This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft File: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json) Hash identifier: fqPZ35KeKZ2tHoixr4diBgKg8+tPVPcW5neCFMhPMes= Subject key identifier: 44:33:D0:9C:B7:5B:7B:56:01:5A:E3:89:49:0C:FE:A8:20:9A:4F:00 Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE Certificate issuer: /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce Certificate serial: 019AF23FEEFD67CA1B15FA1AA364EFC8F220 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft Manifest number: 06E3 Signing time: Sat 06 Dec 2025 06:01:07 +0000 Manifest this update: Sat 06 Dec 2025 06:01:07 +0000 Manifest next update: Sun 07 Dec 2025 06:01:07 +0000 Files and hashes: 1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: LaLqxGViGZxlgwtQ5vYx3p7BQG95+xJReYczotZaW7Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:ee:fd:67:ca:1b:15:fa:1a:a3:64:ef:c8:f2:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce Validity Not Before: Dec 6 06:01:07 2025 GMT Not After : Dec 7 06:01:07 2025 GMT Subject: CN=4433d09cb75b7b56015ae389490cfea8209a4f00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:96:78:51:31:df:6a:a8:b4:b1:7d:09:d2:00: ec:fc:57:12:a9:f1:3d:85:c8:de:55:60:4c:6d:f9: 98:6e:9d:bb:08:2d:f9:c0:53:49:16:96:33:d2:4e: 5a:7a:d9:54:a1:cf:ab:9e:39:d4:1d:4f:db:d5:dc: 65:b8:7a:bf:01:b3:d9:cc:94:49:a7:0d:22:ec:31: e8:77:cb:83:e0:96:08:fe:bd:c3:ad:5a:b6:ba:12: bf:8f:02:83:f3:d2:a4:cb:4e:a1:f5:17:58:db:e8: 24:e9:6a:a8:5c:dd:e6:45:cb:45:5f:d0:de:29:95: 4d:e3:5f:4e:02:bf:3d:85:87:a6:fd:1c:db:87:78: 6c:39:42:71:dc:b4:7e:3f:90:2e:ae:3c:73:f4:b2: bf:16:d1:b3:2a:67:7e:4e:aa:70:af:15:07:86:29: 63:84:cc:81:b6:ce:01:5d:d0:ad:fd:76:7c:42:c3: ed:2a:26:b7:de:3c:43:73:6b:20:ce:74:7e:41:cf: 98:26:b3:ff:5f:c1:16:8d:68:d5:c5:8e:6f:87:61: 35:20:fe:81:92:7f:a2:a1:bc:13:c1:0b:bf:d4:11: f4:92:fb:76:cc:4a:19:f5:9e:f4:50:42:1c:54:1e: 4f:3b:59:de:86:21:d2:a0:7a:72:65:a8:6e:36:bc: fb:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:33:D0:9C:B7:5B:7B:56:01:5A:E3:89:49:0C:FE:A8:20:9A:4F:00 X509v3 Authority Key Identifier: keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:87:4b:c1:84:97:59:7f:3c:b9:5f:47:7c:7c:2d:21:33:72: ac:c9:ce:53:9d:a9:83:82:e7:be:fb:60:7f:be:22:e6:af:60: 30:04:58:f5:62:a7:4a:42:fe:4d:80:31:4d:c0:52:33:d6:66: 82:83:36:30:19:cc:b2:45:df:4c:fe:f7:7b:61:ad:a1:a6:aa: b1:e4:a3:d7:03:97:b5:2a:a5:86:9c:f7:ef:3e:a4:a9:8f:fa: ff:72:8b:db:f4:38:6e:e2:05:18:21:ba:99:4f:00:87:52:3b: 56:27:ad:0f:e3:03:bf:27:eb:3c:80:03:8a:19:78:08:71:1b: 1a:bf:3d:95:06:de:6a:52:10:0f:ff:e5:57:00:cc:74:cb:c2: d4:17:f3:5c:eb:51:ce:cf:2d:9a:d8:d4:ad:48:e0:17:a3:5f: b2:70:8f:19:1d:10:5b:a6:0c:16:37:0f:cd:dc:9b:7b:3a:53: 78:1b:50:23:46:c7:86:67:a2:f6:5a:37:32:95:19:bb:c5:7f: 12:e2:75:d1:cb:28:7d:e6:8a:47:e1:34:1d:20:fb:5f:b8:fe: 36:a8:41:80:c8:b8:b0:fe:cc:50:43:f3:1e:9d:38:9d:e3:43: 08:00:4c:7e:43:da:22:da:75:84:53:da:6d:8d:13:47:33:2c: c4:aa:78:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP+79Z8obFfoao2TvyPIgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3 ZDYyY2UwHhcNMjUxMjA2MDYwMTA3WhcNMjUxMjA3MDYwMTA3WjAzMTEwLwYDVQQD Eyg0NDMzZDA5Y2I3NWI3YjU2MDE1YWUzODk0OTBjZmVhODIwOWE0ZjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpZ4UTHfaqi0sX0J0gDs/FcSqfE9 hcjeVWBMbfmYbp27CC35wFNJFpYz0k5aetlUoc+rnjnUHU/b1dxluHq/AbPZzJRJ pw0i7DHod8uD4JYI/r3DrVq2uhK/jwKD89Kky06h9RdY2+gk6WqoXN3mRctFX9De KZVN419OAr89hYem/Rzbh3hsOUJx3LR+P5Aurjxz9LK/FtGzKmd+TqpwrxUHhilj hMyBts4BXdCt/XZ8QsPtKia33jxDc2sgznR+Qc+YJrP/X8EWjWjVxY5vh2E1IP6B kn+iobwTwQu/1BH0kvt2zEoZ9Z70UEIcVB5PO1nehiHSoHpyZahuNrz7PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEQz0Jy3W3tWAVrjiUkM/qggmk8AMB8GA1UdIwQY MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVYdLwYSX WX88uV9HfHwtITNyrMnOU52pg4Lnvvtgf74i5q9gMARY9WKnSkL+TYAxTcBSM9Zm goM2MBnMskXfTP73e2GtoaaqseSj1wOXtSqlhpz37z6kqY/6/3KL2/Q4buIFGCG6 mU8Ah1I7VietD+MDvyfrPIADihl4CHEbGr89lQbealIQD//lVwDMdMvC1BfzXOtR zs8tmtjUrUjgF6NfsnCPGR0QW6YMFjcPzdybezpTeBtQI0bHhmei9lo3MpUZu8V/ EuJ10csofeaKR+E0HSD7X7j+NqhBgMi4sP7MUEPzHp04neNDCABMfkPaItp1hFPa bY0TRzMsxKp4Wg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:43:17 2025 by rpki-client