This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft File: oNki4v4kvSzaeToqrcEzYlAM2bE.mft (raw, json) Hash identifier: NSZZ8R5/JR7zQaUEDEtnq8IXfn2TglHvkPVNUxmgUw4= Subject key identifier: AD:8C:0D:DE:F8:40:1F:6B:84:BB:56:9E:2D:FC:D1:77:0E:78:B7:0A Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1 Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1 Certificate serial: 019B356973AB9B9A7CD6C0037DE11E3842E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft Manifest number: 0D87 Signing time: Fri 19 Dec 2025 07:01:01 +0000 Manifest this update: Fri 19 Dec 2025 07:01:01 +0000 Manifest next update: Sat 20 Dec 2025 07:01:01 +0000 Files and hashes: 1: QU8GopeOlHwkTprCT-S3aTgX93c.roa (hash: wdEn+nBxYgSylw1Zt9va3XXWns8S/pGLaLLxEZ/5irY=) 2: oNki4v4kvSzaeToqrcEzYlAM2bE.crl (hash: j+gJzSn7e3whYEiDcvoQRgZIFRMnhhW5fCyt3zDlM6o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:73:ab:9b:9a:7c:d6:c0:03:7d:e1:1e:38:42:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1 Validity Not Before: Dec 19 07:01:01 2025 GMT Not After : Dec 20 07:01:01 2025 GMT Subject: CN=ad8c0ddef8401f6b84bb569e2dfcd1770e78b70a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:1c:86:a9:cf:bf:16:03:e4:38:c7:30:b8:be: 41:07:0e:3d:6a:34:d8:54:12:55:c5:a6:2a:5e:61: c2:b9:1a:62:5d:57:01:36:39:e8:a8:15:30:ff:3a: 63:8a:c7:c7:17:d8:8a:0b:b8:96:7e:8f:fb:24:9a: 39:a7:2c:11:a5:4c:ed:8e:64:57:c1:f0:90:a3:71: b4:bc:e5:52:fa:e4:dc:86:98:28:7d:1d:a3:ad:95: c0:b1:2e:07:dc:d2:e5:79:d3:66:3e:6a:49:64:9a: 77:b8:58:0c:38:2b:af:55:03:a1:e3:01:41:59:44: e8:f2:9b:65:ce:f7:2c:79:76:42:96:6f:27:a9:ca: be:11:e3:34:8f:58:82:cf:ed:36:6b:85:0f:93:f6: 97:34:7f:6c:9a:2c:33:3d:2a:73:aa:f8:0e:dd:46: 62:79:54:ef:c7:03:8a:ef:16:ff:0c:af:6c:57:1f: 8d:36:b3:7a:e4:92:83:5c:87:82:c5:8b:a0:9a:6a: ec:a6:1b:90:a2:71:80:a0:0c:8d:69:b7:d4:f3:6e: 1f:44:07:1b:c7:7e:a9:1a:2a:5e:b7:c3:94:38:e8: 7c:88:6e:b3:8a:8f:36:99:75:45:83:16:42:c2:37: 47:84:f2:45:de:8e:65:e7:98:29:62:e4:ee:2f:24: f2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:8C:0D:DE:F8:40:1F:6B:84:BB:56:9E:2D:FC:D1:77:0E:78:B7:0A X509v3 Authority Key Identifier: keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:20:a7:4f:d2:d6:af:fa:b6:30:2b:e9:be:d5:da:b3:f6:19: f3:70:8f:8a:82:16:90:e1:14:b6:2a:23:39:d0:b1:af:1a:9a: 9d:87:78:c7:00:b5:53:85:1a:d2:5d:9c:1b:20:1d:74:ef:98: 19:be:f8:dc:e1:df:c1:01:8d:89:ac:91:91:26:68:55:eb:8b: f1:7e:a0:df:94:25:d1:a7:cb:93:89:17:ea:5b:f5:b5:39:de: c7:d8:ab:36:19:eb:cd:9c:d4:7b:5c:74:d2:ae:a4:7f:ea:4b: 9f:8b:45:a3:87:8a:ab:f6:4e:5a:19:95:21:b8:b3:4e:e7:66: 3d:54:0a:80:9f:2c:53:8a:6e:6d:93:4d:ca:a3:dc:ae:5c:f3: 03:bf:43:1d:b7:f7:d4:14:93:b1:02:ec:bf:e6:b9:f7:35:78: b8:af:11:52:49:d9:e4:f3:2d:2d:8e:b4:b2:6f:7d:ef:ac:f5: a6:6e:f9:94:2f:3e:40:bb:00:4b:ae:b0:6a:c7:32:4b:0c:c9: 00:22:29:b1:95:f4:4a:0e:d7:c1:ba:40:6d:31:2d:ae:25:b7: 68:bd:33:61:c2:0b:ad:00:c3:be:4c:6e:04:2e:5f:b6:6e:12: cf:5e:d0:52:00:37:b5:99:77:df:44:b6:ad:e6:18:73:23:1d: d3:48:96:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aXOrm5p81sADfeEeOELnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw Y2Q5YjEwHhcNMjUxMjE5MDcwMTAxWhcNMjUxMjIwMDcwMTAxWjAzMTEwLwYDVQQD EyhhZDhjMGRkZWY4NDAxZjZiODRiYjU2OWUyZGZjZDE3NzBlNzhiNzBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RyGqc+/FgPkOMcwuL5BBw49ajTY VBJVxaYqXmHCuRpiXVcBNjnoqBUw/zpjisfHF9iKC7iWfo/7JJo5pywRpUztjmRX wfCQo3G0vOVS+uTchpgofR2jrZXAsS4H3NLledNmPmpJZJp3uFgMOCuvVQOh4wFB WUTo8ptlzvcseXZClm8nqcq+EeM0j1iCz+02a4UPk/aXNH9smiwzPSpzqvgO3UZi eVTvxwOK7xb/DK9sVx+NNrN65JKDXIeCxYugmmrsphuQonGAoAyNabfU824fRAcb x36pGipet8OUOOh8iG6zio82mXVFgxZCwjdHhPJF3o5l55gpYuTuLyTylQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK2MDd74QB9rhLtWni380XcOeLcKMB8GA1UdIwQY MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt NGE2YWNlMjZiOTcyLzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABCCnT9LW r/q2MCvpvtXas/YZ83CPioIWkOEUtiojOdCxrxqanYd4xwC1U4Ua0l2cGyAddO+Y Gb743OHfwQGNiayRkSZoVeuL8X6g35Ql0afLk4kX6lv1tTnex9irNhnrzZzUe1x0 0q6kf+pLn4tFo4eKq/ZOWhmVIbizTudmPVQKgJ8sU4pubZNNyqPcrlzzA79DHbf3 1BSTsQLsv+a59zV4uK8RUknZ5PMtLY60sm9976z1pm75lC8+QLsAS66wascySwzJ ACIpsZX0Sg7XwbpAbTEtriW3aL0zYcILrQDDvkxuBC5ftm4Sz17QUgA3tZl330S2 reYYcyMd00iWYw== -----END CERTIFICATE-----Generated at Fri Dec 19 16:21:34 2025 by rpki-client