This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft File: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json) Hash identifier: Mgo+nnu9cxGdvTAc8mk8WqqObrXZHqoKAEBVe6ycDMo= Subject key identifier: 56:15:88:B1:E9:A5:FE:D0:5B:31:D3:52:B5:32:71:D9:65:38:5D:68 Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 Certificate issuer: /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Certificate serial: 019AF12D570E99E739F6851D6990634E0B4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 01:01:11 +0000 Manifest this update: Sat 06 Dec 2025 01:01:11 +0000 Manifest next update: Sun 07 Dec 2025 01:01:11 +0000 Files and hashes: 1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: 2bFLTHvW4N9Un2/OgGH7jQkl+PfsFkaUfKZRhU6sQVA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:57:0e:99:e7:39:f6:85:1d:69:90:63:4e:0b:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Validity Not Before: Dec 6 01:01:11 2025 GMT Not After : Dec 7 01:01:11 2025 GMT Subject: CN=561588b1e9a5fed05b31d352b53271d965385d68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:2b:2f:e5:69:f7:25:e7:30:28:04:c4:de:a0: e4:86:bd:b0:ad:c0:7a:41:14:14:3e:97:f8:dd:5c: b8:41:ac:e8:09:3b:36:aa:e2:70:33:cc:79:02:05: e4:e8:2c:11:0e:f2:f5:ce:d5:04:a0:95:dc:e3:f6: 0e:50:c1:38:f1:78:52:e1:0a:e8:78:0a:9a:e2:94: 9d:82:c0:5e:21:c2:07:0b:31:a9:28:20:03:55:5f: e5:60:e2:09:a8:28:eb:41:73:75:20:f2:21:3b:93: 5f:d0:47:53:5f:a5:96:bd:b9:98:5d:38:80:01:9d: 3a:1e:ea:8c:6f:45:65:5c:6e:8e:65:6c:5c:d0:eb: 2c:cc:37:b0:85:83:d9:a6:3a:b5:68:37:c9:d1:ef: 30:d0:fb:42:85:13:6c:cb:4e:f9:2e:eb:47:94:bc: 86:2d:91:a7:9a:47:f2:e9:ad:0c:15:a6:0f:07:87: 73:00:bf:2e:11:7d:34:00:3a:4d:dc:ba:99:b4:90: d8:6f:a0:49:c8:ea:33:55:12:bc:17:36:d7:82:45: ad:20:af:d0:76:e8:43:29:55:6d:fe:93:7b:4e:84: 85:04:97:cd:46:d8:58:02:01:be:90:89:9c:34:18: eb:6f:a6:9d:f3:5a:7b:e4:15:c4:cc:a3:5b:dc:9b: 1e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:15:88:B1:E9:A5:FE:D0:5B:31:D3:52:B5:32:71:D9:65:38:5D:68 X509v3 Authority Key Identifier: keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:39:62:ae:68:9c:bb:9b:67:c1:56:35:6d:ce:49:fd:f3:64: db:98:ba:89:2f:01:ff:4b:06:ef:e8:ed:f1:b7:b0:c5:43:15: 2a:11:af:80:70:0a:6b:8a:ec:c0:e8:5a:fb:da:cf:91:1c:3c: e6:b2:7f:18:6f:33:7a:4c:0f:67:67:e0:76:f3:18:ea:a1:fe: 5a:6d:2e:3b:db:44:29:7f:e2:d4:9c:c7:cf:f4:69:ac:70:61: b1:14:00:b6:c2:5b:11:34:4c:89:d7:29:5b:52:c8:48:7a:40: 6c:fa:36:e8:2c:8f:7b:3c:d7:24:6b:3a:e3:3c:cb:d6:f4:52: 6f:9f:86:01:c6:d4:0a:01:ad:b8:db:b9:1f:cb:48:ed:e2:54: 06:0b:58:08:ec:4d:8f:91:76:f6:5f:bb:a2:ba:42:45:93:8b: 8e:25:a7:72:ed:5b:2a:01:ef:cc:21:6c:99:dd:c7:6d:a3:15: a0:82:2f:aa:c5:1f:93:9d:82:4f:19:3e:ca:09:55:cb:a0:ba: 72:b6:ef:30:ea:79:1b:b1:77:97:cf:83:4f:f1:ca:ba:f1:30: aa:a5:89:56:ed:58:a5:5c:7d:d7:fa:d5:03:18:20:9c:3c:5e: 49:10:51:db:c8:ce:90:da:16:27:26:ce:83:1c:e7:0b:cf:c5: 76:f9:be:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLVcOmec59oUdaZBjTgtPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh ZmVhYTcwHhcNMjUxMjA2MDEwMTExWhcNMjUxMjA3MDEwMTExWjAzMTEwLwYDVQQD Eyg1NjE1ODhiMWU5YTVmZWQwNWIzMWQzNTJiNTMyNzFkOTY1Mzg1ZDY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Csv5Wn3JecwKATE3qDkhr2wrcB6 QRQUPpf43Vy4QazoCTs2quJwM8x5AgXk6CwRDvL1ztUEoJXc4/YOUME48XhS4Qro eAqa4pSdgsBeIcIHCzGpKCADVV/lYOIJqCjrQXN1IPIhO5Nf0EdTX6WWvbmYXTiA AZ06HuqMb0VlXG6OZWxc0OsszDewhYPZpjq1aDfJ0e8w0PtChRNsy075LutHlLyG LZGnmkfy6a0MFaYPB4dzAL8uEX00ADpN3LqZtJDYb6BJyOozVRK8FzbXgkWtIK/Q duhDKVVt/pN7ToSFBJfNRthYAgG+kImcNBjrb6ad81p75BXEzKNb3JselQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFYViLHppf7QWzHTUrUycdllOF1oMB8GA1UdIwQY MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAszlirmic u5tnwVY1bc5J/fNk25i6iS8B/0sG7+jt8bewxUMVKhGvgHAKa4rswOha+9rPkRw8 5rJ/GG8zekwPZ2fgdvMY6qH+Wm0uO9tEKX/i1JzHz/RprHBhsRQAtsJbETRMidcp W1LISHpAbPo26CyPezzXJGs64zzL1vRSb5+GAcbUCgGtuNu5H8tI7eJUBgtYCOxN j5F29l+7orpCRZOLjiWncu1bKgHvzCFsmd3HbaMVoIIvqsUfk52CTxk+yglVy6C6 crbvMOp5G7F3l8+DT/HKuvEwqqWJVu1YpVx91/rVAxggnDxeSRBR28jOkNoWJybO gxznC8/Fdvm+oA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:29 2025 by rpki-client