This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft File: oI5By_3vrQuw4pckeswaIB0t9KA.mft (raw, json) Hash identifier: 7JoDmS86dFcud94SUipuRyLe8g73sx6OwRPKsmvxOAA= Subject key identifier: 22:61:18:E8:A8:CC:A5:14:F6:36:25:79:42:E0:48:3F:CD:57:C0:55 Authority key identifier: A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0 Certificate issuer: /CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0 Certificate serial: 019AF5AEB6A5F44285B733B0E4D152A4FBE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft Manifest number: 12F7 Signing time: Sat 06 Dec 2025 22:00:59 +0000 Manifest this update: Sat 06 Dec 2025 22:00:59 +0000 Manifest next update: Sun 07 Dec 2025 22:00:59 +0000 Files and hashes: 1: kaGph50MrnZk9_Ae5Md0JZHkmEM.roa (hash: KOuavh84jne4Oayx4KsSyaMHm/sNkEEba6rU0bPnEbc=) 2: oI5By_3vrQuw4pckeswaIB0t9KA.crl (hash: Nm1ezeF8Dnio5sJyA9JHJWdGypVkOJYydL3/nrQY6Ak=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:b6:a5:f4:42:85:b7:33:b0:e4:d1:52:a4:fb:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0 Validity Not Before: Dec 6 22:00:59 2025 GMT Not After : Dec 7 22:00:59 2025 GMT Subject: CN=226118e8a8cca514f636257942e0483fcd57c055 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:05:1f:3a:95:ee:aa:30:51:cc:0e:03:7c:7c: 09:65:df:e1:e8:80:b2:a9:59:da:6d:a6:88:15:4b: 3b:0c:bf:a9:65:ca:71:59:85:4a:9e:18:f2:ec:a7: 82:c7:3d:33:9c:4d:8a:05:3a:d4:3f:ec:01:14:ea: bf:3a:11:db:f2:17:86:73:20:9f:b2:c5:60:a7:29: 4a:76:cc:15:f8:ed:de:af:f6:83:a4:96:5d:64:2f: c2:e4:89:89:64:80:4f:86:e4:5b:c3:cd:b8:0e:fd: 48:7d:6b:3b:94:e3:c4:6b:37:62:d9:da:7b:9f:f5: 72:d3:f2:b4:58:f5:36:c1:24:ce:a2:38:bc:18:9d: 5c:fd:c0:3a:45:72:40:da:8e:66:ab:eb:a8:5d:90: 37:ad:a7:a3:d3:cc:e0:28:f4:27:9f:21:df:ec:e5: 12:69:35:fa:cb:3c:01:f3:2a:15:b4:97:d5:e6:af: d6:f2:82:55:ab:aa:92:52:10:f2:6f:9c:ea:01:00: 10:9f:be:01:7a:e5:34:b4:dd:c8:36:ee:90:9b:d4: 6b:db:c3:70:70:4a:c2:1b:66:ca:c1:a7:07:0a:8d: 6a:4f:96:72:71:10:4f:ff:e8:3c:86:b1:4e:6c:9f: a2:2d:1e:13:f4:e3:86:08:2b:81:16:5f:9f:56:14: ea:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:61:18:E8:A8:CC:A5:14:F6:36:25:79:42:E0:48:3F:CD:57:C0:55 X509v3 Authority Key Identifier: keyid:A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:7a:a6:d8:6d:4c:62:8c:fa:f5:37:8c:80:bd:05:cb:1a:32: 38:41:1d:80:c7:9e:8b:1b:bb:71:8d:83:da:4e:43:6d:90:69: 98:4d:37:ab:f6:88:36:9d:0f:31:e8:0a:e2:98:63:e8:6c:69: a5:ef:e3:9b:84:a9:4e:79:ef:83:15:29:1c:f5:47:1e:3d:66: 0d:5b:e1:53:0a:64:34:58:fc:a7:7d:f3:da:3a:e8:f3:0b:33: 96:72:af:c3:4a:42:5e:e3:4c:6e:00:e1:cc:ac:f3:3a:51:16: b3:bf:7b:77:9f:2d:1a:85:e5:fb:ff:67:b4:29:3b:ca:44:0e: 18:2d:7a:af:32:b1:bc:2b:81:3b:19:57:91:f6:8b:6b:b4:71: f0:5b:5b:31:0a:31:0b:8b:53:2b:35:55:b8:de:71:05:1d:6d: 64:fd:82:ff:07:bf:87:62:cf:80:08:65:ca:b1:2f:af:9e:39: 63:b3:04:60:98:ea:4e:1b:45:f3:c1:90:dd:86:1b:1d:d0:39: 62:49:3a:86:b4:be:35:cc:94:ed:83:61:aa:0f:f0:fa:48:01: d6:54:f3:c1:c5:0e:b5:29:7e:96:49:4f:c3:51:fa:b5:c2:dd: c3:0a:94:4d:6f:ef:dd:e6:b1:af:83:e2:dc:26:73:b0:f0:44: d5:b4:eb:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rral9EKFtzOw5NFSpPvlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwOGU0MWNiZmRlZmFkMGJiMGUyOTcyNDdhY2MxYTIwMWQy ZGY0YTAwHhcNMjUxMjA2MjIwMDU5WhcNMjUxMjA3MjIwMDU5WjAzMTEwLwYDVQQD EygyMjYxMThlOGE4Y2NhNTE0ZjYzNjI1Nzk0MmUwNDgzZmNkNTdjMDU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAUfOpXuqjBRzA4DfHwJZd/h6ICy qVnabaaIFUs7DL+pZcpxWYVKnhjy7KeCxz0znE2KBTrUP+wBFOq/OhHb8heGcyCf ssVgpylKdswV+O3er/aDpJZdZC/C5ImJZIBPhuRbw824Dv1IfWs7lOPEazdi2dp7 n/Vy0/K0WPU2wSTOoji8GJ1c/cA6RXJA2o5mq+uoXZA3raej08zgKPQnnyHf7OUS aTX6yzwB8yoVtJfV5q/W8oJVq6qSUhDyb5zqAQAQn74BeuU0tN3INu6Qm9Rr28Nw cErCG2bKwacHCo1qT5ZycRBP/+g8hrFObJ+iLR4T9OOGCCuBFl+fVhTqeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCJhGOiozKUU9jYleULgSD/NV8BVMB8GA1UdIwQY MBaAFKCOQcv9760LsOKXJHrMGiAdLfSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzkt NjU4ZDRjNDYyOGFkLzEvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzktNjU4ZDRjNDYyOGFk LzEvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnqm2G1M Yoz69TeMgL0FyxoyOEEdgMeeixu7cY2D2k5DbZBpmE03q/aINp0PMegK4phj6Gxp pe/jm4SpTnnvgxUpHPVHHj1mDVvhUwpkNFj8p33z2jro8wszlnKvw0pCXuNMbgDh zKzzOlEWs797d58tGoXl+/9ntCk7ykQOGC16rzKxvCuBOxlXkfaLa7Rx8FtbMQox C4tTKzVVuN5xBR1tZP2C/we/h2LPgAhlyrEvr545Y7MEYJjqThtF88GQ3YYbHdA5 Ykk6hrS+NcyU7YNhqg/w+kgB1lTzwcUOtSl+lklPw1H6tcLdwwqUTW/v3eaxr4Pi 3CZzsPBE1bTrrA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:56:38 2025 by rpki-client