This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft File: oNPtV5U0igTn7NFy12QvqWIJcoc.mft (raw, json) Hash identifier: +KqffKbGa8My5Vmi4SrOjUZt6uRvpKLnMW4SBHPdhzY= Subject key identifier: FC:4B:2C:4C:82:6A:EC:63:A3:23:03:4B:D4:05:64:5D:37:C6:61:48 Authority key identifier: A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87 Certificate issuer: /CN=a0d3ed5795348a04e7ecd172d7642fa962097287 Certificate serial: 019B397D349FA3D425754EB21ED7FF3DCE36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft Manifest number: 046D Signing time: Sat 20 Dec 2025 02:01:05 +0000 Manifest this update: Sat 20 Dec 2025 02:01:05 +0000 Manifest next update: Sun 21 Dec 2025 02:01:05 +0000 Files and hashes: 1: _Z612WlN8ZfOi7lH-p4HrmdXgXQ.roa (hash: QscoaDsHFH3nysubWrv1ADSV365kESJ9Bam6CnFtw2M=) 2: oNPtV5U0igTn7NFy12QvqWIJcoc.crl (hash: T6XT12lP7tUhMYPbmWO0aCyCJ8C5NVLxtmqnbU4yY+c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:34:9f:a3:d4:25:75:4e:b2:1e:d7:ff:3d:ce:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0d3ed5795348a04e7ecd172d7642fa962097287 Validity Not Before: Dec 20 02:01:05 2025 GMT Not After : Dec 21 02:01:05 2025 GMT Subject: CN=fc4b2c4c826aec63a323034bd405645d37c66148 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f5:92:8f:4c:d2:68:06:02:e7:1d:d7:ec:37: 3c:f6:18:10:aa:0c:e9:e3:c9:df:27:58:12:d5:2a: 21:cb:b9:0b:dc:e5:42:19:1a:0b:4a:e3:aa:53:dc: 0f:04:86:5e:db:7b:ad:2f:e1:3d:d7:d3:5e:a2:60: cb:4b:8e:39:d7:4a:8c:66:ac:78:48:ab:3e:c9:38: 58:6f:92:4d:a3:b1:a7:f1:1f:53:04:e5:66:af:b8: f0:02:54:4b:d0:5b:32:de:25:6f:a8:cc:ca:1c:46: 3f:ad:81:d9:ad:f3:48:53:06:5b:41:ee:12:27:30: 5f:5a:ad:cf:e0:4e:4c:a2:45:d9:bb:0d:bd:bf:7a: bd:b8:f2:53:53:e6:1b:f8:d6:b4:c5:8a:fb:3c:70: d7:e7:9d:5a:14:02:30:17:cb:d7:8c:8d:8a:df:2e: 15:b2:34:50:c1:44:56:ef:1a:9e:e4:6e:22:48:5f: fe:aa:19:38:cf:71:73:e9:89:55:ba:b5:42:3d:49: 61:aa:65:52:de:ff:aa:c8:a1:cf:f2:f7:45:a2:c9: 06:9e:40:a1:7f:3d:b0:66:a4:93:49:f0:4c:b0:48: 5a:f8:4c:f4:f0:27:e7:cc:91:58:0f:9c:79:06:86: 0f:bc:ea:65:4c:ad:0a:d6:32:5e:a9:75:01:6a:63: 42:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:4B:2C:4C:82:6A:EC:63:A3:23:03:4B:D4:05:64:5D:37:C6:61:48 X509v3 Authority Key Identifier: keyid:A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:6b:70:70:49:10:5a:52:ff:9a:0f:16:89:19:c1:ad:98:0e: 44:64:0f:eb:a7:28:a2:75:97:93:ee:f2:0c:b2:98:d1:3b:0d: 16:81:0c:4d:e2:ec:2f:ff:46:83:3e:da:5c:e4:82:a4:ed:a5: eb:03:d0:e5:15:05:b1:64:9b:33:7d:a5:43:cd:18:5e:29:f7: d6:c3:f1:f4:ef:27:4a:23:93:78:5b:ec:1a:77:fc:58:38:d8: e7:91:0d:6d:3e:a7:cb:35:e0:c8:90:db:5a:35:2b:e0:3e:91: db:4c:bd:41:4b:42:83:0d:fc:87:b2:d7:66:71:41:27:86:a6: cb:b7:af:26:b8:8e:91:2a:d8:33:15:ee:14:c1:97:55:25:ca: 82:92:ba:c4:9b:68:89:80:af:42:7b:f9:ff:a9:ac:a5:d9:83: 02:a1:ab:ca:a1:9c:97:50:0c:6f:b8:dd:13:44:a0:45:b3:36: 6b:4f:8c:4d:77:c1:5d:cf:aa:33:b5:53:68:f0:c4:6b:a2:e1: 8d:1a:c0:26:df:20:c4:89:4b:bf:1d:f8:7c:7e:89:72:e7:9c: c0:64:a0:8b:47:05:8f:46:98:67:df:a4:8c:ca:05:78:55:8e: 6c:81:63:dc:31:22:5a:54:69:68:27:be:a3:4b:d0:fd:0f:27: 1b:98:d4:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fTSfo9QldU6yHtf/Pc42MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZDNlZDU3OTUzNDhhMDRlN2VjZDE3MmQ3NjQyZmE5NjIw OTcyODcwHhcNMjUxMjIwMDIwMTA1WhcNMjUxMjIxMDIwMTA1WjAzMTEwLwYDVQQD EyhmYzRiMmM0YzgyNmFlYzYzYTMyMzAzNGJkNDA1NjQ1ZDM3YzY2MTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvWSj0zSaAYC5x3X7Dc89hgQqgzp 48nfJ1gS1Sohy7kL3OVCGRoLSuOqU9wPBIZe23utL+E919NeomDLS44510qMZqx4 SKs+yThYb5JNo7Gn8R9TBOVmr7jwAlRL0Fsy3iVvqMzKHEY/rYHZrfNIUwZbQe4S JzBfWq3P4E5MokXZuw29v3q9uPJTU+Yb+Na0xYr7PHDX551aFAIwF8vXjI2K3y4V sjRQwURW7xqe5G4iSF/+qhk4z3Fz6YlVurVCPUlhqmVS3v+qyKHP8vdFoskGnkCh fz2wZqSTSfBMsEha+Ez08CfnzJFYD5x5BoYPvOplTK0K1jJeqXUBamNCmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxLLEyCauxjoyMDS9QFZF03xmFIMB8GA1UdIwQY MBaAFKDT7VeVNIoE5+zRctdkL6liCXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUt NzkwYmM5MWE1OWU2LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUtNzkwYmM5MWE1OWU2 LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv2twcEkQ WlL/mg8WiRnBrZgORGQP66coonWXk+7yDLKY0TsNFoEMTeLsL/9Ggz7aXOSCpO2l 6wPQ5RUFsWSbM32lQ80YXin31sPx9O8nSiOTeFvsGnf8WDjY55ENbT6nyzXgyJDb WjUr4D6R20y9QUtCgw38h7LXZnFBJ4amy7evJriOkSrYMxXuFMGXVSXKgpK6xJto iYCvQnv5/6mspdmDAqGryqGcl1AMb7jdE0SgRbM2a0+MTXfBXc+qM7VTaPDEa6Lh jRrAJt8gxIlLvx34fH6JcuecwGSgi0cFj0aYZ9+kjMoFeFWObIFj3DEiWlRpaCe+ o0vQ/Q8nG5jU9A== -----END CERTIFICATE-----Generated at Sat Dec 20 10:21:40 2025 by rpki-client