This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft File: owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json) Hash identifier: fCp87Yg0KkOkRoZgOZpsyzniJvRLjFzZf8PpIO+359s= Subject key identifier: 70:77:A4:94:C5:83:42:68:9C:21:E1:58:23:14:B7:B2:6E:27:73:EA Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79 Certificate issuer: /CN=a308dccc47584c3fa8261db7926a2e40172b3f79 Certificate serial: 019B3F7F343833F510310B2B338E753F47D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft Manifest number: 045B Signing time: Sun 21 Dec 2025 06:00:59 +0000 Manifest this update: Sun 21 Dec 2025 06:00:59 +0000 Manifest next update: Mon 22 Dec 2025 06:00:59 +0000 Files and hashes: 1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: GLRLz6sW3ZF6QZxkl/mOcT1ss4X6vE+rsYd0ADDoxtQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:34:38:33:f5:10:31:0b:2b:33:8e:75:3f:47:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79 Validity Not Before: Dec 21 06:00:59 2025 GMT Not After : Dec 22 06:00:59 2025 GMT Subject: CN=7077a494c58342689c21e1582314b7b26e2773ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d1:2a:51:be:be:ed:bf:ed:50:1f:1f:77:49: f5:40:9b:6a:25:03:41:ab:0e:75:1d:c5:7d:ad:45: 7f:88:f8:88:1f:76:53:33:57:4a:ea:44:68:83:ae: eb:0f:80:19:aa:99:2f:da:a0:93:28:e0:db:59:a3: cb:ed:a2:e6:11:28:45:8d:13:a6:26:03:74:b0:89: 2f:c4:ac:13:7a:fa:04:75:1e:e8:0e:c6:a6:66:e6: 89:c8:8f:31:dc:2e:92:df:c4:69:70:d3:9f:94:73: 12:20:81:75:88:61:d1:4b:e5:10:d9:c7:13:6d:53: bf:b0:99:81:7f:47:3c:4f:55:4c:20:42:56:90:51: 29:89:76:9d:55:36:72:c7:10:6a:f0:c2:00:16:a5: 7d:9a:79:19:7a:f8:a3:c0:50:66:02:8a:b1:75:d3: b8:4f:5a:3c:00:71:2d:72:40:2f:9a:c8:77:9e:f8: 82:71:d2:d8:b7:e5:ab:1c:39:e3:c0:27:4a:84:22: 18:84:b4:6c:88:be:7d:6e:89:b0:82:ca:b7:c2:e4: aa:49:9b:cf:18:ec:63:69:71:3f:b5:7f:52:8c:da: 71:6c:69:72:75:57:65:44:e0:87:db:7b:06:81:13: 7a:fc:b8:5a:0d:f7:49:88:0f:8e:21:55:8d:13:45: 2a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:77:A4:94:C5:83:42:68:9C:21:E1:58:23:14:B7:B2:6E:27:73:EA X509v3 Authority Key Identifier: keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:9b:9c:94:13:0b:bc:ff:5a:c8:ec:f5:04:02:ac:0e:9c:5f: 83:4c:43:27:fb:96:41:04:cb:49:a7:71:3d:9c:8c:cb:a9:5c: 43:2e:53:78:4b:33:02:4f:7c:0c:23:55:12:f9:6e:69:9d:e9: f8:97:be:ab:36:f2:6a:dc:ec:09:92:9a:01:aa:e7:6d:6c:87: 36:21:35:21:64:d3:e2:94:99:e4:4c:ad:26:ff:33:91:b0:20: a9:d1:e1:42:1b:d9:87:c9:2c:21:11:09:42:73:90:5b:ca:26: 79:f2:c5:8f:5e:80:35:d6:f5:25:1e:cf:4e:8f:34:06:90:2d: cb:70:01:89:1a:f8:0d:f4:c5:be:80:c9:b4:de:1b:16:3d:7a: fa:b6:52:9e:d3:39:25:ab:79:a0:15:18:67:13:e5:d8:87:80: 09:d3:20:31:b2:7b:0e:fd:05:72:60:0c:b4:af:03:d8:65:39: 8c:41:ef:ea:1e:cb:0a:70:a2:b4:55:23:60:be:66:a4:aa:75: ef:0f:b9:79:69:a8:0f:fb:7e:59:c2:68:97:30:ed:3c:4a:27: 41:d2:6e:2e:87:62:5b:85:67:bf:73:9c:38:be:41:7e:9a:d8: df:34:15:a9:42:1d:04:0f:cd:f9:46:bc:0f:b9:95:5a:fb:68: 38:02:49:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fzQ4M/UQMQsrM451P0fRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy YjNmNzkwHhcNMjUxMjIxMDYwMDU5WhcNMjUxMjIyMDYwMDU5WjAzMTEwLwYDVQQD Eyg3MDc3YTQ5NGM1ODM0MjY4OWMyMWUxNTgyMzE0YjdiMjZlMjc3M2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09EqUb6+7b/tUB8fd0n1QJtqJQNB qw51HcV9rUV/iPiIH3ZTM1dK6kRog67rD4AZqpkv2qCTKODbWaPL7aLmEShFjROm JgN0sIkvxKwTevoEdR7oDsamZuaJyI8x3C6S38RpcNOflHMSIIF1iGHRS+UQ2ccT bVO/sJmBf0c8T1VMIEJWkFEpiXadVTZyxxBq8MIAFqV9mnkZevijwFBmAoqxddO4 T1o8AHEtckAvmsh3nviCcdLYt+WrHDnjwCdKhCIYhLRsiL59bomwgsq3wuSqSZvP GOxjaXE/tX9SjNpxbGlydVdlROCH23sGgRN6/LhaDfdJiA+OIVWNE0UqDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHB3pJTFg0JonCHhWCMUt7JuJ3PqMB8GA1UdIwQY MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZuclBML vP9ayOz1BAKsDpxfg0xDJ/uWQQTLSadxPZyMy6lcQy5TeEszAk98DCNVEvluaZ3p +Je+qzbyatzsCZKaAarnbWyHNiE1IWTT4pSZ5EytJv8zkbAgqdHhQhvZh8ksIREJ QnOQW8omefLFj16ANdb1JR7PTo80BpAty3ABiRr4DfTFvoDJtN4bFj16+rZSntM5 Jat5oBUYZxPl2IeACdMgMbJ7Dv0FcmAMtK8D2GU5jEHv6h7LCnCitFUjYL5mpKp1 7w+5eWmoD/t+WcJolzDtPEonQdJuLodiW4Vnv3OcOL5BfprY3zQVqUIdBA/N+Ua8 D7mVWvtoOAJJaw== -----END CERTIFICATE-----Generated at Sun Dec 21 10:22:09 2025 by rpki-client