This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft File: Okj-BwTkrJXjpw6VvrhEJcMWua0.mft (raw, json) Hash identifier: eI8oivlLrZYNho74JzPKcskzfU8enWih6kj45E6C4Ek= Subject key identifier: 78:43:6F:BB:02:02:9D:2B:84:92:C6:AC:FD:14:30:64:CC:F7:06:DA Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Certificate serial: 019AF3C0CE3EA2DB1B1B60D0E80A59BF273C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft Manifest number: 127C Signing time: Sat 06 Dec 2025 13:01:30 +0000 Manifest this update: Sat 06 Dec 2025 13:01:30 +0000 Manifest next update: Sun 07 Dec 2025 13:01:30 +0000 Files and hashes: 1: Okj-BwTkrJXjpw6VvrhEJcMWua0.crl (hash: ld/LZlHHOmY6XgaWJ53fs0BCIsGb9Uodw4cj5T/4UI8=) 2: jBg4c1TddaMZ79OO2ACO6rgKQkE.roa (hash: vxMjeBuQHvoGxQ3EbvzgsnvZ7fj/adVRxxvAS0tcfsE=) 3: yN3-coe-yJTzFymhuWAPFUYAkF4.roa (hash: IPNSpgYWxN2jcOf0NhOGeg6e+K9d2+ZzIVVpZsFLZDI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:ce:3e:a2:db:1b:1b:60:d0:e8:0a:59:bf:27:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Validity Not Before: Dec 6 13:01:30 2025 GMT Not After : Dec 7 13:01:30 2025 GMT Subject: CN=78436fbb02029d2b8492c6acfd143064ccf706da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:4c:8c:b9:e1:58:4f:06:cf:22:e2:24:6b:26: 4b:56:98:b1:97:55:45:e9:97:ad:88:d5:44:67:93: 33:e7:f0:a3:5b:a0:b3:ce:99:0d:fa:4c:c2:7f:e1: e2:ec:27:73:52:21:c2:f1:38:2c:e2:16:e3:47:fb: e3:9f:31:9d:2d:68:a7:3d:ee:39:a9:d2:8f:84:47: be:8e:eb:06:be:f1:93:20:e9:fe:fd:c3:20:0c:d2: 34:11:2a:b1:f9:78:70:97:a9:1c:63:ae:d2:f3:0b: d4:4d:4b:b2:5e:7b:ea:38:fd:5b:ae:03:68:48:73: bb:8d:86:37:42:a8:5e:0c:16:6b:69:40:ff:ed:bd: a2:b2:92:1b:7c:28:e1:cb:18:c7:6f:fa:de:de:2c: 96:bf:27:a9:92:b6:bc:15:63:00:81:2a:e5:cf:65: 86:55:96:05:d7:52:5b:8a:e4:33:56:ca:20:36:fb: f1:79:02:6a:5d:be:eb:b6:32:46:b4:53:a5:fc:15: 2c:84:06:56:d1:ad:8c:3c:55:fd:67:1a:5f:da:15: cc:09:98:47:cb:78:eb:0a:2c:35:2b:03:01:b1:ff: 73:1f:42:ee:59:ba:20:24:4a:5f:42:f9:02:cf:ce: be:11:84:a8:d0:78:e9:e1:23:2e:01:5e:58:bb:ba: 38:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:43:6F:BB:02:02:9D:2B:84:92:C6:AC:FD:14:30:64:CC:F7:06:DA X509v3 Authority Key Identifier: keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:14:04:0d:20:7b:54:49:31:0f:a5:ab:2e:de:2c:9c:1f:ba: b3:52:ee:40:ce:97:d8:c1:ea:49:f1:15:34:68:11:76:ae:6d: 35:27:48:33:9a:8b:10:c5:23:1d:fb:c5:00:a1:1a:69:01:5c: 6d:39:8f:af:42:f0:71:6a:f2:fc:94:85:44:17:10:10:c9:c3: da:bb:6d:5b:8c:62:85:f5:3b:e6:62:1e:6e:1a:f3:2c:15:e9: b2:08:7e:1f:33:bc:4b:54:4e:91:21:b8:6c:5d:30:4e:85:8a: ef:2b:6e:7b:7d:0d:15:93:7e:41:2d:1b:bb:0b:a1:42:2f:12: e0:dc:98:45:d8:00:fd:bc:97:92:9c:ce:df:eb:63:8d:2f:36: 80:83:74:e5:b0:6c:52:4e:ba:e1:56:fb:a9:de:ff:16:53:c0: f5:ba:13:9e:0d:b2:6c:2c:06:75:57:4c:d6:b3:29:1d:f3:ff: 76:05:c0:6e:3a:97:9c:fc:ce:8e:ee:34:ee:71:74:c1:22:75: 81:44:22:9d:82:22:8e:d4:20:b8:ff:96:87:fb:b7:1f:3c:34: e0:8f:8d:5b:c9:d2:30:03:44:8e:91:14:d5:1e:7b:15:10:83: 95:7d:04:09:8c:1b:90:37:fa:20:0e:4d:81:4a:46:ad:88:49: 75:bc:de:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwM4+otsbG2DQ6ApZvyc8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx NmI5YWQwHhcNMjUxMjA2MTMwMTMwWhcNMjUxMjA3MTMwMTMwWjAzMTEwLwYDVQQD Eyg3ODQzNmZiYjAyMDI5ZDJiODQ5MmM2YWNmZDE0MzA2NGNjZjcwNmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUyMueFYTwbPIuIkayZLVpixl1VF 6ZetiNVEZ5Mz5/CjW6CzzpkN+kzCf+Hi7CdzUiHC8Tgs4hbjR/vjnzGdLWinPe45 qdKPhEe+jusGvvGTIOn+/cMgDNI0ESqx+Xhwl6kcY67S8wvUTUuyXnvqOP1brgNo SHO7jYY3QqheDBZraUD/7b2ispIbfCjhyxjHb/re3iyWvyepkra8FWMAgSrlz2WG VZYF11JbiuQzVsogNvvxeQJqXb7rtjJGtFOl/BUshAZW0a2MPFX9Zxpf2hXMCZhH y3jrCiw1KwMBsf9zH0LuWbogJEpfQvkCz86+EYSo0Hjp4SMuAV5Yu7o42QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhDb7sCAp0rhJLGrP0UMGTM9wbaMB8GA1UdIwQY MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt ZTEyM2U0ZTMwM2UxLzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRQEDSB7 VEkxD6WrLt4snB+6s1LuQM6X2MHqSfEVNGgRdq5tNSdIM5qLEMUjHfvFAKEaaQFc bTmPr0LwcWry/JSFRBcQEMnD2rttW4xihfU75mIebhrzLBXpsgh+HzO8S1ROkSG4 bF0wToWK7ytue30NFZN+QS0buwuhQi8S4NyYRdgA/byXkpzO3+tjjS82gIN05bBs Uk664Vb7qd7/FlPA9boTng2ybCwGdVdM1rMpHfP/dgXAbjqXnPzOju407nF0wSJ1 gUQinYIijtQguP+Wh/u3Hzw04I+NW8nSMANEjpEU1R57FRCDlX0ECYwbkDf6IA5N gUpGrYhJdbzebg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:27:39 2025 by rpki-client