This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.mft File: oaLRWp2N_ezej-awwYBNCp7i5ig.mft (raw, json) Hash identifier: Fku0ZdSOnhxdbTP5laLYd8tgxPRUN76OGuRI2PWP9uw= Subject key identifier: 08:90:D6:B5:9B:5E:EA:61:88:B9:6D:32:2F:2D:36:7D:75:10:CC:47 Authority key identifier: A1:A2:D1:5A:9D:8D:FD:EC:DE:8F:E6:B0:C1:80:4D:0A:9E:E2:E6:28 Certificate issuer: /CN=a1a2d15a9d8dfdecde8fe6b0c1804d0a9ee2e628 Certificate serial: 019AF49BE44FD9C45C8A036F648CF2E484CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLRWp2N_ezej-awwYBNCp7i5ig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.mft Manifest number: 11FD Signing time: Sat 06 Dec 2025 17:00:48 +0000 Manifest this update: Sat 06 Dec 2025 17:00:48 +0000 Manifest next update: Sun 07 Dec 2025 17:00:48 +0000 Files and hashes: 1: g8PGSyPYHcwtTKtN52pgkwL2VLw.roa (hash: d/0R1T8TL/elS7S9V2dPYN7wq40xN73ObdYQKEckxT4=) 2: oaLRWp2N_ezej-awwYBNCp7i5ig.crl (hash: zLKOuUeUttYJV8jKRE7E0YEbd5UWVdyWUIwjXzZA6qI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.crl rsync://rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.mft rsync://rpki.ripe.net/repository/DEFAULT/oaLRWp2N_ezej-awwYBNCp7i5ig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:e4:4f:d9:c4:5c:8a:03:6f:64:8c:f2:e4:84:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1a2d15a9d8dfdecde8fe6b0c1804d0a9ee2e628 Validity Not Before: Dec 6 17:00:48 2025 GMT Not After : Dec 7 17:00:48 2025 GMT Subject: CN=0890d6b59b5eea6188b96d322f2d367d7510cc47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:01:9a:20:e4:b5:4c:0a:7c:38:d5:7b:70:14: 3e:7d:1d:85:bf:78:ed:6c:0e:bc:93:f9:ac:54:65: aa:47:38:00:f7:50:ea:e1:c7:0a:3e:0d:12:e9:2b: 5f:3f:e8:03:4c:a5:d4:d3:0a:2a:cb:a8:24:1a:5f: 6e:23:13:8f:6a:fc:cc:62:85:af:92:c6:51:8d:bf: 92:16:10:24:88:05:20:ee:5d:e4:86:8d:61:2f:ff: 18:b3:9f:a4:58:79:ac:8e:73:e6:6d:ef:85:19:64: cf:ff:29:f2:43:97:16:b3:36:39:02:fc:49:d1:e0: 73:a7:87:96:96:cc:8c:d7:fa:02:7b:b5:6c:26:7d: 3f:f0:03:53:ec:a8:f0:04:85:5d:f5:47:b5:1e:a6: 39:65:00:06:e6:33:5f:48:de:72:89:5f:5d:1b:c3: 50:a1:cf:61:c5:bc:77:42:cb:04:3a:c4:92:b0:bb: da:13:e0:eb:f3:e0:27:32:c6:e5:fb:6d:29:71:b9: 8b:f6:a5:eb:7b:4f:01:9b:b0:a1:27:98:60:3a:66: 0f:40:69:c9:10:97:83:2f:d6:bd:53:cc:f2:2b:e4: 3d:2e:7e:22:2a:bb:a8:1e:f7:31:f3:c9:2f:d3:6c: 58:32:c5:b1:e2:38:3a:35:63:8f:c2:30:70:b6:29: 0e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:90:D6:B5:9B:5E:EA:61:88:B9:6D:32:2F:2D:36:7D:75:10:CC:47 X509v3 Authority Key Identifier: