This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json) Hash identifier: urFCShtKqOYNZHtvVR4OHWr+I8pdEGTFUcIVt0A7XCQ= Subject key identifier: ED:BC:21:FD:3E:64:C5:9F:F4:8B:9D:E4:67:A8:35:4E:47:2F:5D:52 Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590 Certificate serial: 019AF5AE467103997B4778D0244F69812559 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft Manifest number: 1767 Signing time: Sat 06 Dec 2025 22:00:30 +0000 Manifest this update: Sat 06 Dec 2025 22:00:30 +0000 Manifest next update: Sun 07 Dec 2025 22:00:30 +0000 Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: HUEej99LuRRtauZKDIwJj+kMpNCgQJF/Y44kn/g6+pk=) 2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:46:71:03:99:7b:47:78:d0:24:4f:69:81:25:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590 Validity Not Before: Dec 6 22:00:30 2025 GMT Not After : Dec 7 22:00:30 2025 GMT Subject: CN=edbc21fd3e64c59ff48b9de467a8354e472f5d52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:73:1d:a6:af:75:9d:ca:13:1c:37:da:8e:75: 43:aa:29:6c:b4:a3:7e:a5:34:78:de:87:f1:4e:e6: 62:15:87:29:71:61:95:65:c2:ca:3c:96:90:54:37: f8:6e:1f:ce:62:d9:b9:b3:50:1c:da:92:27:ec:1b: 1b:35:04:f8:48:d5:e6:22:ce:c1:af:ca:c2:24:75: 25:be:4d:86:76:79:1f:6e:9d:4e:86:79:e5:2b:d3: f7:8d:ba:e8:05:39:a2:f1:c5:85:7f:3f:dc:dd:dd: c1:d6:b2:a8:0b:25:44:37:04:34:e0:92:ba:eb:ae: 89:bb:0a:5f:9a:69:32:85:c7:4d:da:b4:ea:5f:eb: b6:0e:8a:27:11:af:95:d7:04:31:8f:44:cf:36:07: 93:4e:30:75:60:93:b1:9e:d4:88:36:db:00:60:df: 84:78:bb:55:9d:60:85:ce:e5:c4:1a:34:e2:e8:f8: b9:78:21:7a:69:d6:0f:64:22:47:d9:0c:0e:0b:1a: c8:9b:88:83:74:04:46:13:6f:5c:34:59:2d:e2:f7: 4e:99:b0:27:45:55:70:ef:e3:7f:2d:92:70:49:18: 9f:b7:d3:63:c7:ef:6b:9d:cf:0e:65:c5:d6:fe:fd: e2:c3:20:07:36:8f:48:a5:71:46:6a:e1:84:7a:e7: 78:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:BC:21:FD:3E:64:C5:9F:F4:8B:9D:E4:67:A8:35:4E:47:2F:5D:52 X509v3 Authority Key Identifier: keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:cc:75:7f:ed:47:14:3f:00:9f:cb:e4:d0:75:e6:aa:32:e0: 08:87:3a:ad:5f:af:70:31:e9:cf:42:3d:96:81:17:67:0a:e4: 0e:9e:8e:95:67:5f:74:1b:ab:91:d0:af:ec:9c:8d:e8:b4:ec: 16:0a:d8:2d:84:2b:09:a6:56:13:69:90:78:18:c1:fe:a5:d0: f9:a3:22:f3:50:8c:c8:e8:4b:1c:53:40:ee:0f:c3:c2:68:9d: 0c:da:ae:0e:d1:5c:fe:c0:27:09:41:45:28:d8:ca:f4:89:7f: e5:13:42:76:31:c0:c8:3d:1c:43:b1:ed:5d:76:05:fd:80:1d: 7d:07:b7:90:e0:8d:6f:78:4f:90:d1:34:17:dd:99:d0:7e:29: 7c:51:d5:32:67:7b:75:b6:2a:35:b4:c6:5a:de:87:69:1c:a2: fe:0c:ba:f8:7e:02:80:35:a3:ef:b2:7a:0d:7b:1c:a1:2d:e7: 3a:9d:e0:ae:3f:39:ee:3a:64:76:e9:7a:db:e0:59:d3:5f:81: 15:3c:ef:7a:0b:ab:d9:19:60:42:b6:53:f5:02:0a:79:c0:c8: e8:88:0c:72:72:e7:17:42:84:3c:49:f3:1f:15:30:90:e6:57: 41:73:72:86:85:0d:fe:42:47:e8:0d:91:bb:57:03:2b:d4:0e: c1:d0:15:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rkZxA5l7R3jQJE9pgSVZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5 OTE1OTAwHhcNMjUxMjA2MjIwMDMwWhcNMjUxMjA3MjIwMDMwWjAzMTEwLwYDVQQD EyhlZGJjMjFmZDNlNjRjNTlmZjQ4YjlkZTQ2N2E4MzU0ZTQ3MmY1ZDUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnMdpq91ncoTHDfajnVDqilstKN+ pTR43ofxTuZiFYcpcWGVZcLKPJaQVDf4bh/OYtm5s1Ac2pIn7BsbNQT4SNXmIs7B r8rCJHUlvk2Gdnkfbp1OhnnlK9P3jbroBTmi8cWFfz/c3d3B1rKoCyVENwQ04JK6 666JuwpfmmkyhcdN2rTqX+u2DoonEa+V1wQxj0TPNgeTTjB1YJOxntSINtsAYN+E eLtVnWCFzuXEGjTi6Pi5eCF6adYPZCJH2QwOCxrIm4iDdARGE29cNFkt4vdOmbAn RVVw7+N/LZJwSRift9Njx+9rnc8OZcXW/v3iwyAHNo9IpXFGauGEeud4sQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO28If0+ZMWf9Iud5GeoNU5HL11SMB8GA1UdIwQY MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2 LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAecx1f+1H FD8An8vk0HXmqjLgCIc6rV+vcDHpz0I9loEXZwrkDp6OlWdfdBurkdCv7JyN6LTs FgrYLYQrCaZWE2mQeBjB/qXQ+aMi81CMyOhLHFNA7g/DwmidDNquDtFc/sAnCUFF KNjK9Il/5RNCdjHAyD0cQ7HtXXYF/YAdfQe3kOCNb3hPkNE0F92Z0H4pfFHVMmd7 dbYqNbTGWt6HaRyi/gy6+H4CgDWj77J6DXscoS3nOp3grj857jpkdul62+BZ01+B FTzvegur2RlgQrZT9QIKecDI6IgMcnLnF0KEPEnzHxUwkOZXQXNyhoUN/kJH6A2R u1cDK9QOwdAVQQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:29:07 2025 by rpki-client