:00:38 +0000 Manifest next update: Sun 07 Dec 2025 16:00:38 +0000 Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: JuQXdVUWXFLzpiJVylrUReRXKUZfx7Y+t6FMeAoEp/w=) 2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:cd:d8:22:56:a5:c6:ca:f6:ed:c5:7a:95:b0:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11 Validity Not Before: Dec 6 16:00:38 2025 GMT Not After : Dec 7 16:00:38 2025 GMT Subject: CN=d391871a3b056946928d2ece99a2c60fcec5456e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c4:8c:38:17:2e:40:5c:d7:38:0e:0e:8d:55: 01:90:b9:5f:0a:b1:00:cd:f9:73:5d:c3:0b:0d:98: 2c:97:6a:84:5d:e7:43:98:90:73:96:bb:ec:34:c9: 2b:53:29:b2:24:0d:05:95:00:e6:4f:94:89:5b:f5: db:f7:72:45:97:f8:8b:82:1d:02:57:70:43:72:94: 1b:3a:1b:df:84:b7:b0:92:9b:2f:b4:76:71:9a:ce: 19:70:85:39:58:15:71:cd:05:86:62:f4:7e:0c:92: 11:62:3b:4f:74:19:ab:cc:da:bc:eb:f9:ba:8e:ef: bb:08:21:68:e5:ae:41:d4:0f:bd:c3:d4:71:ff:c8: fe:ee:37:27:f0:f8:26:62:40:7a:32:c4:83:d2:6c: 0e:47:7e:20:aa:5f:32:64:17:07:e2:1c:b0:bd:3c: 5f:ce:54:e5:b7:0f:32:37:38:c8:df:9b:57:33:1e: c2:89:49:c9:a7:9a:08:90:d6:98:fd:a9:bf:11:aa: e0:7c:02:da:23:0a:b4:09:c1:fa:d8:ca:d2:ee:b8: 67:70:12:68:3d:ba:65:2a:e0:cb:a3:ea:57:d3:cd: 98:ab:6a:ab:c7:49:d7:b1:8c:99:d9:91:a1:74:92: df:c1:a5:e5:ae:0b:70:54:9e:89:37:39:db:a9:4c: d2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:91:87:1A:3B:05:69:46:92:8D:2E:CE:99:A2:C6:0F:CE:C5:45:6E X509v3 Authority Key Identifier: keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:7e:77:7c:df:90:1a:ce:fc:c5:a2:79:2a:2a:e3:3a:12:62: bc:2c:d4:55:8f:fd:6e:13:3d:ad:44:93:2b:87:da:4c:e9:86: ef:2e:ab:b6:da:96:71:8d:56:ea:6c:e4:84:2d:d8:6d:99:bd: 6a:d1:b7:33:78:cd:27:6f:03:a2:f2:8a:8c:bd:02:73:83:54: 2d:22:2f:19:b3:75:6a:45:d7:fd:1a:6a:fa:da:03:e9:bc:5f: 2c:e7:d3:5d:f6:bd:a5:1b:a5:50:03:3f:1b:48:80:4a:cf:2f: 27:92:a0:c4:e9:21:90:30:f6:8b:f4:97:ee:dd:40:f2:b5:bc: dd:05:a4:44:4a:7d:3b:30:98:68:5d:fe:52:fd:d7:a2:7e:37: 76:87:b3:f9:a2:30:ba:50:79:c7:76:f6:c6:db:70:ad:c7:83: a7:3b:f2:56:17:89:8d:81:1a:88:27:b0:28:08:79:27:4c:86: 57:11:12:63:35:d5:36:b7:7c:b9:aa:8d:e0:28:75:39:96:98: aa:87:5a:7c:4d:40:2f:8f:71:39:3c:22:fc:e7:0e:4c:63:a7: 05:c9:cc:2e:98:54:98:13:5a:96:af:17:7e:89:32:c5:65:f6: 6a:6a:73:89:04:a7:2e:3d:11:d7:63:1b:9e:a2:7e:b2:65:9b: 16:50:4d:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZM3YIlalxsr27cV6lbB3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi ZWJiMTEwHhcNMjUxMjA2MTYwMDM4WhcNMjUxMjA3MTYwMDM4WjAzMTEwLwYDVQQD EyhkMzkxODcxYTNiMDU2OTQ2OTI4ZDJlY2U5OWEyYzYwZmNlYzU0NTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMSMOBcuQFzXOA4OjVUBkLlfCrEA zflzXcMLDZgsl2qEXedDmJBzlrvsNMkrUymyJA0FlQDmT5SJW/Xb93JFl/iLgh0C V3BDcpQbOhvfhLewkpsvtHZxms4ZcIU5WBVxzQWGYvR+DJIRYjtPdBmrzNq86/m6 ju+7CCFo5a5B1A+9w9Rx/8j+7jcn8PgmYkB6MsSD0mwOR34gql8yZBcH4hywvTxf zlTltw8yNzjI35tXMx7CiUnJp5oIkNaY/am/EargfALaIwq0CcH62MrS7rhncBJo PbplKuDLo+pX082Yq2qrx0nXsYyZ2ZGhdJLfwaXlrgtwVJ6JNznbqUzSfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNORhxo7BWlGko0uzpmixg/OxUVuMB8GA1UdIwQY MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmH53fN+Q Gs78xaJ5KirjOhJivCzUVY/9bhM9rUSTK4faTOmG7y6rttqWcY1W6mzkhC3YbZm9 atG3M3jNJ28DovKKjL0Cc4NULSIvGbN1akXX/Rpq+toD6bxfLOfTXfa9pRulUAM/ G0iASs8vJ5KgxOkhkDD2i/SX7t1A8rW83QWkREp9OzCYaF3+Uv3Xon43doez+aIw ulB5x3b2xttwrceDpzvyVheJjYEaiCewKAh5J0yGVxESYzXVNrd8uaqN4Ch1OZaY qodafE1AL49xOTwi/OcOTGOnBcnMLphUmBNalq8XfokyxWX2ampziQSnLj0R12Mb nqJ+smWbFlBNCA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:45:53 2025 by rpki-client