This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json) Hash identifier: dVdkbuz2eMx6bXx3nRcG3JwcQ3gyv0g8dJ8tvUKXyb4= Subject key identifier: 85:98:31:B7:D2:5E:8D:5E:B7:5E:D1:5D:C1:98:57:65:6F:FB:F1:9E Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d Certificate serial: 019AF276F2BE822F8DC409E8C000F4095221 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft Manifest number: 16F3 Signing time: Sat 06 Dec 2025 07:01:12 +0000 Manifest this update: Sat 06 Dec 2025 07:01:12 +0000 Manifest next update: Sun 07 Dec 2025 07:01:12 +0000 Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: lTllcU7MuH7yAhzUdH1z4N+wDrkl5XKz8Wf6LOI+csY=) 2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:f2:be:82:2f:8d:c4:09:e8:c0:00:f4:09:52:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d Validity Not Before: Dec 6 07:01:12 2025 GMT Not After : Dec 7 07:01:12 2025 GMT Subject: CN=859831b7d25e8d5eb75ed15dc19857656ffbf19e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:cc:75:92:fd:98:71:d8:05:41:20:14:50:4e: f6:3e:38:4d:bb:83:f8:b1:90:fe:46:55:84:76:37: 0e:6d:38:45:ec:69:78:56:a6:94:64:f6:e3:33:5d: 38:f4:92:dc:41:88:80:87:7f:a7:55:0c:5b:94:e5: 81:94:54:8c:77:82:aa:91:ba:c5:25:5e:4c:50:4b: a6:f8:66:51:e1:ea:ea:11:3f:10:8f:d2:27:38:b7: 34:19:80:ae:12:fc:e4:56:02:07:14:d2:4e:df:2f: 44:a5:80:c4:6a:84:51:85:8b:f6:26:ae:3c:26:af: eb:ba:4c:c0:d6:8e:28:3e:e7:e4:ae:69:a8:d3:ba: 9e:f0:98:a6:eb:99:74:48:85:07:e8:85:91:c9:f0: 14:dc:82:9f:da:a2:5a:fc:65:31:c1:7d:61:e4:61: f7:6a:ee:cc:9c:38:0c:24:2e:a5:41:b6:11:91:17: 4a:96:c6:0f:9a:a4:3a:30:f7:09:83:61:58:9f:c7: 49:72:e9:e4:03:cf:19:e6:22:81:8f:2c:2b:b1:e6: c1:59:5c:a0:0a:4f:a6:eb:16:17:09:00:c3:ba:14: 46:bf:43:d1:1d:76:b6:71:65:e2:f5:7a:eb:3a:ab: 5e:cd:3c:0f:77:24:99:94:ff:73:4b:05:4e:79:57: 43:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:98:31:B7:D2:5E:8D:5E:B7:5E:D1:5D:C1:98:57:65:6F:FB:F1:9E X509v3 Authority Key Identifier: keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:e9:ee:35:30:cc:ba:66:8d:4f:26:06:99:d3:23:03:d7:41: f5:8a:9d:5b:d4:0b:37:30:48:c6:e1:19:1b:a0:6f:89:35:ba: d7:86:e4:5b:94:83:6a:0d:f4:4b:8d:21:a7:55:a0:81:8d:bf: 30:2e:8d:c4:72:ed:62:e8:4b:65:4c:63:76:e8:4b:d5:d9:f9: ec:b1:0d:6e:bb:4a:d0:24:4d:88:9b:7c:70:50:ab:77:1a:b4: 89:02:d7:71:96:dd:b1:f2:75:f1:77:09:e7:d9:ac:62:ff:15: 9d:f7:46:47:cd:64:e0:66:d9:4f:72:5d:b7:9f:00:14:92:57: 72:ad:3e:34:51:12:17:01:0c:31:39:b8:cd:5a:64:f6:dc:e1: f7:d7:f7:15:81:31:bf:b2:59:05:9a:bd:6a:04:8a:d3:df:ce: 54:88:8e:8a:47:e4:61:00:cb:af:27:84:48:29:fc:9f:7e:14: cb:b8:b7:71:75:a2:28:4f:7b:34:d8:52:ae:d8:22:c7:af:23: 8b:af:25:0a:d1:ea:1d:9e:de:66:46:af:f9:1f:04:50:87:d5: 48:3d:c1:3a:87:68:1a:81:49:7d:3b:04:d3:ef:2e:c6:fc:bd: a3:2f:eb:09:81:cb:e1:da:5a:7b:1f:e5:91:56:4d:8c:df:c8: c6:a4:a8:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydvK+gi+NxAnowAD0CVIhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm Njk5NmQwHhcNMjUxMjA2MDcwMTEyWhcNMjUxMjA3MDcwMTEyWjAzMTEwLwYDVQQD Eyg4NTk4MzFiN2QyNWU4ZDVlYjc1ZWQxNWRjMTk4NTc2NTZmZmJmMTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8x1kv2YcdgFQSAUUE72PjhNu4P4 sZD+RlWEdjcObThF7Gl4VqaUZPbjM1049JLcQYiAh3+nVQxblOWBlFSMd4KqkbrF JV5MUEum+GZR4erqET8Qj9InOLc0GYCuEvzkVgIHFNJO3y9EpYDEaoRRhYv2Jq48 Jq/rukzA1o4oPufkrmmo07qe8Jim65l0SIUH6IWRyfAU3IKf2qJa/GUxwX1h5GH3 au7MnDgMJC6lQbYRkRdKlsYPmqQ6MPcJg2FYn8dJcunkA88Z5iKBjywrsebBWVyg Ck+m6xYXCQDDuhRGv0PRHXa2cWXi9XrrOqtezTwPdySZlP9zSwVOeVdD3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIWYMbfSXo1et17RXcGYV2Vv+/GeMB8GA1UdIwQY MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnenuNTDM umaNTyYGmdMjA9dB9YqdW9QLNzBIxuEZG6BviTW614bkW5SDag30S40hp1WggY2/ MC6NxHLtYuhLZUxjduhL1dn57LENbrtK0CRNiJt8cFCrdxq0iQLXcZbdsfJ18XcJ 59msYv8VnfdGR81k4GbZT3Jdt58AFJJXcq0+NFESFwEMMTm4zVpk9tzh99f3FYEx v7JZBZq9agSK09/OVIiOikfkYQDLryeESCn8n34Uy7i3cXWiKE97NNhSrtgix68j i68lCtHqHZ7eZkav+R8EUIfVSD3BOodoGoFJfTsE0+8uxvy9oy/rCYHL4dpaex/l kVZNjN/IxqSopw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:43:23 2025 by rpki-client