This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft File: OkGxVaq20SKf00jqoD0PeQPxJno.mft (raw, json) Hash identifier: VzP6Qqdmo6Zq3HidCFS0oJUoVpxfpuHb8gWmxVf+fOo= Subject key identifier: 64:08:49:81:F3:F3:0B:94:8E:97:62:27:F2:06:19:B7:F4:4E:28:F1 Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a Certificate serial: 019AF352421963F54C6387E2F50E75F517A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft Manifest number: 1269 Signing time: Sat 06 Dec 2025 11:00:45 +0000 Manifest this update: Sat 06 Dec 2025 11:00:45 +0000 Manifest next update: Sun 07 Dec 2025 11:00:45 +0000 Files and hashes: 1: DUYlFbh6FULGzgdthf_PMDp6hOU.roa (hash: JR7UbEi2bM6dLHHY3xrq1gui3NHbn1GkWRWkFGTRYw0=) 2: OkGxVaq20SKf00jqoD0PeQPxJno.crl (hash: C/n7WSMfTdX86lf3b7cRMoLHyj4+7wVrtFUD+v+yrV8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:42:19:63:f5:4c:63:87:e2:f5:0e:75:f5:17:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a Validity Not Before: Dec 6 11:00:45 2025 GMT Not After : Dec 7 11:00:45 2025 GMT Subject: CN=64084981f3f30b948e976227f20619b7f44e28f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ac:05:36:db:ca:0e:9c:45:2e:0a:c6:7a:95: 89:0c:5f:ec:c8:80:29:07:5e:f6:62:ce:bc:90:5f: 6f:a5:3e:68:45:7b:2e:0e:e1:17:8e:34:c9:41:16: 2c:d0:43:de:f3:67:87:69:1b:77:f0:ae:23:06:c0: 9f:ef:89:35:0a:c8:a3:57:ec:a6:7c:ee:c6:ef:5b: 29:a7:4e:56:46:7a:05:1a:06:91:e9:4a:dd:49:ee: 89:61:79:a1:5a:dd:df:86:d3:c8:ee:94:a0:d6:88: 5c:07:e7:7a:61:35:e2:70:7b:f5:04:ca:13:a3:90: ee:56:24:0b:8f:fd:45:58:a4:78:b1:73:57:f7:87: 1a:27:1a:62:fd:4b:97:68:04:50:f9:f5:a6:ee:a0: 4f:f0:1c:ce:08:d7:af:d4:3d:ff:74:f6:89:60:29: 69:b7:6f:6f:8d:90:b7:f2:3e:0b:c1:b2:84:f7:58: c5:ba:f1:8a:94:a4:8f:2d:ee:4b:9e:fa:f8:8a:45: 63:3f:98:6d:bb:79:d6:ad:9e:bd:51:16:ce:00:ee: 45:d4:67:ba:7c:1c:6f:95:54:52:a4:b8:29:1c:82: 6b:bb:44:2b:95:6a:f8:30:a3:ec:54:3e:df:a4:62: 60:b9:8b:59:7e:bf:71:d7:4c:21:e5:89:02:85:1d: d2:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:08:49:81:F3:F3:0B:94:8E:97:62:27:F2:06:19:B7:F4:4E:28:F1 X509v3 Authority Key Identifier: keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:0d:85:3d:b3:d6:47:30:7f:fa:0c:d9:5e:10:1d:c5:a5:35: 99:f6:cd:4a:70:c6:8b:10:7e:11:13:54:54:a5:58:28:63:e6: be:ad:0c:15:da:df:70:e8:67:a6:4f:95:a7:97:22:99:3a:ce: a4:d1:f2:30:05:88:b3:32:85:33:49:ed:37:87:63:b6:56:ea: b3:c8:97:5e:76:91:37:fe:49:33:af:31:34:81:48:bd:17:7b: 31:bc:29:9c:b9:de:11:48:eb:fc:51:27:ad:da:ec:88:1f:b6: f6:18:1d:41:b2:a1:b9:90:20:ff:4b:79:0f:bc:92:ca:19:48: 82:ab:8d:02:2f:a4:96:80:52:53:36:c9:99:45:45:76:35:49: fc:a9:1f:0b:ef:fa:82:9a:d8:e8:2b:4e:6d:41:65:cc:a1:dd: 2a:45:4c:60:b8:bf:cd:8b:4c:95:42:dc:f7:14:8f:a0:ba:ab: c1:06:b5:2e:7a:4e:51:38:3f:d9:49:4c:86:af:21:27:4b:b8: 48:02:92:86:40:5c:4d:e1:8d:31:f6:cb:79:19:6c:82:d3:71: 75:8c:ec:db:93:29:4d:6f:d0:04:8a:5a:97:ef:c8:59:69:3c: 20:bd:c6:c4:bf:31:78:a4:25:c5:f9:15:b1:b4:3e:eb:3c:63: 2f:56:2f:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUkIZY/VMY4fi9Q519RelMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm MTI2N2EwHhcNMjUxMjA2MTEwMDQ1WhcNMjUxMjA3MTEwMDQ1WjAzMTEwLwYDVQQD Eyg2NDA4NDk4MWYzZjMwYjk0OGU5NzYyMjdmMjA2MTliN2Y0NGUyOGYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqwFNtvKDpxFLgrGepWJDF/syIAp B172Ys68kF9vpT5oRXsuDuEXjjTJQRYs0EPe82eHaRt38K4jBsCf74k1CsijV+ym fO7G71spp05WRnoFGgaR6UrdSe6JYXmhWt3fhtPI7pSg1ohcB+d6YTXicHv1BMoT o5DuViQLj/1FWKR4sXNX94caJxpi/UuXaARQ+fWm7qBP8BzOCNev1D3/dPaJYClp t29vjZC38j4LwbKE91jFuvGKlKSPLe5Lnvr4ikVjP5htu3nWrZ69URbOAO5F1Ge6 fBxvlVRSpLgpHIJru0QrlWr4MKPsVD7fpGJguYtZfr9x10wh5YkChR3ScQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGQISYHz8wuUjpdiJ/IGGbf0TijxMB8GA1UdIwQY MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt MmIzYjRjNzgwNDE5LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5 LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACg2FPbPW RzB/+gzZXhAdxaU1mfbNSnDGixB+ERNUVKVYKGPmvq0MFdrfcOhnpk+Vp5cimTrO pNHyMAWIszKFM0ntN4djtlbqs8iXXnaRN/5JM68xNIFIvRd7MbwpnLneEUjr/FEn rdrsiB+29hgdQbKhuZAg/0t5D7ySyhlIgquNAi+kloBSUzbJmUVFdjVJ/KkfC+/6 gprY6CtObUFlzKHdKkVMYLi/zYtMlULc9xSPoLqrwQa1LnpOUTg/2UlMhq8hJ0u4 SAKShkBcTeGNMfbLeRlsgtNxdYzs25MpTW/QBIpal+/IWWk8IL3GxL8xeKQlxfkV sbQ+6zxjL1YvOQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:00:56 2025 by rpki-client