keyid:A1:A2:D1:5A:9D:8D:FD:EC:DE:8F:E6:B0:C1:80:4D:0A:9E:E2:E6:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLRWp2N_ezej-awwYBNCp7i5ig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b640a6-7ecd-420b-86ed-86d194ae8a71/1/oaLRWp2N_ezej-awwYBNCp7i5ig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:3d:86:33:d0:6e:68:e6:31:de:58:d5:a3:47:a4:57:f0:ab: 08:53:48:c5:03:01:c1:4b:27:e6:be:8d:84:7e:68:fd:4b:fc: ed:7d:f4:f3:48:3f:c1:30:d0:ff:6c:0a:70:63:42:b3:eb:59: a0:07:22:bb:01:01:21:d1:29:d2:b5:60:be:3a:90:bf:8e:fe: a1:ec:0e:fa:2f:58:a8:4e:e1:60:79:00:bb:c5:1e:ef:7b:f1: ad:e4:0e:30:16:e3:d0:ce:2c:a9:eb:e0:ac:5e:db:96:04:0f: 04:7d:d9:f0:00:31:2e:f5:0b:36:92:8e:6f:63:01:cb:ce:64: 60:4f:97:4c:87:ff:ea:ae:5c:38:56:55:24:12:a6:f5:5c:06: 90:6f:8d:d1:2b:5e:4c:c3:05:79:7a:2a:ee:a1:62:d2:a7:9d: 55:aa:84:35:fb:04:ad:68:57:cb:aa:0a:d8:40:1d:00:fe:f9: e1:51:07:5f:cc:9e:f2:04:b2:2a:91:b9:c5:6e:d1:24:21:d0: 59:ee:c8:86:1e:ec:a5:8f:04:c4:81:06:a6:76:32:d0:77:31: 34:e0:a9:a8:7b:d4:cd:e9:e5:19:4a:cf:30:e6:ab:de:e3:41: ec:34:48:38:2f:ff:f0:97:6d:8d:56:38:73:32:3a:5b:84:b3: 30:c3:eb:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m+RP2cRcigNvZIzy5ITOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExYTJkMTVhOWQ4ZGZkZWNkZThmZTZiMGMxODA0ZDBhOWVl MmU2MjgwHhcNMjUxMjA2MTcwMDQ4WhcNMjUxMjA3MTcwMDQ4WjAzMTEwLwYDVQQD EygwODkwZDZiNTliNWVlYTYxODhiOTZkMzIyZjJkMzY3ZDc1MTBjYzQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wGaIOS1TAp8ONV7cBQ+fR2Fv3jt bA68k/msVGWqRzgA91Dq4ccKPg0S6StfP+gDTKXU0woqy6gkGl9uIxOPavzMYoWv ksZRjb+SFhAkiAUg7l3kho1hL/8Ys5+kWHmsjnPmbe+FGWTP/ynyQ5cWszY5AvxJ 0eBzp4eWlsyM1/oCe7VsJn0/8ANT7KjwBIVd9Ue1HqY5ZQAG5jNfSN5yiV9dG8NQ oc9hxbx3QssEOsSSsLvaE+Dr8+AnMsbl+20pcbmL9qXre08Bm7ChJ5hgOmYPQGnJ EJeDL9a9U8zyK+Q9Ln4iKruoHvcx88kv02xYMsWx4jg6NWOPwjBwtikO2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAiQ1rWbXuphiLltMi8tNn11EMxHMB8GA1UdIwQY MBaAFKGi0Vqdjf3s3o/msMGATQqe4uYoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2FMUldwMk5fZXplai1hd3dZQk5DcDdpNWlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iNjQwYTYtN2VjZC00MjBiLTg2ZWQt ODZkMTk0YWU4YTcxLzEvb2FMUldwMk5fZXplai1hd3dZQk5DcDdpNWlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9iNjQwYTYtN2VjZC00MjBiLTg2ZWQtODZkMTk0YWU4YTcx LzEvb2FMUldwMk5fZXplai1hd3dZQk5DcDdpNWlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALD2GM9Bu aOYx3ljVo0ekV/CrCFNIxQMBwUsn5r6NhH5o/Uv87X3080g/wTDQ/2wKcGNCs+tZ oAciuwEBIdEp0rVgvjqQv47+oewO+i9YqE7hYHkAu8Ue73vxreQOMBbj0M4sqevg rF7blgQPBH3Z8AAxLvULNpKOb2MBy85kYE+XTIf/6q5cOFZVJBKm9VwGkG+N0Ste TMMFeXoq7qFi0qedVaqENfsErWhXy6oK2EAdAP754VEHX8ye8gSyKpG5xW7RJCHQ We7Ihh7spY8ExIEGpnYy0HcxNOCpqHvUzenlGUrPMOar3uNB7DRIOC//8JdtjVY4 czI6W4SzMMPrqw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:07:38 2025 by rpki-client