This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft File: oQIHcvYouPtR80dRNrd_60smmL4.mft (raw, json) Hash identifier: 9CMDA3Xertn7kkqx4CakVZfYxNhL+DolHB9Ei33jBuQ= Subject key identifier: AE:74:B7:EE:5B:2A:E1:15:81:B9:1F:F8:82:72:88:6A:B1:08:7C:6F Authority key identifier: A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE Certificate issuer: /CN=a1020772f628b8fb51f3475136b77feb4b2698be Certificate serial: 019AF0BF46CECCEF0D8E6DAD74AB3652AD8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft Manifest number: 13A9 Signing time: Fri 05 Dec 2025 23:00:58 +0000 Manifest this update: Fri 05 Dec 2025 23:00:58 +0000 Manifest next update: Sat 06 Dec 2025 23:00:58 +0000 Files and hashes: 1: Xn7HlAmazqZObEY4Svfv4ZbMChM.roa (hash: 900LVbegyuqsxm1Su/VFGub5Wi1DlW68cWbr8g1USwo=) 2: oQIHcvYouPtR80dRNrd_60smmL4.crl (hash: Uz3bdmRtA/hEddOMPVK6fYETOs7oPtnWkGFV8BUQu94=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:46:ce:cc:ef:0d:8e:6d:ad:74:ab:36:52:ad:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1020772f628b8fb51f3475136b77feb4b2698be Validity Not Before: Dec 5 23:00:58 2025 GMT Not After : Dec 6 23:00:58 2025 GMT Subject: CN=ae74b7ee5b2ae11581b91ff88272886ab1087c6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a1:ee:e1:a3:4e:99:62:80:33:ef:c0:95:c9: df:fa:b6:4a:2f:62:63:7b:a7:70:05:4a:77:42:e4: a1:dd:83:53:07:4b:f6:99:fd:86:f1:8a:89:f1:74: 7d:04:ee:29:95:20:40:ec:64:d4:4c:19:b4:bd:1a: 82:b3:de:13:60:09:77:9a:56:91:0d:1d:f4:14:60: 5d:25:8c:10:9a:f9:f2:f9:07:8d:95:a1:18:ad:70: f9:72:ed:dc:ea:f8:65:d6:99:cb:66:9e:4f:e7:e9: 81:62:17:54:4e:95:bf:1c:00:62:0f:94:e2:37:2c: 54:f6:a7:64:c9:02:3c:dd:46:fc:50:7a:cc:e2:e2: 3c:5d:6d:5a:13:05:cc:5b:8b:d5:92:47:de:71:49: 05:34:dd:d2:ff:d5:da:57:8b:06:d2:b1:5f:bd:b1: 7c:7c:5b:94:35:20:c0:f4:2f:77:db:b1:f8:d0:1a: de:d0:94:93:a6:5e:f9:6c:ac:3c:b2:0b:86:92:ad: a2:e4:22:b3:08:72:8f:82:51:8e:19:b6:31:2e:47: 2b:1d:c6:32:a2:a2:6f:37:a8:d7:11:79:d6:78:39: 87:58:30:8f:af:97:f9:f5:ee:c3:82:a1:64:a4:13: 5a:10:1c:ad:db:e2:29:0e:bc:52:d5:6c:f1:82:44: df:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:74:B7:EE:5B:2A:E1:15:81:B9:1F:F8:82:72:88:6A:B1:08:7C:6F X509v3 Authority Key Identifier: keyid:A1:02:07:72:F6:28:B8:FB:51:F3:47:51:36:B7:7F:EB:4B:26:98:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQIHcvYouPtR80dRNrd_60smmL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/550431-6174-47d2-8bab-51af82965e33/1/oQIHcvYouPtR80dRNrd_60smmL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d1:6d:02:f1:cc:c3:6a:59:82:8a:07:4a:c4:0d:7a:8d:58:df: