This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft File: OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft (raw, json) Hash identifier: cuIAfdN4O4zucApXoq5t5AVlpia1KIpupuYAsqQuFbs= Subject key identifier: 17:49:91:B4:D6:6E:E3:30:DF:1C:D7:CE:FB:57:40:FD:05:82:A4:41 Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b Certificate serial: 019AF31C81EBC6527996673DD301F318ADEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft Manifest number: 1766 Signing time: Sat 06 Dec 2025 10:02:02 +0000 Manifest this update: Sat 06 Dec 2025 10:02:02 +0000 Manifest next update: Sun 07 Dec 2025 10:02:02 +0000 Files and hashes: 1: 5r0GrYVoAysKJDuHDPTj-1MVWCQ.roa (hash: XAzmjxdrpIx5mLyehPHseK/+jaakSPTIZ07v9R3ktfQ=) 2: 7gpUO99SfoacmIWvz5o-z3ESpPc.roa (hash: jBBU4x8HtuG0AJgjijT3pv++S+IgCjRtCv3AjftIABQ=) 3: JOJ9b2WkEIXJpzQl9CDXk_CHY94.roa (hash: SAmYAd0xvQRGMk1x62ICIfIVJyfWTunRcVeOhZ1E3l0=) 4: OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl (hash: TkHfs5uvya6AxUVSs6iO0F/6238BV454ekPXGvUpQB0=) 5: _MMbboen6fjGZxdl1sjrAWa0F6o.roa (hash: lasMNF+CDNUkmhfnkFUMcQ2+Q/sn4RwC142SJaDCsYo=) 6: qTT5EzYYejgHx_-gozkgtiyWSxE.roa (hash: WcMM5EKO8L7zVDvgOOXzTCPHLyfkpMtxpa7CTFKHemk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:81:eb:c6:52:79:96:67:3d:d3:01:f3:18:ad:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b Validity Not Before: Dec 6 10:02:02 2025 GMT Not After : Dec 7 10:02:02 2025 GMT Subject: CN=174991b4d66ee330df1cd7cefb5740fd0582a441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b4:30:20:8f:16:b4:4d:cb:d1:85:e5:f5:7e: 10:ae:0c:49:e5:73:13:0a:0d:90:84:6f:0b:c8:19: 52:90:6f:4e:46:aa:6f:2e:d0:4c:76:92:75:bb:0c: 06:91:41:9c:d0:ac:82:16:06:ab:88:a3:8c:05:fb: 41:60:64:cb:bd:2d:4b:cb:6e:67:78:d6:91:8a:6b: 61:f9:24:d1:2e:e2:82:b6:9f:12:f4:8b:a7:12:18: c1:d2:51:7d:4b:41:ed:27:09:5f:7f:1f:e9:75:24: d0:8e:24:22:73:16:6c:35:e9:cf:d9:b0:0d:23:03: 2c:a0:1a:fc:10:f4:a4:8c:c5:a4:30:be:35:23:fb: 73:b4:56:cc:d0:f9:24:75:0c:e8:ee:4e:66:31:27: 77:94:e1:17:c8:e6:2d:54:e8:8e:8d:e4:f6:c6:18: a7:df:38:7e:82:61:43:1f:10:59:dd:ef:6e:90:3e: db:f0:c5:89:ab:76:93:77:5e:af:05:d0:48:58:4a: 39:d2:3e:2c:ec:15:08:c6:23:cf:bd:58:5b:25:29: 28:1c:bd:f1:62:5c:fb:3c:b7:fb:5e:2c:5b:a9:7a: cb:29:4b:d0:e6:7e:49:79:5f:ee:ba:a9:99:33:60: f7:06:5c:2a:73:5b:83:87:64:9b:94:82:1b:84:e6: 64:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:49:91:B4:D6:6E:E3:30:DF:1C:D7:CE:FB:57:40:FD:05:82:A4:41 X509v3 Authority Key Identifier: keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:5f:bc:e1:5c:7d:dd:cf:16:cb:98:8e:4f:6e:d0:ac:cd:87: cd:cf:5e:54:be:0b:4c:35:7c:48:76:bc:20:73:a0:37:0f:3c: a1:e0:0a:f0:5c:4c:08:49:1e:7c:ad:d6:9c:2c:15:65:fa:66: 01:a5:d8:2b:08:b1:38:e0:3d:a2:6f:8c:0f:21:df:8b:ce:6a: 61:2f:6f:68:36:08:7c:73:b3:c7:10:eb:94:a0:9a:96:7f:62: 6e:e0:fa:12:bd:df:98:9d:6c:56:ae:3b:18:ce:04:64:00:0c: 42:96:12:b0:39:cf:a3:be:85:55:90:92:3f:b7:98:4b:0a:6c: 14:f4:8a:2d:cd:99:69:1a:f7:9e:a2:29:67:ba:87:3b:3b:1e: 69:f6:ed:6a:6f:8e:bc:1b:4d:46:45:e6:78:81:22:f8:f1:64: 16:97:10:17:6d:b0:ab:53:a5:ff:04:cd:47:89:8e:4f:cc:38: 3c:7e:66:73:55:e1:3b:d5:c7:4b:05:ee:e8:e3:19:0b:bc:09: 63:04:ec:7d:77:41:fa:ea:d1:9b:15:25:9c:0e:98:39:c0:52: 49:6e:c3:99:21:ec:93:50:12:3e:b6:c7:c4:9e:3c:bf:f5:4e: f8:41:82:00:95:a3:f4:d1:bf:83:c8:0e:86:a9:87:0a:0f:2e: d5:44:85:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHIHrxlJ5lmc90wHzGK3rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk ODI0MGIwHhcNMjUxMjA2MTAwMjAyWhcNMjUxMjA3MTAwMjAyWjAzMTEwLwYDVQQD EygxNzQ5OTFiNGQ2NmVlMzMwZGYxY2Q3Y2VmYjU3NDBmZDA1ODJhNDQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLQwII8WtE3L0YXl9X4QrgxJ5XMT Cg2QhG8LyBlSkG9ORqpvLtBMdpJ1uwwGkUGc0KyCFgariKOMBftBYGTLvS1Ly25n eNaRimth+STRLuKCtp8S9IunEhjB0lF9S0HtJwlffx/pdSTQjiQicxZsNenP2bAN IwMsoBr8EPSkjMWkML41I/tztFbM0PkkdQzo7k5mMSd3lOEXyOYtVOiOjeT2xhin 3zh+gmFDHxBZ3e9ukD7b8MWJq3aTd16vBdBIWEo50j4s7BUIxiPPvVhbJSkoHL3x Ylz7PLf7XixbqXrLKUvQ5n5JeV/uuqmZM2D3Blwqc1uDh2SblIIbhOZkhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBdJkbTWbuMw3xzXzvtXQP0FgqRBMB8GA1UdIwQY MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt MWQ3MDNiNDk2NjM0LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0 LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAil+84Vx9 3c8Wy5iOT27QrM2Hzc9eVL4LTDV8SHa8IHOgNw88oeAK8FxMCEkefK3WnCwVZfpm AaXYKwixOOA9om+MDyHfi85qYS9vaDYIfHOzxxDrlKCaln9ibuD6Er3fmJ1sVq47 GM4EZAAMQpYSsDnPo76FVZCSP7eYSwpsFPSKLc2ZaRr3nqIpZ7qHOzseafbtam+O vBtNRkXmeIEi+PFkFpcQF22wq1Ol/wTNR4mOT8w4PH5mc1XhO9XHSwXu6OMZC7wJ YwTsfXdB+urRmxUlnA6YOcBSSW7DmSHsk1ASPrbHxJ48v/VO+EGCAJWj9NG/g8gO hqmHCg8u1USFnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:38:45 2025 by rpki-client