This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json) Hash identifier: /SPCeCvfMrI/W78G4gv23k7Nq9gGSMTFnbJfFsayLy4= Subject key identifier: 4B:FD:0C:0C:5E:8F:94:41:99:83:CA:7F:1A:6B:07:BD:77:26:C1:79 Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Certificate serial: 019AF1D1E29F1F88386FA6030048FC6AED49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft Manifest number: 127B Signing time: Sat 06 Dec 2025 04:00:55 +0000 Manifest this update: Sat 06 Dec 2025 04:00:55 +0000 Manifest next update: Sun 07 Dec 2025 04:00:55 +0000 Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: fwyoGRHxsRkjep0v/bxVgeglLt/lTk8GkiG0VxI2sMY=) 2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=) 3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:e2:9f:1f:88:38:6f:a6:03:00:48:fc:6a:ed:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Validity Not Before: Dec 6 04:00:55 2025 GMT Not After : Dec 7 04:00:55 2025 GMT Subject: CN=4bfd0c0c5e8f94419983ca7f1a6b07bd7726c179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:72:c3:93:33:f3:ea:d8:be:d1:10:49:9f:82: f2:5e:a8:d7:b8:26:bb:b2:bf:c8:9f:75:ef:9f:16: dc:12:d2:a6:22:2e:71:45:cd:d3:11:d5:ab:18:13: cd:95:a2:85:e5:8d:b0:a5:04:55:43:3e:95:19:32: ab:78:2b:95:28:90:ba:05:66:42:4f:62:65:e7:aa: 99:09:a3:f3:c5:b6:04:81:30:1d:15:0a:15:8d:83: a3:8a:01:79:e9:42:eb:da:85:9f:16:40:bf:e0:da: 35:92:f6:4f:28:00:f1:1c:10:db:16:32:3a:d5:ae: 6b:f2:03:55:ce:f6:b3:f0:cb:d9:ae:4f:60:e6:a0: 02:9b:3d:d7:9d:59:6b:b3:50:97:41:b1:9e:21:a8: 01:6e:ed:5c:d3:54:18:95:06:d5:7e:3f:38:53:f6: f8:28:10:4b:bd:dc:11:82:58:dc:a2:b7:3f:bc:1e: 45:47:28:f4:50:bc:31:9f:b4:0f:0f:00:cf:b6:89: b6:3d:b3:6a:a1:89:df:91:c0:0a:e2:7d:f1:e2:60: 8d:cb:d9:1d:d0:19:b9:01:1c:c8:da:0b:41:0b:1f: 13:fa:96:69:4b:01:76:d7:46:9b:43:02:2b:0e:8c: 67:ea:f7:9c:5c:44:8b:ad:cd:6b:6a:ac:41:82:6c: f2:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:FD:0C:0C:5E:8F:94:41:99:83:CA:7F:1A:6B:07:BD:77:26:C1:79 X509v3 Authority Key Identifier: keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e1:86:64:ab:c4:da:5e:84:9b:48:57:7b:07:d3:01:42:dc:8f: cd:bb:74:82:8d:d7:86:0c:25:e4:0a:97:14:56:3f:34:07:28: 55:ef:84:71:30:7c:ff:f4:e0:4f:89:56:60:16:51:4d:16:0d: 33:a9:44:93:27:cb:5f:61:53:76:87:61:9c:27:64:8e:0f:ad: 65:ca:aa:3b:41:b3:11:40:3e:bb:e5:53:c6:c7:93:f2:9f:f4: ab:e7:8e:57:f9:aa:ed:3b:d2:b2:8e:50:61:b0:40:30:2f:3f: 5e:7a:aa:67:c8:09:0e:5e:39:e6:ef:be:32:21:79:63:74:1d: ad:d6:9c:1b:6e:da:71:34:d5:4e:68:a0:37:fd:c5:a8:de:cb: 3a:ac:f7:da:78:fe:00:a4:26:14:31:5a:cc:0a:33:5e:4c:24: f2:42:a6:8b:62:e7:6d:39:f2:99:05:e6:ad:c3:50:49:99:b8: ae:92:b0:fa:b0:3d:e8:d6:db:eb:8c:53:b6:eb:79:13:74:2c: bb:ba:63:7f:10:1e:3a:60:3c:4c:84:46:24:ea:8f:c4:a9:45: 76:ed:91:b9:df:8c:64:87:2d:3f:fc:3c:8e:70:f5:45:48:f9: 96:7a:fd:ed:d6:87:a3:09:3a:a3:a8:68:26:16:45:42:40:23: 7f:4c:25:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0eKfH4g4b6YDAEj8au1JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx NmI5YWQwHhcNMjUxMjA2MDQwMDU1WhcNMjUxMjA3MDQwMDU1WjAzMTEwLwYDVQQD Eyg0YmZkMGMwYzVlOGY5NDQxOTk4M2NhN2YxYTZiMDdiZDc3MjZjMTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonLDkzPz6ti+0RBJn4LyXqjXuCa7 sr/In3XvnxbcEtKmIi5xRc3TEdWrGBPNlaKF5Y2wpQRVQz6VGTKreCuVKJC6BWZC T2Jl56qZCaPzxbYEgTAdFQoVjYOjigF56ULr2oWfFkC/4No1kvZPKADxHBDbFjI6 1a5r8gNVzvaz8MvZrk9g5qACmz3XnVlrs1CXQbGeIagBbu1c01QYlQbVfj84U/b4 KBBLvdwRgljcorc/vB5FRyj0ULwxn7QPDwDPtom2PbNqoYnfkcAK4n3x4mCNy9kd 0Bm5ARzI2gtBCx8T+pZpSwF210abQwIrDoxn6vecXESLrc1raqxBgmzyAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEv9DAxej5RBmYPKfxprB713JsF5MB8GA1UdIwQY MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4YZkq8Ta XoSbSFd7B9MBQtyPzbt0go3Xhgwl5AqXFFY/NAcoVe+EcTB8//TgT4lWYBZRTRYN M6lEkyfLX2FTdodhnCdkjg+tZcqqO0GzEUA+u+VTxseT8p/0q+eOV/mq7TvSso5Q YbBAMC8/XnqqZ8gJDl455u++MiF5Y3QdrdacG27acTTVTmigN/3FqN7LOqz32nj+ AKQmFDFazAozXkwk8kKmi2LnbTnymQXmrcNQSZm4rpKw+rA96Nbb64xTtut5E3Qs u7pjfxAeOmA8TIRGJOqPxKlFdu2Rud+MZIctP/w8jnD1RUj5lnr97daHowk6o6ho JhZFQkAjf0wluA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:52:03 2025 by rpki-client