d4:07:56:83:99:78:e8:89:63:78:65:f7:04:68:07:6c:b0:5b: f3:ff:0a:af:e8:59:cc:49:ff:75:af:ca:f2:ee:5e:eb:56:29: b4:19:07:34:f9:0b:43:c6:43:a2:e4:24:bd:a1:34:af:e7:2d: 1e:b2:10:77:56:42:7f:ec:f3:e2:d1:c0:a8:9b:b2:27:80:e9: 0a:fa:0c:94:28:bb:a8:94:25:1e:52:18:99:4a:99:88:8c:11: a4:71:67:77:bf:eb:a5:e9:28:f0:38:83:e7:53:19:fb:6b:58: 10:cf:ae:6c:0e:e7:bc:a2:93:83:ec:2c:f8:c4:cb:92:43:77: 2d:bf:40:66:f1:51:d6:24:12:dc:3f:01:de:80:b6:d8:5f:24: b3:45:c0:ed:9d:71:59:a1:3b:d1:91:39:04:4c:35:b8:87:de: 78:57:77:c6:46:25:77:50:55:6c:7d:0b:b4:4a:f1:8c:2b:52: 9c:9c:f4:98:85:c8:4a:54:d9:d6:df:75:6b:26:b3:ec:d1:c6: 8c:71:0f:da:99:ee:51:ad:33:af:48:29:83:44:1c:8b:aa:3f: 90:51:5b:aa:4d:45:df:82:d8:3a:d1:27:ff:ed:3a:90:81:a0: 85:d1:a4:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv0bOzO8Njm2tdKs2Uq2PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMDIwNzcyZjYyOGI4ZmI1MWYzNDc1MTM2Yjc3ZmViNGIy Njk4YmUwHhcNMjUxMjA1MjMwMDU4WhcNMjUxMjA2MjMwMDU4WjAzMTEwLwYDVQQD EyhhZTc0YjdlZTViMmFlMTE1ODFiOTFmZjg4MjcyODg2YWIxMDg3YzZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqHu4aNOmWKAM+/Alcnf+rZKL2Jj e6dwBUp3QuSh3YNTB0v2mf2G8YqJ8XR9BO4plSBA7GTUTBm0vRqCs94TYAl3mlaR DR30FGBdJYwQmvny+QeNlaEYrXD5cu3c6vhl1pnLZp5P5+mBYhdUTpW/HABiD5Ti NyxU9qdkyQI83Ub8UHrM4uI8XW1aEwXMW4vVkkfecUkFNN3S/9XaV4sG0rFfvbF8 fFuUNSDA9C9327H40Bre0JSTpl75bKw8sguGkq2i5CKzCHKPglGOGbYxLkcrHcYy oqJvN6jXEXnWeDmHWDCPr5f59e7DgqFkpBNaEByt2+IpDrxS1WzxgkTfoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK50t+5bKuEVgbkf+IJyiGqxCHxvMB8GA1UdIwQY MBaAFKECB3L2KLj7UfNHUTa3f+tLJpi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWIt NTFhZjgyOTY1ZTMzLzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS81NTA0MzEtNjE3NC00N2QyLThiYWItNTFhZjgyOTY1ZTMz LzEvb1FJSGN2WW91UHRSODBkUk5yZF82MHNtbUw0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0W0C8czD almCigdKxA16jVjf1AdWg5l46IljeGX3BGgHbLBb8/8Kr+hZzEn/da/K8u5e61Yp tBkHNPkLQ8ZDouQkvaE0r+ctHrIQd1ZCf+zz4tHAqJuyJ4DpCvoMlCi7qJQlHlIY mUqZiIwRpHFnd7/rpeko8DiD51MZ+2tYEM+ubA7nvKKTg+ws+MTLkkN3Lb9AZvFR 1iQS3D8B3oC22F8ks0XA7Z1xWaE70ZE5BEw1uIfeeFd3xkYld1BVbH0LtErxjCtS nJz0mIXISlTZ1t91ayaz7NHGjHEP2pnuUa0zr0gpg0Qci6o/kFFbqk1F34LYOtEn /+06kIGghdGkag== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:56 2025 by rpki-client