This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json) Hash identifier: kMRBOauHTqMPOhXALJYwI1YXXbOpzrpqsGfuMfkhyjg= Subject key identifier: 1D:16:E0:A1:57:E6:67:A6:54:90:66:D4:FC:61:4D:D0:5E:F1:4A:E9 Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Certificate serial: 019AF31C96477E04490BC093BE17D86CC16C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft Manifest number: 0218 Signing time: Sat 06 Dec 2025 10:02:08 +0000 Manifest this update: Sat 06 Dec 2025 10:02:08 +0000 Manifest next update: Sun 07 Dec 2025 10:02:08 +0000 Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=) 2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: nKqQ+gT5jdNj9/HTxbXrH6uPe5KuqJCnmB7RqR0J+wI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:96:47:7e:04:49:0b:c0:93:be:17:d8:6c:c1:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Validity Not Before: Dec 6 10:02:08 2025 GMT Not After : Dec 7 10:02:08 2025 GMT Subject: CN=1d16e0a157e667a6549066d4fc614dd05ef14ae9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:90:e5:e1:3b:85:2b:fb:a1:ed:1a:cb:48:0b: 6d:28:b1:dc:dd:3d:df:14:64:87:3a:6a:6c:0e:bd: 48:66:fa:79:11:75:d0:b5:e5:95:d6:91:87:c9:21: 44:2b:95:42:52:8b:b1:6e:63:bb:37:03:74:df:f1: da:b8:ba:5b:fe:4f:2d:cc:e5:73:8f:42:1a:f4:bc: 33:39:86:c4:ac:cb:2c:75:16:3d:49:0c:75:79:0f: 89:97:45:ac:aa:09:2b:33:a6:7d:18:f9:b0:a8:83: 7b:68:7a:9b:6b:c5:47:f7:50:60:c2:a4:f9:ce:b6: c8:83:24:0a:e2:f8:62:e6:13:9a:d8:d2:8e:01:30: 8a:94:3a:0e:50:c6:90:b4:37:b4:f0:c9:7b:d6:d8: 50:78:f6:1c:9f:41:84:01:e7:c8:c3:aa:19:fd:e6: d6:cf:9e:1e:59:fc:4e:58:a5:30:d2:b3:95:0b:13: b7:d9:35:e8:3d:ba:1a:19:33:87:fc:74:f3:b1:6d: b7:c3:e4:09:cc:3e:45:a3:60:e4:86:2e:7b:d2:a2: 09:0f:17:45:42:3c:c3:da:83:82:2a:75:73:76:c5: 70:c2:ee:1a:ef:09:34:2a:9b:02:e2:2f:02:b2:41: 3a:9a:14:f5:f9:dd:6c:0e:d5:6e:cd:4b:c3:38:79: c6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:16:E0:A1:57:E6:67:A6:54:90:66:D4:FC:61:4D:D0:5E:F1:4A:E9 X509v3 Authority Key Identifier: keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:fd:ad:e0:54:65:3b:9f:87:bf:2d:45:a9:72:0e:8b:1b:fb: 34:a8:f1:83:35:40:b3:88:1a:f8:f9:3a:78:b6:da:72:27:59: 51:5a:60:f5:43:0b:c1:e2:01:23:c9:05:30:45:7e:eb:c4:f8: 9d:ce:5e:c0:45:4d:31:16:fa:de:83:5d:bc:d3:4d:e4:8f:b1: 7e:10:f6:bf:16:10:eb:12:04:69:66:a8:da:46:78:b7:7e:c5: 15:2e:ef:f1:3e:ba:83:59:15:f9:03:91:e8:5c:f7:da:a4:53: 13:4b:64:88:f7:d4:8e:24:75:79:ab:c3:d9:9a:86:e8:7c:39: 90:66:c1:eb:fe:03:7e:d3:86:df:5e:51:d2:3b:96:e1:ba:f6: 4f:ec:40:85:0b:7a:76:13:81:62:cb:01:6c:d2:91:2e:f9:d1: a1:58:dc:5a:70:a7:88:70:4b:e4:f1:30:1d:5f:5e:57:61:9b: 3a:f0:c1:29:b7:bb:4a:bd:0f:db:ac:1b:9a:44:aa:45:83:37: b8:6e:b3:0b:a6:97:fa:05:29:9e:4a:30:42:59:4e:f7:cb:72: 4e:75:61:89:8e:3c:0d:50:08:9c:c7:57:5f:de:b5:49:07:bc: f3:76:28:9b:12:8f:5e:80:a9:65:60:03:72:dc:f5:0c:37:eb: 71:60:e1:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHJZHfgRJC8CTvhfYbMFsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl OGZkMmIwHhcNMjUxMjA2MTAwMjA4WhcNMjUxMjA3MTAwMjA4WjAzMTEwLwYDVQQD EygxZDE2ZTBhMTU3ZTY2N2E2NTQ5MDY2ZDRmYzYxNGRkMDVlZjE0YWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpDl4TuFK/uh7RrLSAttKLHc3T3f FGSHOmpsDr1IZvp5EXXQteWV1pGHySFEK5VCUouxbmO7NwN03/HauLpb/k8tzOVz j0Ia9LwzOYbErMssdRY9SQx1eQ+Jl0WsqgkrM6Z9GPmwqIN7aHqba8VH91BgwqT5 zrbIgyQK4vhi5hOa2NKOATCKlDoOUMaQtDe08Ml71thQePYcn0GEAefIw6oZ/ebW z54eWfxOWKUw0rOVCxO32TXoPboaGTOH/HTzsW23w+QJzD5Fo2Dkhi570qIJDxdF QjzD2oOCKnVzdsVwwu4a7wk0KpsC4i8CskE6mhT1+d1sDtVuzUvDOHnGCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB0W4KFX5memVJBm1PxhTdBe8UrpMB8GA1UdIwQY MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/2t4FRl O5+Hvy1FqXIOixv7NKjxgzVAs4ga+Pk6eLbacidZUVpg9UMLweIBI8kFMEV+68T4 nc5ewEVNMRb63oNdvNNN5I+xfhD2vxYQ6xIEaWao2kZ4t37FFS7v8T66g1kV+QOR 6Fz32qRTE0tkiPfUjiR1eavD2ZqG6Hw5kGbB6/4DftOG315R0juW4br2T+xAhQt6 dhOBYssBbNKRLvnRoVjcWnCniHBL5PEwHV9eV2GbOvDBKbe7Sr0P26wbmkSqRYM3 uG6zC6aX+gUpnkowQllO98tyTnVhiY48DVAInMdXX961SQe883YomxKPXoCpZWAD ctz1DDfrcWDhNg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:48:51 2025 by rpki-client